Script to help assign permisison to folders and subfolders

I thought that easy, when you have just 2 or 3 folders. How about 100 folder, it is still easy though if you know the script.

Get-MailboxFolderStatistics Mailboxname | where{ $_.folderpath -eq “/Foldername”) | Add-MailboxFolderPermission Mailbox -User Username -AccessRights “Level of access”

Unfortunately the above command won’t work. I found a script in a blog,

  1. Get-MailboxFolderStatistics Username – This gives the list of folders
  2. Filter a specific folder and it subfolder which needs access, where{ $_.folderpath.Contains(“//Foldername”)
  3. Assign permission Add-MailboxFolderPermission Mailbox -User Username -AccessRights “Level of access”

Putting al together

foreach( $Folder in (Get-MailboxFolderStatistics username | where{ $_.folderpath.Contains(“/Foldername”) -eq $true } ))
$FPath = “Mailbox Name:” + $Folder.folderpath.replace(“/”,”\”);
Add-MailboxFolderPermission Mailbox -User Username -AccessRights “Level of access”

  • Foreach is to help choose each folder and assign permission.
  • $FPath = “Mailbox Name:” + $Folder.folderpath.replace(“/”,”\”) – This is to get the complete path of the subfolder


Shared Mailbox Permission – Bug

Recently i got into a situation where i had to streamline the permissions that are given to the shared mailbox.  So i’ve decided to do that in the following ways

1. Create a Shared mailbox
2. Create a group for the shared mailbox
3. Add the users to the Group who needs permission
4. Give permission to the Group on the shared mailbox

Everything went fine. Permissions are set. But users inside the group started reporting that they cannot see the folders in the shared mailbox.  So i’ve started to check all the permission and nothing seem to give a clue


I gave permission to a user on the shared mailbox – cool, folders shows up. Seems so wired. how can a user object works but not the Group. I just thought i can try adding the group from the outlook – perfect, folders shows up.


When you give permission to the shared mailbox throught powershell, you will experience the issue. Instead either give permission to the user object or add the group from the outlook.

Hope this was informative.


Deleting a particular email in Exchange 2010

Recently I’ve encountered a scenario to delete a particular message with a certain subject. Which is no big deal

Export-Mailbox -TargetMailbox “To Mailbox to which you wanted to copy the mails” -TargetFolder ” To Delete” -SenderKeywords “Sender id” -SubjectKeywords ”Subject of the mail that you want to delete” –DeleteContent

The above command will search the Mail which matches the “Sender id” and “Subject.

Hmm. But the above command only applies to Exchange 2007 only. So what if you want to delete an email in Exchange 2010. I googled around and i came across reading lot things, but couldnt get to the bottom.

After an hour i’ve zeroed down to the following command

Get-Mailbox | Search-Mailbox -DeleteContent -SearchQuery “sub:Subject of the message”,from:”Senderemail address”

This will search all the mailbox in the organisation [ you can use -ResultSize unlimited to include more than 1000 users] for the mail that matches the subject and the sender email address. -DeleteContent will delete those emails.

Along with this, using -TargetMailbox “Mailbox” will copy the mails and summary of the Deletion.


Exchange Administrators Tools

Below are some tools which each exchange administrator has to know:



The Exchange Pre-Deployment Analyzer

The Exchange Best Practices Analyzer

The Mailflow Troubleshooter

Remote Connectivity Analyzer

Message Tracking

Queue Viewer

Performance Troubleshooter

The Exchange Management tools



Network Monitor


Microsoft SPF Record Wizard



ExFolders (PFDavAdmin in Exchange 2010)

You can also find this article here.

How to find a UMUser with a particular extension

To find a UMUser who has a extensioni “xxxx” using powershell

get-ummailbox | where { $_.Extensions -eq “xxxx” }


get-ummailbox | ForEach { If($_.Extensions -eq xxxx){$.DisplayName}}

To find a UMUser who has a extensioni “xxxx” using powershell

EMC and use a filter for email addresses using either contain or starts with method. Then in the filter use EUM:xxxx

Script doesn’t work – E14 bug

When you follow the article

Exchange Test CAS Connectivity user gets locked out when using Exchange 2010 MP

I followed this article.  After running the script New-TestCasConnectivityUser.PS1, it locks the CAS user account created by running the script gets locked out.

After you make changes as recommended in the article, will break the outlook anywhere in E14.  I faced this problem in two different organization.

It appears to be a bug!!! Any body has a solution?