Viewing permissions
Using a Powershell linked session (see this post for more info) you can retrieve the permissions set at one of the following three possible hierarchical levels:a) Mailbox level
b) Mailbox Top of Information Store level
c) A Mailbox Folder level
The above hierarchical levels are hereditary by default, however can be overridden by a specific permission set at a lower level or by using a variant of the switch
-InheritanceType (None | All | Descendents | SelfAndChildren | Children )For level (a - Mailbox) use the PS > get-mailbox | get-mailboxpermission
(add | fl at the end of the command to get a formatted output)To filter for a particular user
PS > get-mailboxPermission -Identity username@company.com | fl
For level (b - Mailbox Top Level) use the PS > get-mailbox | get-mailboxFolderPermission
To filter for a particular user
PS > get-mailboxFolderPermission -Identity username@company.com | fl
For level (c - Mailbox Folder Level) add :<\foldername> to the end of the indentity
PS > get-mailboxFolderPermission -Identity username@company.com:\inbox | fl
Setting permissions - in powershell
a) Adding a Top folder level permission on a mailbox name@company.com for a user "mysec"
PS > Add-MailboxPermission "name@company.com" -User "mysec" -AccessRights ReadPermission
b) Adding a Top folder level permission on a mailbox name@company.com for a user "mysec"
PS > Add-MailboxfolderPermission "name@company.com" -User "mysec" -AccessRights Reviewer
c) Adding a folder level permission on a mailbox name@company.com for a user "mysec"
PS > Add-MailboxfolderPermission "name@company.com:\inbox" -User "mysec" -AccessRights PublishingEditor
Setting permissions - in Outlook
You can set permission for a users mailbox Top Level Folder (b) or Specific Level Folder (c) from a connected Outlook client.
(b) right click on the account name and choose Folder Permissions
No comments:
Post a Comment