Modify Public Folder permissions for Default user.

All replies

• 

  

  0

  Sign in to vote

  I've also tried removing.

  Get-PublicFolder | Get-PublicFolderClientPermission -User "Default" | Remove-PublicFolderClientPermission

  Remove-PublicFolderClientPermission : Failed to commit the change on object "000000001A447390AA6611CD9BC800AA002FC45A0300B8EFF359CDC69641BCD71F34D1A12DA30000
  At line:1 char:106
  + Get-PublicFolder | Get-PublicFolderClientPermission -User "Default" | Remove-PublicFolderClientPermission <<<<
      + CategoryInfo          : NotSpecified: (0:Int32) [Remove-PublicFolderClientPermission], MapiAccessDeniedException
      + FullyQualifiedErrorId : 2D66E147,Microsoft.Exchange.Management.MapiTasks.RemovePublicFolderClientPermission

  ---

  David Jenkins

  Thursday, October 6, 2011 3:17 PM
• 

  

  0

  Sign in to vote

  Check adsiedit.

  1.Start the ADSI Edit utility

  2.Double-click Configuration Container.
  3.Expand CN=Configuration, CN=Services, CN=Microsoft Exchange. Right-click your organizational name's container, and select Properties.

  4..Select the Security tab.
  5.Click Advanced.

  6.On the Permissions tab, find the entry with a name of Everyone and a permission of "Create top level public folder." You shouldn't need to click deny just make sure allow is unchecked.

  ---

  James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
  

  • Edited by Jamestechman Thursday, October 6, 2011 3:21 PM
  • Marked as answer by David L. Jenkins Thursday, October 6, 2011 3:21 PM

  Thursday, October 6, 2011 3:21 PM
• 

  

  0

  Sign in to vote

  Thanks.  I had just found it when you posted.

  http://www.petri.co.il/limit_creation_of_top-level_exchange_public_folders.htm

   

  ---

  David Jenkins

  Thursday, October 6, 2011 3:22 PM
• 

  

  0

  Sign in to vote

  I don't have a server available to test this right now, but I think you may have more luck with

  Remove-PublicFolderClientPermission

  I'm not sure what happens when existing permissions are overwritten - do they get added to (in which case adding "None" will have no effect), or are they replaced?  I honestly don't know.

  ---

  Outlook Web Access For PDA , OWA For WAP
  www.owa-pda.com
  email a@t leederbyshire d.0.t c.0.m
  

  Thursday, October 6, 2011 3:23 PM
• 

  

  0

  Sign in to vote

  Already ran through that.  See entry above.  ADSI is the way to go.  Stay away from PFDaveAdmin it will wipe your settings.

   

  ---

  David Jenkins

  Thursday, October 6, 2011 3:24 PM
• 

  

  0

  Sign in to vote

  Hi James

  I am also facing the same problem, I want to block all users adding any content (Folder/files/post) in public folder without Exchange Administrator permits them..

  I tried your above steps and unable to find the entry "Everyone with a permission of Create top level public folder", then I created the value manually and set allow but still same problem.

  Thanks..

  ---

  George-Canar

  Wednesday, December 7, 2011 2:25 PM
• 

  

  0

  Sign in to vote

  The fix above is only for the top level folder right.

  You have to use regular public folder security for subfolders.

  Use the PowerShell command 'Get-PublicFolderClientPermission'" and of course it's brother Set-....

  ---

  David Jenkins

  Wednesday, December 7, 2011 2:28 PM
• 

  

  0

  Sign in to vote

  Hi David / James

  I am talking about top level folder / Root folder permission only.

  I tried do the following... but didn't find the value "Create top level public folder" with Everyone.

  http://www.petri.co.il/limit_creation_of_top-level_exchange_public_folders.htm

   

  ---

  George-Canar

  Thursday, December 8, 2011 6:45 AM