Add-PublicFolderAdministrativePermission (RTM)

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

 

Applies to: Exchange Server 2007

Use the Add-PublicFolderAdministrativePermission cmdlet to add administrative permissions to a public folder or a public folder hierarchy.

Syntax

Add-PublicFolderAdministrativePermission -Identity <PublicFolderIdParameter> -AccessRights <Collection> -User <SecurityPrincipalIdParameter> [-Deny <SwitchParameter>] [-DomainController <Fqdn>] [-InheritanceType <None | All | Descendents | SelfAndChildren | Children>] [-Server <ServerIdParameter>]

Add-PublicFolderAdministrativePermission -Identity <PublicFolderIdParameter> -Owner <SecurityPrincipalIdParameter> [-DomainController <Fqdn>] [-Server <ServerIdParameter>]

Add-PublicFolderAdministrativePermission [-Identity <PublicFolderIdParameter>] -Instance <PublicFolderAdministrativeAceObject> [-AccessRights <Collection>] [-Deny <SwitchParameter>] [-DomainController <Fqdn>] [-InheritanceType <None | All | Descendents | SelfAndChildren | Children>] [-Server <ServerIdParameter>] [-User <SecurityPrincipalIdParameter>]

Detailed Description

To run the Add-PublicFolderAdministrativePermission cmdlet, the account you use must be delegated the following:

  • Exchange Organization Administrator role

For more information about permissions, delegating roles, and the rights that are required to administer Exchange Server 2007, see Permission Considerations.

Parameters

Parameter Required Type Description

AccessRights

Required

System.Collections.ObjectModel.Collection

The AccessRights parameter specifies the rights that are being added. Valid values include:

  • None   The administrator does not have any rights to modify public folder attributes.

  • ModifyPublicFolderACL   The administrator has the right to modify client access permissions for the specified folder.

  • ModifyPublicFolderAdminACL   The administrator has the right to modify administrator permissions for the specified public folder.

  • ModifyPublicFolderDeletedItemRetention   The administrator has the right to modify the Public Folder Deleted Item Retention attributes (RetainDeletedItemsFor, UseDatabaseRetentionDefaults).

  • ModifyPublicFolderExpiry   The administrator has the right to modify the Public Folder Expiration attributes (AgeLimit, UseDatabaseAgeDefaults).

  • ModifyPublicFolderQuotas   The administrator has the right to modify the Public Folder Quota attributes (MaxItemSize, PostQuota, PostWarningQuota, UseDatabaseQuotaDefaults)

  • ModifyPublicFolderReplicaList   The administrator has the right to modify the replica list attribute for the specified public folder (Replicas).

  • AdministerInformationStore   The administrator has the right to modify all other public folder properties that are not defined above.

  • ViewInformationStore   The administrator has the right view public folder properties.

  • AllExtendedRights   The administrator has the right to modify all public folder properties.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

The DomainController parameter specifies the domain controller to use to write this configuration change to Active Directory. Use the fully qualified domain name (FQDN) of the domain controller that you want to use.

Identity

Required

Microsoft.Exchange.Configuration.Tasks.PublicFolderIdParameter

Use the Identity parameter to specify the GUID or public folder name that represents a specific public folder. You can also include the path using the format TopLevelPublicFolder\PublicFolder.

You can omit the parameter label Identity so that only the public folder name or GUID is supplied.

Instance

Required

Microsoft.Exchange.Management.MapiTasks.PublicFolderAdministrativeAceObject

The Instance parameter enables you to pass an entire object to the command to be processed. It is mainly used in scripts where an entire object must be passed to the command.

Owner

Required

Microsoft.Exchange.Configuration.Tasks.SecurityPrincipalIdParameter

The Owner parameter specifies the NT Owner access control list (ACL) on the object. Valid values are the user principal name (UPN), domain\user, or alias.

User

Required

Microsoft.Exchange.Configuration.Tasks.SecurityPrincipalIdParameter

The User parameter specifies the user principal name (UPN), domain\user, or alias of the user for whom rights are being added.

Deny

Optional

System.Management.Automation.SwitchParameter

The Deny parameter is a switch which, if included, denies the permission specified.

InheritanceType

Optional

System.DirectoryServices.ActiveDirectorySecurityInheritance

The InheritanceType parameter specifies the type of inheritance. Valid values are:

  • None

  • All

  • Descendents

  • SelfAndChildren

  • Children

Server

Optional

Microsoft.Exchange.Configuration.Tasks.ServerIdParameter

The Server parameter specifies the server on which to perform the selected operations.

Input Types

Return Types

Errors

Error Description

 

Exceptions

Exceptions Description

 

Example

In the first example, a user named Chris is given the ViewInformationStore permission on the public folder named MyPublicFolder.

In the second example, the Deny parameter is added to the command in the first example, which denies the user named Chris the ViewInformationStore permission.

Add-PublicFolderAdministrativePermission -User Chris -Identity \MyPublicFolder -AccessRights ViewInformationStore

Add-PublicFolderAdministrativePermission -User Chris -Identity \MyPublicFolder -AccessRights ViewInformationStore -Deny

Use the Add-PublicFolderClientPermission cmdlet to add user permissions to a public folder. For more information, see Add-PublicFolderClientPermission (RTM).