Exchange Availabilty - Cross-Forest/Trusted - Calendar Permissions

  • Thread starter BenjaminA
  • Start date Views 1,951
Status
Not open for further replies.
B

BenjaminA

Can someone explain how I can grant granular permissions to my calendar to another user in a different forest? It's a trusted forest and we're using the availability service for cross-forest lookups. The users in the remote forest are contacts in my domain. When I goto the permissions of my calendar it won't let apply permissions for contacts, just users. All the Microsoft documentation says a benefit of a trusted cross forest is the ability to grant granular access to the calendar.

Thanks
 
E

Ed Crowley [MVP]

Contacts are not security principals. I don't know how you add folder rights to someone without them being in your GAL, and that means the user account being in your forest. You could migrate the account from the other forest to yours using ADMT, which would give it SID history, and then mailbox-enabling the account in your forest. Maybe someone else will have some other way, but I don't have anything easier to suggest.Ed Crowley MVP " There are seldom good technological solutions to behavioral problems."
 
B

BenjaminA

I understand not being able to assign rights to a contact, but in a cross (trusted) forest, we should be able to assign the rights to their account. Does anyone know how to assign rights to a calendar using powershell?
 
E

Ed Crowley [MVP]

I'm not aware of any PowerShell cmdlets that operate on folders.

A user in one forest can be granted rights on a mailbox because that's conferred through NT rights. To grant folder rights, I believe you're going to have to create a mailbox-enabled user in the forest and use it to grant rights. You can hide it from the directory later if you want.

Ed Crowley MVP " There are seldom good technological solutions to behavioral problems."
 
Status
Not open for further replies.
Top