Add permissions recursively to another users folders in Outlook

I found myself again trying to help a user add folder permissions for another user in a large hierarchy of folders inside their mailbox. What I wanted to do was tell this person they had to manually add the user to each folder in an attempt to deter it from happening but I couldn’t.

I figured there has got to be a way to do this in powershell using the -recurse switch, Get-MailboxFolder and piping that to the add-mailboxfolderpermission cmdlet that I have used in the past. I attempted the below cmdlet and failed miserably.

Get-MailboxFolder -Identity “user:\rootfolder” -recurse | Add-MailboxFolderPermission -User user2 -AccessRights owner

Running the command resulted in the below error.

The term ‘Get-MailboxFolder’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

I was certain that this was a valid cmdlet so I started digging only to find that this cmdlet, “Get-MailboxFolder”, is in fact a valid cmdlet, but it can only be used for the logged in user and not run against another user. See details and syntax information for Get-MailboxFolder using the below link.

http://technet.microsoft.com/en-us/library/dd351164.aspx

I started thinking about how this made sense and how an end user would ever be able to execute this cmdlet. RBAC and self service in Exchange came to mind. As I started to research this further I came across a post on TechNet forums that reinforced the fact the cmdlet could only be run against the logged in user. It also mentions using EWS to programatically achieve what I sent out to accomplish but I am not confortable with EWS so I continued to look for a way to set the permissions in powershell.

Using the below cmdlets, you will be able to retreive folder statistics for a particular folder within a mailbox, modify the path in the results to adhere to what is required to set permissions on a folder, and use a where clause to add permissions to the folders so that another user can view a long list or hierarchy of folders with Outlook.

I will not take credit for the shell commands or idea.  I found it someowhere on the internet but didn’t bookmark to link it here, my apologies to the author. I simply want to share this and have a place to reference it myself the next time it comes up. It surely will!

Get-MailboxFolderStatistics username | Where { $_.FolderPath.Contains(“Clients”) -eq $true }

ForEach($f in (Get-MailboxFolderStatistics mcaruso | Where {$_.FolderPath.Contains(“/Clients”) -eq $True } ) ) {$fname = “username:” + $f.FolderPath.Replace(“/”,”\”);Add-MailboxFolderPermission $fname -User anotheruser -AccessRights Owner }

Advertisements
This entry was posted in Exchange 2010 powershell commands and scripts, Exchange Server 2010 and tagged , , , . Bookmark the permalink.

One Response to Add permissions recursively to another users folders in Outlook

  1. Rick says:

    Awesome. Spend time trying to get get-mailboxfolder to work against someone else’s mailbox and then realised it wasn’t going to work. We have someone on long term leave who has a large folder structure that others need access to. This saved me lots of time manually changing the folder permissions. Great post.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s