Link to home
Start Free TrialLog in
Avatar of Blaise Fournier
Blaise FournierFlag for Switzerland

asked on

Need help resolving error when managing mailbox folder rights for users in different subdomains in Exchange 2016

We have trouble adding rights to the calendar folder of one user to another user who is on another subdomain.
We run Exchange 2016 (Version 15.1 (Build 1466.3) and have a main domain we will call domain.local and 5 subdomains. Exchange server is in domain.local.
User1 is in subdomain A.domain.local and has email address
User2 is in subdomain B.domain.local and has email address
We ran the following command to add LimitedDetails rights to B.domain.local\user2 on A.Domain.local user2’s calendar:
Add-MailboxFolderPermission -Identity A.domain.local\user1:\calendar -User -AccessRights LimitedDetails

We get the following error:
The user "FirstName Lastname" was found in Active Directory but isn't valid to use for permissions. Try an SMTP address instead.
+ CategoryInfo          : NotSpecified: (:) [Add-MailboxFolderPermission], InvalidInternalUserIdException
    + FullyQualifiedErrorId : [Server=XXXXXX,RequestId=XXXXXXX,TimeStamp=01.02.2019 10:31:07] [FailureCategory=Cmdlet-InvalidInternalUserIdException]XXXXXX,Microsoft.Exchange.Management.StoreTask
    + PSComputerName        :

Can you please help us solve this problem?
Thanks in advance for your help.
Best regards
Avatar of Roland Lee
Roland Lee
Flag of Singapore image

Maybe you can try something like this
Get-Mailbox "WhateverMailbox" | Add-MailboxPermission -AccessRights FullAccess, ExternalAccount -User "remote-domain\user"
Is the person's SMTP address or is it their UPN with a custom suffix?

Can you try using User2's Alias or even their full DN as in:

Add-MailboxFolderPermission -Identity A.domain.local\user1:\calendar -User "CN=User2,OU=xyz,DC=B,DC=domainDC=local" -AccessRights LimitedDetails
Avatar of Blaise Fournier


Thanks for the tip Ibrahim Benna, but the error remains the exactly same.
Thank you Roland Lee but what I want to achieve is to add a permission to the user's calendar. The command you suggested would try to add permissions to the mailbox. In my case this is not an option. is the person's SMTP address. Sorry I forgot to mention this.

We have investigated and found out that the error appears only with users which have been migrated during a cross-forest migration. The command runs normally for users that have been created after the migration. Thank you all for you input. I will post more info as we continue to investigate.
The command works again without action on our part ... I guess we'll never know what happened here.
The error appears again. A case has been opened with MS support and will post a solution if one is found.
Best regards
No news so far sorry.
Avatar of Blaise Fournier
Blaise Fournier
Flag of Switzerland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial