0

I am running Outlook 2010, Exchange 2010, and Windows Server Std 2012. I want to view the owner and permissions of a shared folder for an email user without prior knowledge through the exchange shell.

The Scenario

In outlook, user1 creates a folder named “shared” under their mailbox. User1 then adds permissions to said folder allowing user2 to read and write. User2 then adds the folder named “shared” by utilizing outlook’s “Add another person's mailbox” found in the email account settings. The shared folder will now replicate any data that is place in it by either user.

From the exchange management shell, how can I tell that User2 has access to a share folder in User1’s mailbox without knowing about User1 or that a share even exists? I have tried several commands and scripts found on the internet; however my guess is the mailbox/folder permissions are stored in exchange for User1, but offline for User2.

If needed, I can provide links to scripts and list of commands tomorrow.

Update #1 10/29/2013

Get-MailboxFolderPermission only produces permissions for specific folders i.e. Get-MailboxFolderPermission -Identity User2:/foldername. This will not work because when I run Get-MailboxFolderStatistics -Identity userid, which lists all folders for a user, the shared folder does not appear. More So, when user the Get-MailboxFolderPermission -Identity User2:/shared it too does also not work. But remember, I’m trying to deduce the presence of a shared folder without prior knowledge.

So if it doesn’t list it as a folder it must be a mailbox right? Cause, after all, I am using the “Add another person's mailbox” in outlook to add this shared folder. However, Get-Mailbox userid | Get-MailboxPermission does not show that User2 has permission to access User1 shared folder under their mailbox.

In addition, I have also tried the script found here http://exchangeblog.pl/en/2013/03/list-exchange-mailbox-folder-permissions-script/ that list all folder permissions in a mailbox.

Now if i take the commands above and point them to User1, I can see a folder name shared and User2 permissions. However, once again, In my scenario, I do not know about User1 or a shared folder exists.

Update #2 10/30/2013

It is not a public folder as it was 1) not configured in that manner and 2) does not show when any of the Get-PublicFolder commands are used.

GGberry
  • 929
  • 5
  • 21
user1988178
  • 1
  • 1
  • 1
  • 2

1 Answers1

0

Use Get-MailboxFolderPermission to get the delegate permissions on mailbox folders.

http://technet.microsoft.com/en-us/library/dd335061(v=exchg.141).aspx

Note this cmdlet uses a rather odd Identity syntax primarysmtpaddress\folder path to specify the folder to get the permission on.

mjolinor
  • 66,130
  • 7
  • 114
  • 135
  • I have tired this command without any luck. See Update #1 above. – user1988178 Oct 29 '13 at 12:55
  • It's starting to sound like this is a public folder, and not a mailbox folder. The first thing to do is figure out exactly what kind of folder you're dealing with. – mjolinor Oct 29 '13 at 13:39
  • It is not a public folder as it was 1) not configured in that manner and 2) does not show when any of the Get-PublicFolder command is used. – user1988178 Oct 30 '13 at 13:20
  • The folder not showing up in the folder statistics seems to point to some issue with the folder itself. Does this folder show up if the user opens the mailbox in OWA? – mjolinor Oct 30 '13 at 13:37
  • For User1 yes, for User2 no. But remember in my scenario I do not know about user1. My research thus far has lead me to believe that nothing is stored under User2 in exchange regarding the shared folder. – user1988178 Oct 30 '13 at 19:00
  • That would be correct. It's like finding NTFS permissions. You have to look at the ACLs on the files - there's nothing in user account that says where they've been granted permissions. – mjolinor Oct 30 '13 at 19:08
  • Thx for the help, I will start looking at ACLs – user1988178 Oct 31 '13 at 15:31