Solved

powershell script to add permission to a shared mailbox

Posted on 2014-10-13
6
305 Views
Last Modified: 2015-02-04
hello,

i have many shared mailbox in exchange 2013, i will use it to replace public folder.

i need to add permission to shared mailbox, full access is simple, but i need script to get every folder on shared mailbox like (inbox, calender....) and add to a group or user the Reviewer right or Contributor.

thanks for help
0
Comment
Question by:cawasaki
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40377197
Hi. Just to confirm. So you want different folders in the Shared Mailbox to have different permissions for different users? Not just the blanket Full Access right.
0
 

Author Comment

by:cawasaki
ID: 40377216
i need for exemple to add for all mailbox folder the right Reviewer for group or user.
yes for exemple:
group1 will have full access.
group2 will have just reviewer right (to prevent delet item from mailbox)
0
 
LVL 41

Expert Comment

by:Vasil Michev (MVP)
ID: 40379203
You will need to adjust the permissions on the folder level, as the Add-MailboxPermission cmdlet only allows you for certain level of access (you can use it for ReadPermission, but that only allows opening the mailbox, not expanding the folders, etc). Check for example here:

http://exchangeserverpro.com/grant-read-access-exchange-mailbox/
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:cawasaki
ID: 40379363
hi Vasil,

i have test this script, and it seems to work but with error:
The operation couldn’t be performed because ‘test.mailbox:\Top of Information Store’ couldn’t be found.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=mailboxserver1,RequestId=44d1cd48-8a1b-46ae-bcf6-fda199f2be50,TimeStamp=13/10/2014 10
:32:20] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] B52CDE40,Microsoft.Exchange.Management.StoreTas
ks.AddMailboxFolderPermission
+ PSComputerName : mailboxserver1.domain.com

and this error:

The operation couldn’t be performed because ‘test.mailbox:\Calendar Logging’ couldn’t be found.
+ CategoryInfo : NotSpecified: (:) [Add-MailboxFolderPermission], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=mailboxserver1,RequestId=6097ea46-ae18-402c-b424-3f71cdaeccf9,TimeStamp=13/10/2014 10
:32:32] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] 42945040,Microsoft.Exchange.Management.StoreTas
ks.AddMailboxFolderPermission
+ PSComputerName : mailboxserver1.domain.com

Open in new window


are this normal with exchange 2013??

thanks for help
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40450382
There is a correction of the script posted down in the discussion. I've simplified that:
[CmdletBinding()]
param (
	[Parameter( Mandatory=$true)]
	[string]$Mailbox,

	[Parameter( Mandatory=$true)]
	[string]$User,

	[Parameter( Mandatory=$true)]
	[string]$Access
)

$exclusions = @("/Sync Issues",
                "/Sync Issues/Conflicts",
                "/Sync Issues/Local Failures",
                "/Sync Issues/Server Failures",
                "/Recoverable Items",
                "/Deletions",
                "/Purges",
                "/Versions"
                )

$mailboxFolderPaths = @(Get-MailboxFolderStatistics $Mailbox | ? { $exclusions -notcontains $_.FolderPath } | Select -Expand FolderPath)

foreach ($mailboxFolderPath in $mailboxFolderPaths)
{
	$folder = $mailboxfolderPath.Replace(“/”,”\”).Replace(“\Top of Information Store”,”\”)
	$identity = “$mailbox`:$folder"
	Write-Host “Adding $user to $identity with $access permissions”
	Add-MailboxFolderPermission -Identity $identity -User $user -AccessRights $Access
}

Open in new window

0
 

Author Comment

by:cawasaki
ID: 40464051
hello,

sorry, i will test now and report
0

Featured Post

Containers and Docker for Everyone

Containers are an incredibly powerful technology that can provide you and/or your engineering team with huge productivity gains. Using containers, you can deploy, back up, replicate, and move apps and their dependencies quickly and easily.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
The viewer will learn how to dynamically set the form action using jQuery.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question