Solved

powershell script to add permission to a shared mailbox

Posted on 2014-10-13
6
291 Views
Last Modified: 2015-02-04
hello,

i have many shared mailbox in exchange 2013, i will use it to replace public folder.

i need to add permission to shared mailbox, full access is simple, but i need script to get every folder on shared mailbox like (inbox, calender....) and add to a group or user the Reviewer right or Contributor.

thanks for help
0
Comment
Question by:cawasaki
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40377197
Hi. Just to confirm. So you want different folders in the Shared Mailbox to have different permissions for different users? Not just the blanket Full Access right.
0
 

Author Comment

by:cawasaki
ID: 40377216
i need for exemple to add for all mailbox folder the right Reviewer for group or user.
yes for exemple:
group1 will have full access.
group2 will have just reviewer right (to prevent delet item from mailbox)
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 40379203
You will need to adjust the permissions on the folder level, as the Add-MailboxPermission cmdlet only allows you for certain level of access (you can use it for ReadPermission, but that only allows opening the mailbox, not expanding the folders, etc). Check for example here:

http://exchangeserverpro.com/grant-read-access-exchange-mailbox/
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:cawasaki
ID: 40379363
hi Vasil,

i have test this script, and it seems to work but with error:
The operation couldn’t be performed because ‘test.mailbox:\Top of Information Store’ couldn’t be found.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=mailboxserver1,RequestId=44d1cd48-8a1b-46ae-bcf6-fda199f2be50,TimeStamp=13/10/2014 10
:32:20] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] B52CDE40,Microsoft.Exchange.Management.StoreTas
ks.AddMailboxFolderPermission
+ PSComputerName : mailboxserver1.domain.com

and this error:

The operation couldn’t be performed because ‘test.mailbox:\Calendar Logging’ couldn’t be found.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=mailboxserver1,RequestId=6097ea46-ae18-402c-b424-3f71cdaeccf9,TimeStamp=13/10/2014 10
:32:32] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] 42945040,Microsoft.Exchange.Management.StoreTas
ks.AddMailboxFolderPermission
+ PSComputerName : mailboxserver1.domain.com

Open in new window


are this normal with exchange 2013??

thanks for help
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40450382
There is a correction of the script posted down in the discussion. I've simplified that:
[CmdletBinding()]
param (
	[Parameter( Mandatory=$true)]
	[string]$Mailbox,

	[Parameter( Mandatory=$true)]
	[string]$User,

	[Parameter( Mandatory=$true)]
	[string]$Access
)

$exclusions = @("/Sync Issues",
                "/Sync Issues/Conflicts",
                "/Sync Issues/Local Failures",
                "/Sync Issues/Server Failures",
                "/Recoverable Items",
                "/Deletions",
                "/Purges",
                "/Versions"
                )

$mailboxFolderPaths = @(Get-MailboxFolderStatistics $Mailbox | ? { $exclusions -notcontains $_.FolderPath } | Select -Expand FolderPath)

foreach ($mailboxFolderPath in $mailboxFolderPaths)
{
	$folder = $mailboxfolderPath.Replace(“/”,”\”).Replace(“\Top of Information Store”,”\”)
	$identity = “$mailbox`:$folder"
	Write-Host “Adding $user to $identity with $access permissions”
	Add-MailboxFolderPermission -Identity $identity -User $user -AccessRights $Access
}

Open in new window

0
 

Author Comment

by:cawasaki
ID: 40464051
hello,

sorry, i will test now and report
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
In previous parts of this Nano Server deployment series, we learned how to create, deploy and configure Nano Server as a Hyper-V host. In this part, we will look for a clustering option. We will create a Hyper-V cluster of 3 Nano Server host nodes w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question