A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

Setting item level (Calendar, Tasks etc) permissions for Mailboxes and Users with PowerShell for Exchange 2007, 2010 and 2013

,

Every so often I get a request to allow people to view someone else’s calendar. Usually I just tell that person to go and ask whom ever the calendar belongs to, to give them permission. This isn’t always possible though as on a few occasions where I’ve had to give access because that other person is away.

With mailboxes you can use the management tools to give access rights, but what if I just want to give the, access to a calendar or tasks for example. This is where the exchange PowerShell console comes in. I can give a user Permission to a particular object. So for example I wanted to give user1 permission to edit manager 1’s calendar, I would do the following

Add-MailboxFolderPermission -identity manager1:\Calendar
-user user1 -accessrights Editor

You can use the following on all of the Outlook Exchanged based folders like so replacing <User> with the identity of the mailbox with the object you want to modify the permissions of and <delegate_user> with the username of the person of who you are giving permission to;

Add-MailboxFolderPermission <User>:\Calendar -User <delegate_user> -AccessRights Editor
Add-MailboxFolderPermission <User>:\Tasks -User <delegate_user> -AccessRights None
Add-MailboxFolderPermission <User>:\Inbox -User <delegate_user> -AccessRights None
Add-MailboxFolderPermission <User>:\Contacts -User <delegate_user> -AccessRights None
Add-MailboxFolderPermission <User>:\Notes -User <delegate_user> -AccessRights None
Add-MailboxFolderPermission <User>:\Journal -User <delegate_user> -AccessRights None

You can also quickly check who has access to an object (like a calendar) by using the following cmdlet, again replacing <user> with the identity of the mailbox;

]get-mailboxfolderpermission -identity <user>:\Calendar

Hope that helps someone.

Leave a Reply

More Posts

AWS and Windows Activation

Quick one today where I was on a client server hosted in AWS that wasn’t activated. Trying to activate it via Settings App throws and error. Like most large scale cloud vendors (except Azure), AWS use KMS to activate their windows machines, however sometimes the servers need some help to reach the internal KMS servers […]

Applying inherit rights (inheritable) for permissions to a large number of Active Directory objects

I was recently involved in a project to help secure a School’s Active Directory environment.  After sitting down and planning what we wanted to achieve in terms of account security we went to work.  After setting up all of the IT based security groups and assigning and delegating the appropriate rights and permissions we found […]

The Network Policy Server Service (NPS or IAS) Fails to Start on Windows SBS Server 2008 with an unspecified error (0x80004005)

So I was recently helping out a client clean up their Small Business Server environment, one thing they weren’t using was SharePoint, so we decided to remove it from their SBS 2008 server. The removal went smoothly, simply uninstalling SharePoint Services via Add/Remove control panel did the trick. But after a restart we found that […]