powershell script to add permission to a shared mailbox

hello,

i have many shared mailbox in exchange 2013, i will use it to replace public folder.

i need to add permission to shared mailbox, full access is simple, but i need script to get every folder on shared mailbox like (inbox, calender....) and add to a group or user the Reviewer right or Contributor.

thanks for help
cawasakiAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Gareth GudgerCommented:
Hi. Just to confirm. So you want different folders in the Shared Mailbox to have different permissions for different users? Not just the blanket Full Access right.
0
cawasakiAuthor Commented:
i need for exemple to add for all mailbox folder the right Reviewer for group or user.
yes for exemple:
group1 will have full access.
group2 will have just reviewer right (to prevent delet item from mailbox)
0
Vasil Michev (MVP)Commented:
You will need to adjust the permissions on the folder level, as the Add-MailboxPermission cmdlet only allows you for certain level of access (you can use it for ReadPermission, but that only allows opening the mailbox, not expanding the folders, etc). Check for example here:

http://exchangeserverpro.com/grant-read-access-exchange-mailbox/
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

cawasakiAuthor Commented:
hi Vasil,

i have test this script, and it seems to work but with error:
The operation couldn’t be performed because ‘test.mailbox:\Top of Information Store’ couldn’t be found.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=mailboxserver1,RequestId=44d1cd48-8a1b-46ae-bcf6-fda199f2be50,TimeStamp=13/10/2014 10
:32:20] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] B52CDE40,Microsoft.Exchange.Management.StoreTas
ks.AddMailboxFolderPermission
+ PSComputerName : mailboxserver1.domain.com

and this error:

The operation couldn’t be performed because ‘test.mailbox:\Calendar Logging’ couldn’t be found.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=mailboxserver1,RequestId=6097ea46-ae18-402c-b424-3f71cdaeccf9,TimeStamp=13/10/2014 10
:32:32] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] 42945040,Microsoft.Exchange.Management.StoreTas
ks.AddMailboxFolderPermission
+ PSComputerName : mailboxserver1.domain.com

Open in new window


are this normal with exchange 2013??

thanks for help
0
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
There is a correction of the script posted down in the discussion. I've simplified that:
[CmdletBinding()]
param (
	[Parameter( Mandatory=$true)]
	[string]$Mailbox,

	[Parameter( Mandatory=$true)]
	[string]$User,

	[Parameter( Mandatory=$true)]
	[string]$Access
)

$exclusions = @("/Sync Issues",
                "/Sync Issues/Conflicts",
                "/Sync Issues/Local Failures",
                "/Sync Issues/Server Failures",
                "/Recoverable Items",
                "/Deletions",
                "/Purges",
                "/Versions"
                )

$mailboxFolderPaths = @(Get-MailboxFolderStatistics $Mailbox | ? { $exclusions -notcontains $_.FolderPath } | Select -Expand FolderPath)

foreach ($mailboxFolderPath in $mailboxFolderPaths)
{
	$folder = $mailboxfolderPath.Replace(“/”,”\”).Replace(“\Top of Information Store”,”\”)
	$identity = “$mailbox`:$folder"
	Write-Host “Adding $user to $identity with $access permissions”
	Add-MailboxFolderPermission -Identity $identity -User $user -AccessRights $Access
}

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cawasakiAuthor Commented:
hello,

sorry, i will test now and report
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.