GroupA assigns tasks to GrpB; ALL members can see/add/edit the whole list; GrpB can edit but not delete;

Read last paragraph for more context and ancillary information. It may not be necessary though. (Trying to respect your time)
= = = = = = = = = = = = = = = = = = = =
Tasks come into frontdesks (GrpA) for the maintenance department(GrpB). We have Office 365 Enterprise1. I want to create a shared resource I call "The Bucket". All members of both groups can add/edit tasks but GrpB can't delete anything.

I also want a unified mailbox called bucket@mydomain.com where we can funnel all inbound emailed tasks then convert those emails to tasks.

End result, everyone has one list of everything to be done and the status of the tasks, see the bucket emails. I do not want maintenance to be able to delete emails or tasks.
= = = = = = = = = = = = = = = = = = = =
I manage beach houses with the help of an awesome frontdesk squad and maintenance department that is lacking in task management skills. I also have many many hours in research and trying to have the exact end result described below. I've tried several ways but always seem to be missing one piece. I'm hoping someone here has global knowledge of shared mailboxes, public folders and exchange in general so the can tell me which is the most logical way to set this up. I love tinkering and figuring things out on my own but I can't put any more time in this. I'm getting behind in my job-job. I know just enough about this stuff to really sound dumb.
commfirstAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Vasil Michev (MVP)Commented:
You can get pretty granular with folder permissions, but dont forget that editing tasks can have pretty much the same result as deleting it. Plus, there is the "delete/edit own" scenario, you should decide on that one as well.

I would consider something like granting the Author level permissions on the tasks folder for GrpB, or simply granting a custom set of permissions. You can review the available options here: http://technet.microsoft.com/en-us/library/ff522363(v=exchg.150).aspx

It's not necessary to adjust them with PowerShell, you can just right-click on a folder in Outlook or OWA and do so.
0
commfirstAuthor Commented:
Thanks for your time!
If I end up with edited tasks that are blank then I fire them. There's not plausible deniability for malicious intent.

Is that "task folder for GrpB" a shared mailbox or a public folder?
Or do I just create a task list in my profile and share it out to everyone and tweak permissions for the groups/individuals?

I've tinkered with the permissions method and if GrpB was just one person then I would have stuck with that. But it's got to be a shared resource. Their non-task communications on their company email shouldn't be in this shared resource.

Also, if I have a shared mailbox then it bloats everyone's Outlook folder trees a little. Adds a little white noise to daily operations but I think it's the only way to have email and tasks associated with this "bucket."
0
Vasil Michev (MVP)Commented:
If grpB corresponds to a shared resource (mailbox), it's a good idea to create a security group with all the members, and use that group to add permissions on both the shared mailbox and 'the bucket'. There should be no problem granting folder permissions to a security group, so you can use this if 'the bucket' is either another mailbox or simply a folder within your mailbox.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

commfirstAuthor Commented:
I will do that. It sounds like shared mailbox is the way. But how do those tasks and emails get handled on iPhones and Androids. Having the tasks with reminders roll out to devices would be nice. If I create a separate sub calendar in Outlook, that hits my phone. I just can't imagine that this will work like that AND maintain the permissions. If it does show up like a separate task list, I find it hard to believe that Android nor iPhone will block maintenance from deleting BUT allow them to edit. That is probably going to take testing right?
0
Vasil Michev (MVP)Commented:
Oh, for mobile devices that might indeed be a problem. The OWA for iPhone/OWA for Android device should be able to open shared mailboxes/folders however, so give that a try. You can get the apps in the corresponding app stores.

The permission should hold, those are server side, the device has no say there. Best it can do is corrupt something :)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
commfirstAuthor Commented:
I forgot the updated that to handle shared resources. I think I saw it on twitter or something. I use TouchDown on Android or the native email app so I was thinking those routes. Awesome. I'm testing now.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Office 365

From novice to tech pro — start learning today.