Solved

Restrict write permission on self

Posted on 2014-04-25
7
274 Views
Last Modified: 2014-05-15
Hello
I'm trying to restrict permission on a mailbox account so that it can not write to it's own contact list.
I want the account to able to only read it's own contact list

Where do I set the permissions?
0
Comment
Question by:Bes4dmin
  • 3
  • 2
7 Comments
 

Expert Comment

by:FF-ExEx
ID: 40022465
This is not possible at least not on the users own mailbox because well he is the owner of that mailbox.

Depending on the goal you might want to think about using shared or ressource mailboxes where you can set delegated access.

Generally spoken permission are set using the Exchange powershell - Add-ADPermission for instant would be one of the used cmdlets.
0
 
LVL 1

Author Comment

by:Bes4dmin
ID: 40023008
Perhaps you're right even though I believe it's possible. I tried setting permissions on the mailbox in the information store top and the contacts folder beneath it with add-adpermission command but with no luck.

Maybe if I set permissions right on the AD user or using ADSI Edit.. suggestion?

The goal is to use this mailbox as a shared contact list only. Users will add this mailbox to their iPhones and only sync the contacts. We don't want the users to be able to add/change or delete contacts hence the permission restriction we are trying to accomplish.
0
 
LVL 20

Expert Comment

by:Hendrik Wiese
ID: 40058847
You will not be able to restrict the user from adding to their local contacts but you could try a Public Folder setup for this.

I have 2 possible sources to assist you in setting it up:

http://ct-miramar.com/blog/2011/07/18/create-public-contacts-folder-in-exchange-2010/

Have a look at this one as well if you run into any issues: http://www.outlookforums.com/threads/87792-create-a-contacts-list-on-exchange-2010/

Hope this helps
0
 
LVL 1

Author Comment

by:Bes4dmin
ID: 40060135
Thanks HendrikWiese for your reply and the links. I probably should have mention the reason I want to resctrict the permisisons on the accounts own folders.

The goal is to have a shared contact list on the mobile devices using activesync. But I don't want the users being able to write or delete the contacts thus the permission restriction.
The Public Folder solution works as long as we use it within Outlook only. As far as I know you can't "activesync" a PB.
0
 
LVL 20

Accepted Solution

by:
Hendrik Wiese earned 500 total points
ID: 40061167
You will be able to sync the public folders.

Have a look at the following link: http://www.tomshardware.com/forum/56603-36-sync-mobile-exchange-public-folders

Hendrik
0
 
LVL 1

Author Closing Comment

by:Bes4dmin
ID: 40067160
Even though I wasn't looking for a solution that includes third party software your link contained what seem to be the only option to accomplish what I want
0

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. Theā€¦
how to add IIS SMTP to handle application/Scanner relays into office 365.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now