Remove-PublicFolderAdministrativePermission

 

Applies to: Exchange Server 2007 SP1, Exchange Server 2007 SP2, Exchange Server 2007 SP3

Use the Remove-PublicFolderAdministrativePermission cmdlet to remove administrative permissions for a public folder or a public folder hierarchy.

Syntax

Remove-PublicFolderAdministrativePermission -Identity <PublicFolderIdParameter> -AccessRights <Collection> -User <SecurityPrincipalIdParameter> [-Confirm [<SwitchParameter>]] [-Deny <SwitchParameter>] [-DomainController <Fqdn>] [-InheritanceType <None | All | Descendents | SelfAndChildren | Children>] [-Server <ServerIdParameter>] [-WhatIf [<SwitchParameter>]]

Remove-PublicFolderAdministrativePermission [-Identity <PublicFolderIdParameter>] -Instance <PublicFolderAdministrativeAceObject> [-AccessRights <Collection>] [-Confirm [<SwitchParameter>]] [-Deny <SwitchParameter>] [-DomainController <Fqdn>] [-InheritanceType <None | All | Descendents | SelfAndChildren | Children>] [-Server <ServerIdParameter>] [-User <SecurityPrincipalIdParameter>] [-WhatIf [<SwitchParameter>]]

Detailed Description

To run the Remove-PublicFolderAdministrativePermission cmdlet, the account you use must be delegated the following:

  • Exchange Organization Administrator role

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

Parameters

Parameter Required Type Description

AccessRights

Required

System.Collections.ObjectModel.Collection

The AccessRights parameter specifies the rights that are being removed. Valid values include:

  • None   The administrator does not have any rights to modify public folder attributes.

  • ModifyPublicFolderACL   The administrator has the right to modify client access permissions for the specified folder.

  • ModifyPublicFolderAdminACL   The administrator has the right to modify administrator permissions for the specified public folder.

  • ModifyPublicFolderDeletedItemRetention   The administrator has the right to modify the Public Folder Deleted Item Retention attributes (RetainDeletedItemsFor, UseDatabaseRetentionDefaults).

  • ModifyPublicFolderExpiry   The administrator has the right to modify the Public Folder Expiration attributes (AgeLimit, UseDatabaseAgeDefaults).

  • ModifyPublicFolderQuotas   The administrator has the right to modify the Public Folder Quota attributes (MaxItemSize, PostQuota, PostWarningQuota, UseDatabaseQuotaDefaults)

  • ModifyPublicFolderReplicaList   The administrator has the right to modify the replica list attribute for the specified public folder (Replicas).

  • AdministerInformationStore   The administrator has the right to modify all other public folder properties not defined above.

  • ViewInformationStore   The administrator has the right to view public folder properties.

  • AllExtendedRights   The administrator has the right to modify all public folder properties.

Identity

Required

Microsoft.Exchange.Configuration.Tasks.PublicFolderIdParameter

Use the Identity parameter to specify the GUID or public folder name that represents a specific public folder. You can also include the path using the format TopLevelPublicFolder\PublicFolder.

You can omit the parameter label Identity so that only the public folder name or GUID is supplied.

Instance

Required

Microsoft.Exchange.Management.MapiTasks.PublicFolderAdministrativeAceObject

The Instance parameter enables you to pass an entire object to the command to be processed. It is mainly used in scripts where an entire object must be passed to the command.

User

Required

Microsoft.Exchange.Configuration.Tasks.SecurityPrincipalIdParameter

The User parameter specifies the user principal name (UPN), domain\user, or alias of the user for whom rights are being removed.

Confirm

Optional

System.Management.Automation.SwitchParameter

The Confirm parameter causes the command to pause processing and requires you to acknowledge what the command will do before processing continues. You don't have to specify a value with the Confirm parameter.

Deny

Optional

System.Management.Automation.SwitchParameter

The Deny parameter is a switch which, if included, denies the permission specified.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

The DomainController parameter specifies the domain controller to use to write this configuration change to Active Directory. Use the fully qualified domain name (FQDN) of the domain controller that you want to use.

InheritanceType

Optional

System.DirectoryServices.ActiveDirectorySecurityInheritance

The InheritanceType parameter specifies the type of inheritance. Valid values are:

  • None

  • All

  • Descendents

  • SelfAndChildren

  • Children

Server

Optional

Microsoft.Exchange.Configuration.Tasks.ServerIdParameter

The Server parameter specifies the server on which to perform the selected operations.

WhatIf

Optional

System.Management.Automation.SwitchParameter

The WhatIf parameter instructs the command to simulate the actions that it would take on the object. By using the WhatIf parameter, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf parameter.

Input Types

Return Types

Errors

Error Description

 

Exceptions

Exceptions Description

 

Example

In the example, the ViewInformationStore permission is removed from a user named Chris on the public folder named MyPublicFolder.

Remove-PublicFolderAdministrativePermission -User Chris -Identity \MyPublicFolder -AccessRights ViewInformationStore

Use the Remove-PublicFolderClientPermission cmdlet to remove user permissions from a public folder.