?
Solved

how to prevent users from seeing Calendar details

Posted on 2013-11-15
20
Medium Priority
?
740 Views
Last Modified: 2013-11-21
how to prevent users from seeing Calendar details

I would like   to  prevent users from seeing Calendar details of other users.
For instance, if I open an new appointment and add attendees, I will be able to see their calendar details.. All I need to show up is Free/Busy.
In Exchange Sharing Policy it setup to Free/busy Only...but I still can see calendar details of other people.

any help will be very  much appreciated.

Thank you
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 3
  • 3
20 Comments
 
LVL 11

Expert Comment

by:Gregory Miller
ID: 39652722
The answer somewhat depends on what steps you are taking to be able to see their details and exactly what details are you talking about? What version of Outlook/Exchange are you using?
0
 

Author Comment

by:jskfan
ID: 39652813
We use Exchange 2010 and Outlook 2010.
for instance , you create new appointment and when you add an attendee , you will see for instance tuesday 10am to 11am that he is having Lunch with his wife....etc...
it should only show Busy or Free...

I checked Exchange server  sharing policy, and it is set up for Free/Busy...

For instance:
In my Outlook Calendar permissions , the "Default" user permissions is set to Reviewer, even if I change it manually to Free/Busy time, the next day I will go back and see it changed back to Reviewer...
0
 
LVL 11

Expert Comment

by:Gregory Miller
ID: 39652820
I would dig into some AD or Group Policy settings gone wrong to solve that one. If you change it and it changes back say after a log on or reboot or just after 90 minutes. I will try to find something if I can.

This article is written for Exchange 2003 but the AD/GPO stuff is probably still similar. At least it may point you to where the controls are in the GPO.

http://support.microsoft.com/kb/867504
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:jskfan
ID: 39653568
in the link above it was about publishing free/busy information…
in our environment case, it is like the permissions for the DEFAULT user reverts back to reviewer from free/busy .
I believe since Exchange sharing policy is set up to Free/busy only should apply …

I will need to run Gpresults on my computer and hopefully I will find which GPOs are applied to my account
0
 
LVL 11

Assisted Solution

by:Gregory Miller
Gregory Miller earned 1000 total points
ID: 39653667
I don't know for certain but it seems like a GPO issue. The link was to point you in the direction of where some of the related GPO items might be found in the AD. I have found that some GPO settings can have overreaching effects where a GUI setting may appear to be set or unset but the policy overrides it.
0
 

Author Comment

by:jskfan
ID: 39653942
This is how the sharing policy is set up in our Exchange:
calendarsharing policy
0
 

Author Comment

by:jskfan
ID: 39653943
On this link, that 's what they say when you scroll down to the conclusion, when the policy is set up that way, which is the same as in our environment, then the Default user in Outlook calendar will have Reviewer permissions….even though in sharing policy is set up to free/busy only..

http://community.spiceworks.com/how_to/show/29939-change-default-outlook-calendar-access-permissions-in-exchange-2010
0
 

Author Comment

by:jskfan
ID: 39653944
As you noticed, in Mailbox tab of the screenshot I pasted, there is no mailbox selected. I wonder if this will apply to every one in the domain since there is an asterisk in the other tab, as Spiceworks link described it.
0
 

Author Comment

by:jskfan
ID: 39653947
http://technet.microsoft.com/en-us/library/dd351201(v=exchg.141).aspx

Though this link says, the sharing policy is only applied with external federated organization.
We do not have any external federated organization in our case.
0
 

Author Comment

by:jskfan
ID: 39654055
the only GPO I see, it is about Outlook 2003
gpo
0
 

Author Comment

by:jskfan
ID: 39655488
My Guessing though is Exchange 2010 makes Outlook Calendar Default user permissions set to Reviewer by default…..
that's only my guessing, I hope someone can confirm that with a Microsoft link..

Second Guess, the reason the permissions reverts back the next day, can be due to Exchange cache mode.. I believe the OST file has the previous configuration, so even when I change the permission of the Default user to Free/Busy in outlook (online), next time it synchronizes with the server the OST overwrites whatever was configured online…

I still need an Expert to comment on my Guessing
0
 
LVL 14

Expert Comment

by:Radweld
ID: 39662194
You can modify the free/busy permissions within the mailbox, to establish the free/busy permissions of a mailbox you would type from the Exchange management Shell.

Get-MailBoxFolderPermission -Identity "{mailbox}:\Calendar"

Where {mailbox} is the name of the target mailbox

if the user Default has anything other than "Availability Only" permissions, You can limit the calendar permission back to availability only by running the following from the Exchange management Shell

Set-MailboxFolderPermission -Identity "{mailbox}:\Calendar" -User Default -Accessrights AvailabilityOnly

Where {mailbox} is the name of the target mailbox

To do this in bulk, to all mailboxes you would do something like

Get-Mailbox | Set-MailboxFolderPermission -User Default -Accessrights AvailabilityOnly

Hope this helps

http://technet.microsoft.com/en-us/library/ff522363(v=exchg.141).aspx
0
 

Author Comment

by:jskfan
ID: 39664246
Either I change the permissions through Powershell or manually on Outlook to anything else other than Reviewer for the Default....The next day , it will revert back to Reviewer.

I check if there is any GPO changing this, but could not find any..

I checked this file:\\Exchangeservername\c$\Program Files\Microsoft\Exchange Server\V14\Bin\CmdletExtensionAgents\ScriptingAgentConfig.xml

I cannot find anything that is changing the permissions for the Default user back to Reviewer.
0
 
LVL 14

Expert Comment

by:Radweld
ID: 39665226
Remove the sharing policy, unless your federating with an external domain you don't need it.
0
 

Author Comment

by:jskfan
ID: 39666007
<<Remove the sharing policy, unless your federating with an external domain you don't need it. >>

As you can notice on the snapshots above, the sharing policy, is not applied to any mailbox, and even if it was applied, the Action is showing: Calendar sharing with free/busy information only.
0
 
LVL 14

Accepted Solution

by:
Radweld earned 1000 total points
ID: 39666128
Up to you, if it was me I would be disabling if for testing purposes. I confess I don't know enough about sharing policies to understand if this is expected behaviour.
0
 

Author Comment

by:jskfan
ID: 39667209
Thanks... I will have to build a lab,,,
Cannot test anything in production
0
 

Author Closing Comment

by:jskfan
ID: 39667231
Thank you
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this article I discuss my selections of the Top Four free Outlook OST File Viewers available. Open, view and read even damaged OST files by using these tools. They all provide a clear preview of all data such as emails, notes, tasks, calendars, e…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month10 days, 16 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question