I've been scouring the internet and so far have only been able to find examples of how to grant calendar permissions from one user to another using the Add-MailboxFolderPermission command. This is great and it was okay for when they only had a handful of users. But going forward it's not realistic to have to set individual calendar permissions for all calendars for each new user.
Layout of security groups already created. Each group has a few people assigned to it.
What I am trying to accomplish is set it up so that anyone that belongs to the Managers group can view the calendars of the Tech group. Admins can view and edit the Tech group.
I've found an example of adding just the security group name but I get an error of:
[PS] C:\Windows\system32>add-MailboxFolderPermission -Identity Techs:\Calendar -User "Admin" -AccessRights Owner
The user "Admin" is either not valid SMTP address, or there is no
+ CategoryInfo : NotSpecified: (0:Int32) [Add-MailboxFolderPermission], InvalidExternalUserIdException
+ FullyQualifiedErrorId : 39352699,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission
Am I creating groups wrong? Am I using the wrong commands?
Any guidance would be greatly appreciated.
The answer is that you can't do a group to group permission setting.
However, you can add security groups to a calender. This is how I got it to work.
Create a Security group that is Universal (Cannot be Domain or local). Add users to this security group. In Exchange, add a new distribution group and select this new Security group as the target group. After the group has been enabled as an "email enabled security group" you can assign the permissions for the person's calender to the group using this command:
Make sure to hide this group from the Global Address List to prevent errant emails from going to this group