James-Sillett
asked on
Exchange 2010 Calanders ethical wall
I’m looking for some feedback on whether it is possible to create an ethical wall in Exchange for calendars as well as email. In our current environment we’ve got 200 users who by default have set their calendars to have everyone as the default everyone reviewer and this causes us no problems because everyone should have the access to view the calendars. However, recently we will be taking on a group of 20 users who must not be able to see the contents of calendars for the rest of the organisation. I see there are only a couple of options here:
1. create a hybid or second exchange server to keep it entirely separate from our normal users.
2. To create some kind of power shell script or to run against all our current users and add a deny in for the group of users that are going to be joining us on the calendar permissions, which is not ideal
I wonder if there was any other built-in functionality that can be used to achieve what we are trying to do. I thought it would have been a logical sense that we could set the permissions on the individual databases within Exchange and put all our new users into a different database and then to global permissions there, but this does not seem to be the case.
Any thoughts would be greatly appreciated.
Thank you.
1. create a hybid or second exchange server to keep it entirely separate from our normal users.
2. To create some kind of power shell script or to run against all our current users and add a deny in for the group of users that are going to be joining us on the calendar permissions, which is not ideal
I wonder if there was any other built-in functionality that can be used to achieve what we are trying to do. I thought it would have been a logical sense that we could set the permissions on the individual databases within Exchange and put all our new users into a different database and then to global permissions there, but this does not seem to be the case.
Any thoughts would be greatly appreciated.
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This isn't going to work, because Outlook permissions work on the basis of most permissive wins.
Therefore if "Default" is reviewer, then everyone is a reviewer at least.
There are no deny permissions in Outlook folder permissions, the lowest you can go is none.
Therefore you will have to change your permissions structure for everyone.
Set Default to None, then add in the users who can see as a group.
Simon.