Scripts for Public Folder Client Permissions Management in Exchange 2010

/

Exchange 2010 ships with some powerful scripts for managing Public Folder Client Permissions.

These scripts only apply to servers running Exchange 2007 or Exchange 2010, you can not specify a server running older versions of Exchange Server, although the Public Folder hierarchy can still be on an Exchange 2003, in case you want to add additional replicas etc (see my previous post).

The scripts are located together with the Exchange binaries, under: C:Program FilesMicrosoftExchange ServerScripts.

The scripts recursively goes through and updates your public folders replicas for every public folder in a hierarchy that you specify.

These scripts are used to manage the client or end-user permissions to Public Folders.

 

AddUserstoPFRecursive.ps1

This script can grant a specified user certain permissions to a public folder and its subfolders.  You can grant permissions to a user or to a group, as long as they are mail-enabled.

In the example below, Bob is added as a Reviewer of the “IT Department” folder and subfolders:

AddUsersToPFRecursive.ps1 –TopPublicFolder “IT Department” –User “Bob” –Permissions Reviewer

 

RemoveUserFromPFRecursive.ps1

This script can revoke permissions for a specified user to a public folder and its subfolders.

In the example below, Bob is removed from the “IT Department” folder and subfolders:

RemoveUserFromPFRecursive.ps1 –TopPublicFolder “IT Department” –User “Bob”

 

ReplaceUserPermissionOnPFRecursive.ps1

This script can replace existing permissions for a specified user with a new set of permissions, for on a public folder and all subfolders.

This is useful when you want to change the permissions that a user currently has on certain Public Folders.

In the example below, Bob’s permissions is changed from Reviewer to Publishing Editor of the Public Folder “IT Department” and all subfolders:

ReplaceUserPermissionOnPFRecursive.ps1 –TopPublicFolder “IT Department” –User “Bob” –Permissions PublishingEditor

ReplaceUserWithUserOnPFRecursive.ps1

This script can replace an existing user’s permissions to a certain Public Folder and all subfolders, to another user.

This is useful if there has been a staff change.

In the example below, Bob is being replaced with Alice of the “IT Department”Public Folder and all subfolders:

ReplaceUserWithUserOnPFRecursive.ps1 –TopPublicFolder “IT Department” –UserOld “Bob” –UserNew “Alice”