Sets the NT or Exchange security permissions of a user's mailbox.
Set-DRAExchangeMailboxPermissions -Domain <String> [-IsNTSecurity <SwitchParameter>] [-PreWindows2000Name <String>] [-Allow <String[]>] [-Deny <String[]>] [-Undo <String[]>] -Identifier <String> [-DRARestServer <String>] [-DRARestPort <Int32>] [-IgnoreCertificateErrors <SwitchParameter>] [-Force <SwitchParameter>] [-Timeout <Int32>] [<CommonParameters>]
The Set-DRAExchangeMailboxPermissions cmdlet sets the NT or Exchange security permissions on the specified user account managed in DRA. The requesting user must have the View All Group Properties power.
|
Attribute / Description |
Parameters / Values |
||||
|---|---|---|---|---|---|
|
Required |
Position |
Default Value |
Accept Pipeline input? |
Accept wildcard characters? |
|
|
IsNTSecurity [<SwitchParameter>] Specifies that the NT Security permissions on the mailbox should be returned. If the parameter is not specified, the Exchange security permissions will be returned. |
false |
named |
|
false |
false |
|
PreWindows2000Name [<String>] The pre-Windows 2000 name of the trustee to grant permissions to. |
false |
named |
|
false |
false |
|
Allow [<String[]>] Array of permission names the trustee will be granted Allow access for. |
false |
named |
|
false |
false |
|
Deny [<String[]>] Array of permission names the trustee will be given Deny access for. |
false |
named |
|
false |
false |
|
Undo [<String[]>] Array of permission names to remove for the trustee. |
false |
named |
|
false |
false |
|
Identifier <String> The name or distinguished name of an existing Active Directory object. When the name is specified, an additional call to the DRA Server is needed to obtain the distinguished name for the object. |
true |
named |
|
true (ByPropertyName) |
false |
|
Domain <String> The domain of the object in fqdn format. For example: mydomain.corp |
true |
named |
|
true (ByPropertyName) |
false |
|
DRARestServer [<String>] The name of the computer running the DRA Rest Service. The requested DRA operation will execute on this server. If the parameter is not specified, the value defaults to 'localhost'. |
false |
named |
|
true (ByPropertyName) |
false |
|
DRARestPort [<Int32>] The port where the DRA REST Service listens for requests. If the parameter is not specified, the value defaults to 8755. |
false |
named |
8755 |
true (ByPropertyName) |
false |
|
IgnoreCertificateErrors [<SwitchParameter>] Allows the request to bypass any SSL certificate errors, such as the InvalidOperation error that occurs when the REST Service is bound to a self-signed certificate. |
false |
named |
|
false |
false |
|
Force [<SwitchParameter>] Suppresses any request for user input and supplies a 'yes' response. For example: -Force with a delete request will perform the delete without presenting the confirmation request to the user. |
false |
named |
|
false |
false |
|
Timeout [<Int32>] The number of seconds to wait before the request to the DRA REST server times out. To specify an infinite timeout, you can set this parameter to -1. |
false |
named |
100 seconds |
true (ByPropertyName) |
false |
|
<CommonParameters> Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see About CommonParameters. |
|
|
|
|
|
NOTE:For more information, type "Get-Help Set-DRAExchangeMailboxPermissions -detailed". For technical information, type "Get-Help Set-DRAExchangeMailboxPermissions -full".
Example 18-7 1
PS C:\>Set-DRAExchangeMailboxPermissions -Domain MyDomain.corp -Identifier "CN=USER123,OU=Accounting,DC=MyDomain,DC=corp" -PreWindows2000Name "MyDomain\User18B" -Allow "ntSendAs" -Deny "ntReceiveAs" -IsNTSecurity
This example sets the Exchange mailbox permissions of the user named USER123 in MyDomain.corp. The identifier contains the distinguished name for the user. User18B is allowed the ntSendAs permission and denied the ntReceiveAs permission.
Possible values for Allow or Deny Exchange permissions are: ExDelStor, ExCPerms, ExFullControl, ExAssocX, ExRPerms, ExTakeOwn. Possible values for Allow or Deny NT permissions are: ntSendAs, ntReceiveAs. You must specify the -IsNTSecurity flag with these.
Example 18-8 2
PS C:\>Set-DRAExchangeMailboxPermissions -Domain MyDomain.corp -Identifier "CN=USER123,OU=Accounting,DC=MyDomain,DC=corp" -PreWindows2000Name "MyDomain\User18" -Allow "ExRPerms","ExAssocX" -Deny "ExAssocX","ExTakeOwn"
This example sets the Exchange mailbox permissions of the user named USER123 in MyDomain.corp. The identifier contains the distinguished name for the user. User18 is allowed read permission and denied an associated external account.Possible values for Allow or Deny Exchange permissions are: ExDelStor, ExCPerms, ExFullControl, ExAssocX, ExRPerms, ExTakeOwn.Possible values for Allow or Deny NT permissions are: ntSendAs, ntReceiveAs. You must specify the -IsNTSecurity flag with these.