Sets folder-level permissions for a user in mailboxes.
Set-DRAMailboxFolderPermissions -Domain <String> [-PreWindows2000Name <String>] [-Allow <String[]>] [-Deny <String[]>] [-Undo <String[]>] -Identifier <String> [-DRARestServer <String>] [-DRARestPort <Int32>] [-IgnoreCertificateErrors <SwitchParameter>] [-Force <SwitchParameter>] [-Timeout <Int32>] [<CommonParameters>]
The Set-DRAMailboxFolderPermissions cmdlet sets the folder-level permissions on the specified user account managed in DRA. The requesting user must have the Modify All Mailbox Rights power.
Attribute / Description |
Parameters / Values |
||||
---|---|---|---|---|---|
Required |
Position |
Default Value |
Accept Pipeline input? |
Accept wildcard characters? |
|
PreWindows2000Name [<String>] The pre-Windows 2000 name of the trustee to grant permissions to. |
false |
named |
|
false |
false |
Allow [<String[]>] Array of permission names the trustee will be granted ‘Allow access’ for. |
false |
named |
|
false |
false |
Deny [<String[]>] Array of permission names the trustee will be given ‘Deny access’ for. |
false |
named |
|
false |
false |
Undo [<String[]>] Array of permission names to remove for the trustee. |
false |
named |
|
false |
false |
Identifier <String> The name or distinguished name of an existing Active Directory object. When the name is specified, an additional call to the DRA Server is needed to obtain the distinguished name for the object. |
true |
named |
|
true (ByPropertyName) |
false |
Domain <String> The domain of the object in fqdn format. For example: mydomain.corp |
true |
named |
|
true (ByPropertyName) |
false |
DRARestServer [<String>] The name of the computer running the DRA Rest Service. The requested DRA operation will execute on this server. If the parameter is not specified, the value defaults to 'localhost'. |
false |
named |
|
true (ByPropertyName) |
false |
DRARestPort [<Int32>] The port where the DRA REST Service listens for requests. If the parameter is not specified, the value defaults to 8755. |
false |
named |
8755 |
true (ByPropertyName) |
false |
IgnoreCertificateErrors [<SwitchParameter>] Allows the request to bypass any SSL certificate errors, such as the InvalidOperation error that occurs when the REST Service is bound to a self-signed certificate. |
false |
named |
|
false |
false |
Force [<SwitchParameter>] Suppresses any request for user input and supplies a 'yes' response. For example: -Force with a delete request will perform the delete without presenting the confirmation request to the user. |
false |
named |
|
false |
false |
Timeout [<Int32>] The number of seconds to wait before the request to the DRA REST server times out. To specify an infinite timeout, you can set this parameter to -1. |
false |
named |
100 seconds |
true (ByPropertyName) |
true |
<CommonParameters> Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see About CommonParameters. |
|
|
|
|
|
NOTE:For more information, type "Get-Help Set-DRAMailboxFolderPermissions -detailed". For technical information, type "Get-Help Set-DRAMailboxFolderPermissions -full".
Example 18-9 1
PS C:\>Set-DRAMailboxFolderPermissions -Domain MyDomain.corp -Identifier "CN=ShardMailbox123,OU=Accounting,DC=MyDomain,DC=corp" -PreWindows2000Name "MyDomain\User18" -Allow "CreateItems","CreateSubfolders" -Deny "DeleteAllItems"
This example sets the mailbox folder permissions of the user named ShardMailbox123 in MyDomain.corp. The identifier contains the distinguished name of the user. User18 is allowed to create items and subfolders and is prevented from deleting all items in the folder.
Possible values for Allow or Deny folder permissions are: CreateItems, CreateSubfolders, DeleteAllItems, DeleteOwnedItems, EditAllItems, EditOwnedItems, FolderContact, FolderOwner, FolderVisible, and ReadItems.