This may be more of an Exchange question than an Outlook question, but I am not sure...
I work at a state agency and we have outdated hardware and software for the most part. Our on-prem environment is Exchange 2003 and our clients are a mix of Outlook 2007 and Outlook 2010. We are preparing for a migration to Microsoft's cloud-hosted email sometime this summer. One of our largest tasks so far has been moving data out of existing Public Folders. Ultimately, we would like to have our conference rooms and such be treated as actual resources, but for right now we created group mailboxes and placed the shared calendars in the appropriate mailboxes.
For example, in the mailbox IT Shared Calendars, there are two calendars: Test Lab 1 and Test Lab 2.
Our entire IT Division is listed on the permissions for the mailbox as None, but with the folder visible box checked. Users are able to open the mailbox within their Outlook profiles with no problem.
Permissions are also set at the calendar level, with the IT Division having Author permissions.
So an IT person can open the mailbox and he/she only sees the two shared calendars, not any of the default mailbox folders.
We discovered yesterday that a user with no special permissions can create a meeting request from the shared calendar and actually send out meeting invitations. I received a meeting invitation from IT Shared Calendars instead of John Smith. We want users to put appointments on the calendars, but not send out meeting invitations. But I don't know where the ability is coming from. Is there an Exchange setting somewhere that we missed? Is there a different permission level that we can set?
Since this is a temporary solution, we don't want to spend a lot of time on it, but I'd like to make a decent effort before giving up and putting the responsibility back on the users.
Our Exchange admin is available if I need to provide further details or clarification.
Thank you.
I work at a state agency and we have outdated hardware and software for the most part. Our on-prem environment is Exchange 2003 and our clients are a mix of Outlook 2007 and Outlook 2010. We are preparing for a migration to Microsoft's cloud-hosted email sometime this summer. One of our largest tasks so far has been moving data out of existing Public Folders. Ultimately, we would like to have our conference rooms and such be treated as actual resources, but for right now we created group mailboxes and placed the shared calendars in the appropriate mailboxes.
For example, in the mailbox IT Shared Calendars, there are two calendars: Test Lab 1 and Test Lab 2.
Our entire IT Division is listed on the permissions for the mailbox as None, but with the folder visible box checked. Users are able to open the mailbox within their Outlook profiles with no problem.
Permissions are also set at the calendar level, with the IT Division having Author permissions.
So an IT person can open the mailbox and he/she only sees the two shared calendars, not any of the default mailbox folders.
We discovered yesterday that a user with no special permissions can create a meeting request from the shared calendar and actually send out meeting invitations. I received a meeting invitation from IT Shared Calendars instead of John Smith. We want users to put appointments on the calendars, but not send out meeting invitations. But I don't know where the ability is coming from. Is there an Exchange setting somewhere that we missed? Is there a different permission level that we can set?
Since this is a temporary solution, we don't want to spend a lot of time on it, but I'd like to make a decent effort before giving up and putting the responsibility back on the users.
Our Exchange admin is available if I need to provide further details or clarification.
Thank you.