Solved

powershell script to add permission to a shared mailbox

Posted on 2014-10-13
6
267 Views
Last Modified: 2015-02-04
hello,

i have many shared mailbox in exchange 2013, i will use it to replace public folder.

i need to add permission to shared mailbox, full access is simple, but i need script to get every folder on shared mailbox like (inbox, calender....) and add to a group or user the Reviewer right or Contributor.

thanks for help
0
Comment
Question by:cawasaki
6 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40377197
Hi. Just to confirm. So you want different folders in the Shared Mailbox to have different permissions for different users? Not just the blanket Full Access right.
0
 

Author Comment

by:cawasaki
ID: 40377216
i need for exemple to add for all mailbox folder the right Reviewer for group or user.
yes for exemple:
group1 will have full access.
group2 will have just reviewer right (to prevent delet item from mailbox)
0
 
LVL 40

Expert Comment

by:Vasil Michev (MVP)
ID: 40379203
You will need to adjust the permissions on the folder level, as the Add-MailboxPermission cmdlet only allows you for certain level of access (you can use it for ReadPermission, but that only allows opening the mailbox, not expanding the folders, etc). Check for example here:

http://exchangeserverpro.com/grant-read-access-exchange-mailbox/
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 

Author Comment

by:cawasaki
ID: 40379363
hi Vasil,

i have test this script, and it seems to work but with error:
The operation couldn’t be performed because ‘test.mailbox:\Top of Information Store’ couldn’t be found.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=mailboxserver1,RequestId=44d1cd48-8a1b-46ae-bcf6-fda199f2be50,TimeStamp=13/10/2014 10
:32:20] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] B52CDE40,Microsoft.Exchange.Management.StoreTas
ks.AddMailboxFolderPermission
+ PSComputerName : mailboxserver1.domain.com

and this error:

The operation couldn’t be performed because ‘test.mailbox:\Calendar Logging’ couldn’t be found.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=mailboxserver1,RequestId=6097ea46-ae18-402c-b424-3f71cdaeccf9,TimeStamp=13/10/2014 10
:32:32] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] 42945040,Microsoft.Exchange.Management.StoreTas
ks.AddMailboxFolderPermission
+ PSComputerName : mailboxserver1.domain.com

Open in new window


are this normal with exchange 2013??

thanks for help
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40450382
There is a correction of the script posted down in the discussion. I've simplified that:
[CmdletBinding()]
param (
	[Parameter( Mandatory=$true)]
	[string]$Mailbox,

	[Parameter( Mandatory=$true)]
	[string]$User,

	[Parameter( Mandatory=$true)]
	[string]$Access
)

$exclusions = @("/Sync Issues",
                "/Sync Issues/Conflicts",
                "/Sync Issues/Local Failures",
                "/Sync Issues/Server Failures",
                "/Recoverable Items",
                "/Deletions",
                "/Purges",
                "/Versions"
                )

$mailboxFolderPaths = @(Get-MailboxFolderStatistics $Mailbox | ? { $exclusions -notcontains $_.FolderPath } | Select -Expand FolderPath)

foreach ($mailboxFolderPath in $mailboxFolderPaths)
{
	$folder = $mailboxfolderPath.Replace(“/”,”\”).Replace(“\Top of Information Store”,”\”)
	$identity = “$mailbox`:$folder"
	Write-Host “Adding $user to $identity with $access permissions”
	Add-MailboxFolderPermission -Identity $identity -User $user -AccessRights $Access
}

Open in new window

0
 

Author Comment

by:cawasaki
ID: 40464051
hello,

sorry, i will test now and report
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question