add calendar permissions office 365 powershell
  »  Add Calendar Permissions in Office 365 via Powershell

Add Calendar Permissions in Office 365 via Powershell


This is a tutorial on how to add calendar permissions in Office 365 for your users via Powershell. You can add permissions onto a specific mailbox, or you can add it onto a security group.

By default, Exchange (and Office 365) users can’t view messages or calendar items of other users. The only permission that is provided to all users by default is the ability to view free/busy information in the calendar of other users (AvailabilityOnly role).

Office 365 Calendar Permissions

Step 1

The first is step is to launch Windows PowerShell. We recommend running it as Administrator.

set calendar permissions office 365 powershell

Step 2

Run the following command to login to 365 via Powershell and login with your Office 365 admin credentials:

$LiveCred = Get-Credential

calendar permissions office 365 powershell

Step 3

Now you need to create a new session:

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic –AllowRedirection

Step 4

Now you need to import the Office 365 session:

Import-PSSession $Session

powershell office 365 calendar permissions

Step 5

 

You can view current calendar permissions of the specified mailbox by using following:

Get-MailboxFolderPermission username:\calendar

As you can see by default on a calendar folder assigned only AvailabilityOnly role.

office 365 calendar permissions

You can get the list off all user’s calendars default permissions using the following command:

Get-Mailbox –database mbxdbname| ForEach-Object {Get-MailboxFolderPermission $_”:\calendar”} | Where {$_.User -like “Default”} | Select Identity, User, AccessRights

Step 6

You can use these available access roles:

  • Owner — read, create, modify and delete all items and folders. Also this role allows manage items permissions;
  • PublishingEditor — read, create, modify and delete items/subfolders;
  • Editor — read, create, modify and delete items;
  • PublishingAuthor — read, create all items/subfolders. You can modify and delete only items you create;
  • Author — create and read items; edit and delete own items NonEditingAuthor – full read access and create items. You can delete only your own items;
  • Reviewer — read only;
  • Contributor — create items and folders;
  • AvailabilityOnly — read free/busy information from calendar;
  • LimitedDetails;
  • None — no permissions to access folder and files.

Step 7

Now run the following command. In the example below, user2 would be able to open user1 calendar and edit it:

Add-MailboxFolderPermission -Identity user1@domain.com:\calendar -user user2@domain.com -AccessRights Editor

If you need to change the Default permissions for the calendar folder (in order to allow all users view calendar of the specified user), run the command:

Set-MailboxFolderPermission -Identity user1@domain.com:\calendar -User Default -AccessRights Reviewer

In some cases, you need to grant Reviewer permissions on a calendar folder in all mailboxes to all users in your Exchange organization. You can make this bulk permission change using simple PowerShell script. To change Default calendar permission for all mailbox in mailbox database to Reviewer:

Get-Mailbox –database mbxdbname | ForEach-Object {Set-MailboxFolderPermission $_”:\calendar” -User Default -AccessRights Reviewer}

To remove permission use Remove-MailboxFolderPermission cmdlet:

Remove-MailboxFolderPermission -Identity user1@domain.com:\calendar –user user2@domain.com

Now you can disconnect from Office 365 your session:

Remove-PSSession $Session

Alternative Script

Also see this 365 script for setting calendar permissions: Set Calendar Permission in Office 365 Exchange Online.

You may also like:

 Office 365 – “This message could not b... Error Message: This message could not be sent. Try sending the message again later, or contact your network administrator. Error is . You might be rec...
How to copy files with BITS using PowerShell? If you use local (and global) networks, you might know that files between systems are transferring by using SMB, FTP or HTTP protocols. The problem wi...
Removing Old and Unused Drivers from Driver Store ... Each time you install or update your device driver, Windows OS (since Vista) continues to store the old version of the driver in the system Driver Sto...
How to transfer FSMO Roles From a Failed Domain Co... In case domain controller, which owns FSMO (Flexible Single Master Operation) roles, is fail (virus attack, fatal software problems or catastrophic ha...
LZX — new Windows 10 NTFS compression algorithm Many of you may know that NTFS file system used by Windows 10 already has a built-in NTFS compression feature. But in Windows 10 Microsoft has added c...
Comments
  1. Posted by Jason Johnson

    I am getting the error that the [FailureCategory=Cmdlet-UserAlreadyExistsInPermissionEntryException]
    I am pretty sure they tried to setup sharing themselves and they have away/busy information only. Do you know of a way to change the permissions or remove them so I can add the PublishingEditor permissions they need?

    Reply
  2. Posted by cherdt

    Thanks, this is very helpful! (Jason’s comment about Use Set-MailboxFolderPermission for existing users was also helpful.)

    A couple things to add:
    – “None” is also an available role
    – You can specify “Default” for the user parameter

    Reply
  3. Posted by David North

    Awesome! Thanks!

    Reply
  4. Posted by Bobby Turkilino

    Is there an option to set everyones mailbox to reviewer access? i.e so everyone can have review access?

    Reply
  5. Posted by Daniel

    Great info

    Is it possible to use a group ( security / distribution ) to assign permissions rather than individual users ? We are looking at our resource calendars to do this on

    Reply
    • Posted by TheITBros

      Hey, Daniel!

      Create new security distribution group:
      New-DistributionGroup -Type Security -Name “Access to Resource Calendars” -Alias “grResourceCalendAcess”
      And add users to this group.
      Grant permissions to resource calendar:
      add-MailboxFolderPermission -Identity user_name:Calendar -User grResourceCalendAcess -AccessRights Owner

      Reply
      • Posted by Daniel

        Hey

        Awesome! Thanks for the reply!

        Cheers
        Daniel

        Reply
  6. Posted by The Peregrine

    STEP 2: Connecting to remote server failed…..

    Reply
  7. Posted by Frank

    I get an error when trying Import-PSSession $Session. It says “The term ‘Import’ is not recognized as the name of a cmdlet…etc.”

    This is quite archaic. Is there no way to do this through the admin portal?

    Reply
  8. Posted by Justin

    Worked fantastically!

    If used in tandem with the PowerShell for Office 365 tool (which essentially has all of the modules built in and starts you at the domain admin login step) then it’s literally a one command job.

    Very awesome 🙂

    Reply
  9. Posted by Craig

    Getting the following error in step 7 when I run
    Get-Mailbox –database mbxdbname | ForEach-Object {Set-MailboxFolderPermission $_”:\calendar” -User Default -AccessRights Reviewer}

    I get:
    A parameter cannot be found that matches parameter name ‘database’.
    + CategoryInfo : InvalidArgument: (:) [Get-Mailbox], ParameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Get-Mailbox
    + PSComputerName : ps.outlook.com

    Reply
    • Posted by daniel

      Getting this error too.

      Reply
    • Posted by trash81

      remove: –database mbxdbname

      Reply
  10. Posted by Steve

    Works well thanks. Annoying there is no GUI option in Exchange online but this will do.

    Reply
  11. Posted by Randy

    I recieve and error about Get-MailboxFolderPermission username:\calendar.

    Get-MailboxFolderPermission : The term ‘Get-MailboxFolderPermission’
    is not recognized as the name of a cmdlet, function, script file, or
    operable program. Check the spelling of the name, or if a path was
    included, verify that the path is correct and try again.
    At line:1 char:1
    + Get-MailboxFolderPermission
    username:\calenda …
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : ObjectNotFound: (Get-MailboxFolderPermis
    sion:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

    Anyone else seeing this?

    Thanks

    Reply
    • Posted by JakFrost

      Receiving the same error:
      A positional parameter cannot be found that accepts argument ‘Get-MailboxFolderPermission $_”:\calendar”’.
      + CategoryInfo : InvalidArgument: (:) [Get-Mailbox], ParameterBindingException
      + FullyQualifiedErrorId : PositionalParameterNotFound,Get-Mailbox
      + PSComputerName : ps.outlook.com

      Reply
  12. Posted by Marshel

    Heyhey!
    For me it says for “username:\calendar” that it cannot be found… Just “username” is found. Any ideas how to access the calendar now? 🙁

    Reply
    • Posted by Markus

      Hi, if the person has outlook in a different language then you need to use that language for the :\calendar.
      Example user1@domain.com:\calendar\kalender\calendario\calendrier

      Reply

Add Your Comment