How to set the Default Calendar permissions for all users in Exchange 2000, 2003 and 2007
The Exchange 2007 commandlet Set-MailboxCalendarSettings only works for resource mailboxes and won’t accomplish what PFDAVadmin can for calendar client permissions. The only commandlet currently that mirrors this capability simply retrieves client permissions on public folders Get-PublicFolderClientPermission
With PFDAVadmin, you have two options:
Here are the details for how to accomplish this with a script:
The command line for PFDAVadmin will look like this –
PFDAVadmin –import –s <mailbox server shortname> -f <filename.txt> -scope mailboxes [the username, password, GC are optional]
Depending on the Permissions Role you want to set, the <filename.txt> will contain entries like this:
SETACL Mailboxes\<username>\Freebusy Data \Everyone <Role Permission> NO
SETACL Mailboxes\<username>\Top of Information Store\Calendar \Everyone <Role Permission> NO
So, your script will need to create a .txt file enumerating all the <username> aliases existing for each mailbox server. Once the files are created, the command line above will need to be run for each mailbox server. Examples of <Role Permission> are: None, Reviewer, Author, etc.
The reason \Freebusy Data is included in the <filename.txt> is so you don’t run into the symptoms described in this article here.
The latest version on pfdavadmin (version 2.8) has a new feature “Set Calendar Permissions” which can be used for granting Default calendar permissions for each mailbox. The procedure listed below works for both Exchange 2003 and Exchange 2000.
Here are the steps required:
- Launch PFDavAdmin.exe
- At the main PFDavAdmin window, select File / Connect and in the Connect window, specify the name of the Exchange server and global catalog server to connect to [make sure that the Connection option is set to All Mailboxes before clicking OK]
All mailboxes will then be displayed in the left-hand pane of the main PFDavAdmin window when you expand the Mailboxes object.
- From the Tools menu option, select Set Calendar Permissions.
You will then be presented with an advisory dialog box informing you that you will be presented with another dialog box in which you can configure the permissions you would like to set on the calendar folders. There are no options here; just click OK.
You are then presented with the blank Permissions window.
To add new permissions, click the Add button.
You will now be presented with a window.
- The Choose user area gives you the chance to add a single user, but in our case we want to modify the Default [which maps to the Everyone group] access to all mailboxes.
- Click the Browse button and in the following window, choose the domain name in the drop-down box
- From the list of objects displayed, choose the Everyone object. Once selected, click OK.
Back at the Choose user window, the selected user field should now be populated with the Everyone user previously selected. Click OK.
You will now be back at the Permissions window but this time the Everyone user will be shown in the list of objects. However, note that the Role field is currently set to None.
- To change the Permissions role, highlight the Everyone user and then, on the right-hand side of the Permissions window, change the drop-down permissions box so that the Permissions role can be selected.
- Once the Permissions role has been selected, click OK to set. You should be presented with a dialog box informing you that you will be presented with a new dialog box that you can use to remove entities from the calendar permissions. As with the previous advisory dialog box, just click OK.
- You’ll then be presented with another blank Permissions window as before. In this case, we don’t want to remove any entries so just click OK.
- PFDavAdmin will then process the mailboxes. Once it has finished, just close the window and you’re done.