EXCHANGE   Exchange 2013 – Assign permissions to book room resources



I created some room mailboxes in Exchange 2010 and gave book permissions to some users using EMC (Exchange Management Console).

Now, after migrating all my mailboxes to Exchange 2013, I need to change some permissions on the room mailboxes. But no way to perform the changes in the web console.

The only way to view and modify booking permissions is by executing powershell commands (Get-CalendarProcessing and Set-CalendarProcessing).

Show the permissions

[PS] C:\> Get-CalendarProcessing "Test Room" | fl AutomateProcessing,*Policy

AutomateProcessing    : AutoAccept
RequestOutOfPolicy    : {}
AllRequestOutOfPolicy : False
BookInPolicy          : {}
AllBookInPolicy       : True
RequestInPolicy       : {}
AllRequestInPolicy    : False

Everyone has permissions to book directly – BookInPolicy (without being subject to approval by a delegate – RequestInPolicy)

Disable AllBookInPolicy

[PS] C:\> Set-CalendarProcessing "Test Room" -AllBookInPolicy $False
[PS] C:\> Get-CalendarProcessing "Test Room" | fl AutomateProcessing,*Policy

AutomateProcessing    : AutoAccept
RequestOutOfPolicy    : {}
AllRequestOutOfPolicy : False
BookInPolicy          : {}
AllBookInPolicy       : False
RequestInPolicy       : {}
AllRequestInPolicy    : False

Now no one has permissions. When trying, the "Declined" message will be received with the message "You don't have permission to book this resource".
You dont have permission to book this resource

Grant permissions to one user

[PS] C:\> Set-CalendarProcessing "Test Room" -BookInPolicy "user1@mydomain.com"
[PS] C:\> Get-CalendarProcessing "Test Room" | fl AutomateProcessing,*Policy

AutomateProcessing    : AutoAccept
RequestOutOfPolicy    : {}
AllRequestOutOfPolicy : False
BookInPolicy          : {/o=MYORG/ou=First administrative group/cn=Recipients/cn=user1}
AllBookInPolicy       : False
RequestInPolicy       : {}
AllRequestInPolicy    : False

Now the user with email user1@mydomain.com can book room resources.

Grant permission to more users

[PS] C:\> Set-CalendarProcessing "Test Room" -BookInPolicy "user1@mydomain.com","user2@mydomain.com"
[PS] C:\> Get-CalendarProcessing "Test Room" | fl AutomateProcessing,*Policy

AutomateProcessing    : AutoAccept
RequestOutOfPolicy    : {}
AllRequestOutOfPolicy : False
BookInPolicy          : {/o=MYORG/ou=First administrative group/cn=Recipients/cn=user1, /O=MYORG/OU=First administrative group/CN=RECIPIENTS/CN=user2}
AllBookInPolicy       : False
RequestInPolicy       : {}
AllRequestInPolicy    : False

When executing the command, it sets the BookInPolicy parameter, so we have to write as parameter not only the user to be added, but also the ones who already had the permissions granted.

A better way to add new users could be this:

[PS] C:\> Set-CalendarProcessing "Test Room" -BookInPolicy ((Get-CalendarProcessing -Identity "Test Room").BookInPolicy += "user2@mydomain.com")

 

3 thoughts on “Exchange 2013 – Assign permissions to book room resources

Leave a Reply

Your email address will not be published. Required fields are marked *