The script sets default calendar permissions for mailboxes who are members of a distribution list. To execute the script, you can create a custom command or a scheduled task configured for the Group object type.
Exchange On-Premises
Parameters:
- $exchangeServer - Specifies the fully qualified domain name (FQDN) of the Exchange Server that will be used to perform the operation.
- $accessRights - Specifies the user access rights to grant.
PowerShell
$accessRights = "Reviewer" # TODO: modify me
# Connect to Exchange Online
$Context.CloudServices.ConnectExchangeOnline()
try
{
[Object[]]$mailboxes = Get-DistributionGroupMember -Identity "%name%" -ErrorAction Stop | Where-Object {$_.RecipientType -eq "UserMailbox"}
}
catch
{
$Context.LogMessage("An error occurred when retrieving group members. Error: " + $_.Exception.Message, "Warning")
return
}
if ($mailboxes -eq $NULL)
{
return # No members with mailboxes
}
foreach ($mailbox in $mailboxes)
{
# Get Calendar object identity
$calendarName = (Get-MailboxFolderStatistics -Identity $mailbox.ExternalDirectoryObjectId -FolderScope Calendar | select -First 1).Name
$calendarIdentity = "$($mailbox.SamAccountName)`:\$calendarName"
# Get Calendar permissions
$calendarPermissions = Get-MailboxFolderPermission $calendarIdentity
foreach ($permission in $calendarPermissions)
{
if ($permission.User.DisplayName -ne "Default")
{
continue
}
if ($permission.AccessRights -notcontains $accessRights)
{
Set-MailboxFolderPermission -User "Default" -AccessRights $accessRights -Identity $calendarIdentity
}
break
}
}
Exchange Hybrid
Parameter:
- $accessRights - specifies the user access rights to grant.
PowerShell
$accessRights = "Reviewer" # TODO: modify me
# Connect to Exchange Online
$Context.CloudServices.ConnectExchangeOnline()
try
{
[Object[]]$mailboxes = Get-DistributionGroupMember -Identity "%name%" -ErrorAction Stop | Where-Object {$_.RecipientType -eq "UserMailbox"}
}
catch
{
$Context.LogMessage("An error occurred when retrieving group members. Error: " + $_.Exception.Message, "Warning")
return
}
if ($mailboxes -eq $NULL)
{
return # No members with mailboxes
}
foreach ($mailbox in $mailboxes)
{
# Get Calendar object identity
$calendarName = (Get-MailboxFolderStatistics -Identity $mailbox.ExternalDirectoryObjectId -FolderScope Calendar | select -First 1).Name
$calendarIdentity = "$($mailbox.SamAccountName)`:\$calendarName"
# Get Calendar permissions
$calendarPermissions = Get-MailboxFolderPermission $calendarIdentity
foreach ($permission in $calendarPermissions)
{
if ($permission.User.DisplayName -ne "Default")
{
continue
}
if ($permission.AccessRights -notcontains $accessRights)
{
Set-MailboxFolderPermission -User "Default" -AccessRights $accessRights -Identity $calendarIdentity
}
break
}
}