Having difficulties deletingediting public folder data as the owner no longer exists, found that the change permissions box in outlook is greyed out and the Public Folder Admin tool in Exchange 2007 does not have an interface for changing the permissions. well that because you have to complete permission changes in powershell.
To add permissions to a public folder you have 2 options:
- Options 1 – Add the permissions per folder
Add-PublicFolderClientPermission -Identity "xxxxxx" -AccessRights Owner -User "Luke Smith"
- Option 2 Recursively add permissions from a folder and all Child folders
AddUsersToPFRecursive.ps1 -toppublicfolder -User "Luke Smith" -Permissions Owner
The -User flag I original thought was the domain account such as TSLSLuke.Smith however it would appear that the command wanted the mailbox (display) name instead.
More information on these commands below:
Add-PublicFolderClientPermission
Add-PublicFolderClientPermission -Identity <PublicFolderIdParameter> -AccessRights <MultiValuedProperty> -User <PublicFolderUserIdParameter> [-Confirm [<SwitchParameter>]] [-DomainController <Fqdn>] [-Server <ServerIdParameter>] [-WhatIf [<SwitchParameter>]]
Parameters
| Parameter | Required | Description |
| AccessRights | Required | The AccessRights parameter specifies the rights being added. This parameter accepts the following values:
ReadItems The user has the right to read items within the specified public folder. CreateItems The user has the right to create items within the specified public folder. EditOwnedItems The user has the right to edit the items that the user owns in the specified public folder. DeleteOwnedItems The user has the right to delete items that the user owns in the specified public folder. EditAllItems The user has the right to edit all items in the specified public folder. DeleteAllItems The user has the right to delete all items in the specified public folder. CreateSubfolders The user has the right to create subfolders in the specified public folder. FolderOwner The user is the owner of the specified public folder. The user has the right to view and move the public folder and create subfolders. The user can’t read items, edit items, delete items, or create items. FolderContact The user is the contact for the specified public folder. FolderVisible The user can view the specified public folder, but can’t read or edit items within the specified public folder. In addition to access rights, you can create rights based upon roles, which includes multiple access rights. This parameter accepts the following values for roles: None FolderVisible Owner CreateItems, ReadItems, CreateSubfolders, FolderOwner, FolderContact, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems PublishingEditor CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems Editor CreateItems, ReadItems, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems PublishingAuthor CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, DeleteOwnedItems Author CreateItems, ReadItems, FolderVisible, EditOwnedItems, DeleteOwnedItems NonEditingAuthor CreateItems, ReadItems, FolderVisible Reviewer ReadItems, FolderVisible Contributor CreateItems, FolderVisible |
| Identity | Required | The Identity parameter specifies the GUID or public folder name that represents a specific public folder. You can also include the path using the format TopLevelPublicFolderPublicFolder.
You can omit the parameter label so that only the public folder name or GUID is supplied. |
| User | Required | The User parameter specifies the user principal name (UPN), domainuser, or alias of the user for whom rights are being added. |
| Confirm | Optional | The Confirm switch can be used to suppress the confirmation prompt that appears by default when this cmdlet is run. To suppress the confirmation prompt, use the syntax -Confirm:$False. You must include a colon ( : ) in the syntax. |
| DomainController | Optional | The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory. |
| Server | Optional | The Server parameter specifies the server on which to perform the selected operations. |
| WhatIf | Optional | The WhatIf switch instructs the command to simulate the actions that it would take on the object. By using the WhatIf switch, you can view what changes would occur without having to apply any of those changes. You don’t have to specify a value with the WhatIf switch. |
Information from: http://technet.microsoft.com/en-us/library/bb124743.aspx
AddUsersToPFRecursive
| Task | Script | Description |
| Add a user to the client permissions list. | AddUsersToPFRecursive.ps1 | This script adds a user and that user’s permissions to the client permissions list for a public folder and all the folders beneath it in the hierarchy. If the user is already listed in the client permissions list for a folder, the user’s permissions are updated to the new set specified in the script. This script accepts the following parameters:
Help This parameter displays the Help file for the script. Server (Optional) This parameter specifies the server to operate against. This server must be an Exchange Mailbox server that contains a public folder database. If you don’t use the Server parameter to specify a server, the script defaults to the local server. TopPublicFolder (Required) This parameter specifies the identity of the folder at the top of the public folder tree. User (Required) This parameter specifies the identity of the user to whom to add client permissions. Permissions (Required) This parameter specifies the client permissions to apply to the user. |
More information here: http://technet.microsoft.com/en-us/library/aa997966.aspx