Managing Public Folder Client Access Permissions – Exchange 2007 MSH / EMC (Exchange Management Shell)

  1. Home Suporte Managing Public Folder Client Access Permissions – Exchange 2007 MSH / EMC (Exchange Management Shell)

Managing Public Folder Client Access Permissions – Exchange 2007 MSH / EMC (Exchange Management Shell)

Source: http://exchangeshell.wordpress.com/2009/09/06/managing-public-folder-client-access-permissions-exchange-2007-msh-emc-exchange-management-shell/

There are a number of ways to add permissions to public folders using the MSH (Exchange Management Shell).

Some of the common and useful commands for client permissions are as follows:

Add-PublicFolderClientPermissions -Identity <PublicFolder> -User “Username” -AccessRights <Right>

The rights for public folders can be explicit rights such as “ReadItems” or “CreateItems” or ‘roles’ such as Owner, Contributor etc, which have a set of rights.

Add-PublicFolderClientPermission -Identity “Company Contacts” -AccessRights PublishingEditor -User Steve

This will add the PublishingEditor ‘role’ to Steve, so he is able to create and delete all items that he creates, and can delete all content items regardless of ownership (but cannot delete folders he does not own). He cannot change permissions on folders that he has not created.

There is also a Remove-PublicFolderClientPermissions that will remove any permissions you wish in the same manner as above.

This is fine on a folder by folder basis but what if we want to give permissions to All users or permissions for a specific user but recursively for a whole bunch of public folders. Well, that is where the AddUsersToPFRecursive.ps1 script comes in!

So, with this we specify the -TopPublicFolder and specify the username and we can add the specified rights recursivley to all public folders beneath. Useful if want the same permission structure on all public folders.

**    Note, if the Top level PF has a space, you must place the name in ‘ ‘ inside the ” “. So -TopPublicFolder “‘\My Computer’”    **

**    Note, that you need to put the \ at the beginning of the path to represent the beginning of the public folder structure     **

AddUsersToPFRecursive.ps1 -TopPublicFolder “MyCompany” -User “Steve” -Permission “PublishingEditor”

AddUsersToPFRecursive.ps1 -TopPublicFolder “MyCompany” -User “Default” -Permission “PublishingEditor” (the Default user permissions apply to all users that are not explicitly defined)

AddUsersToPFRecursive.ps1 -TopPublicFolder “MyCompany” -User “Default” -Permission “None” (the Default user permissions apply to all users that are not explicitly defined)

AddUsersToPFRecursive.ps1 -TopPublicFolder “MyCompany” -User “Mr.ManagingDirector” -Permission “Owner”

There are a number of other scripts with similar recursive powers, the names are pretty self explanatory, but review in more detail by following links below.

ReplaceUserWithUserOnPFRecursive.ps1
ReplaceUserPermissionOnPFRecursive.ps1
RemoveUserFromPFRecursive.ps1