Restrict write permission on self

Hello
I'm trying to restrict permission on a mailbox account so that it can not write to it's own contact list.
I want the account to able to only read it's own contact list

Where do I set the permissions?
LVL 1
Bes4dminAsked:
Who is Participating?
 
Hendrik WieseConnect With a Mentor Information Security ManagerCommented:
You will be able to sync the public folders.

Have a look at the following link: http://www.tomshardware.com/forum/56603-36-sync-mobile-exchange-public-folders

Hendrik
0
 
FF-ExExCommented:
This is not possible at least not on the users own mailbox because well he is the owner of that mailbox.

Depending on the goal you might want to think about using shared or ressource mailboxes where you can set delegated access.

Generally spoken permission are set using the Exchange powershell - Add-ADPermission for instant would be one of the used cmdlets.
0
 
Bes4dminAuthor Commented:
Perhaps you're right even though I believe it's possible. I tried setting permissions on the mailbox in the information store top and the contacts folder beneath it with add-adpermission command but with no luck.

Maybe if I set permissions right on the AD user or using ADSI Edit.. suggestion?

The goal is to use this mailbox as a shared contact list only. Users will add this mailbox to their iPhones and only sync the contacts. We don't want the users to be able to add/change or delete contacts hence the permission restriction we are trying to accomplish.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Hendrik WieseInformation Security ManagerCommented:
You will not be able to restrict the user from adding to their local contacts but you could try a Public Folder setup for this.

I have 2 possible sources to assist you in setting it up:

http://ct-miramar.com/blog/2011/07/18/create-public-contacts-folder-in-exchange-2010/

Have a look at this one as well if you run into any issues: http://www.outlookforums.com/threads/87792-create-a-contacts-list-on-exchange-2010/

Hope this helps
0
 
Bes4dminAuthor Commented:
Thanks HendrikWiese for your reply and the links. I probably should have mention the reason I want to resctrict the permisisons on the accounts own folders.

The goal is to have a shared contact list on the mobile devices using activesync. But I don't want the users being able to write or delete the contacts thus the permission restriction.
The Public Folder solution works as long as we use it within Outlook only. As far as I know you can't "activesync" a PB.
0
 
Bes4dminAuthor Commented:
Even though I wasn't looking for a solution that includes third party software your link contained what seem to be the only option to accomplish what I want
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.