skip to Main Content

Set default calendar permissions for all users with PowerShell

The default calendar sharing permissions in Exchange Online are set as AvailabilityOnly. What if you want to change that? It’s possible to change default calendar permissions for the users one by one, but that will take time. Another way is to set default calendar permissions for all users with a PowerShell script. Let’s find out how.

Information

A lot of companies want the default calendar set as LimitedDetails instead of the default AvailablityOnly. That’s because you will see more information in the calendar item of your colleagues.

How it looks with permission AvailabilityOnly:

Set default calendar permissions for all users with PowerShell AvailabilityOnly

How it will look with permission LimitedDetails:

Set default calendar permissions for all users with PowerShell LimitedDetails

In the previous article, we looked at how to manage calendar permissions in Office 365 with PowerShell. Please do have a read and get yourself familiar with the commands.

What if you want to set the default for all the users’ calendars? Will you run the Set-MailboxFolderPermission command for all the users one by one? That will take some time, and maybe you will forget a user. Let’s look at the next step about the PowerShell script that will do the work.

Prepare set default calendar permissions PowerShell script

Download the Set-DefCalPermissions.ps1 script or copy and paste the below code in Notepad. Give it the name Set-DefCalPermissions.ps1 and place it in the C:\scripts folder. Create a scripts folder if you don’t have one. Also, create a temp folder in C:\ drive. That’s where the script will place the transcript logs.

# Start transcript
Start-Transcript -Path C:\temp\Set-DefCalPermissions.log -Append

# Get all user mailboxes
$Users = Get-Mailbox -ResultSize Unlimited -RecipientTypeDetails UserMailbox

# Users exception
$Exception = @("CEO Mailbox", "CTO Mailbox")

# Permissions
$Permission = "LimitedDetails"

# Calendar name languages
$FolderCalendars = @("Agenda", "Calendar", "Calendrier", "Kalender", "日历")

# Loop through each user
foreach ($User in $Users) {

    # Get calendar in every user mailbox
    $Calendars = (Get-MailboxFolderStatistics $User.Identity -FolderScope Calendar)

    # Leave permissions if user is exception
    if ($Exception -Contains ($User)) {
        Write-Host "$User is an exception, don't touch permissions" -ForegroundColor Red
    }
    else {

        # Loop through each user calendar
        foreach ($Calendar in $Calendars) {
            $CalendarName = $Calendar.Name

            # Check if calendar exist
            if ($FolderCalendars -Contains $CalendarName) {
                $Cal = $User.Identity + ":\$CalendarName"
                $CurrentMailFolderPermission = Get-MailboxFolderPermission -Identity $Cal -User Default
                
                # Set calendar permission / Remove -WhatIf parameter after testing
                Set-MailboxFolderPermission -Identity $Cal -User Default -AccessRights $Permission -WarningAction:SilentlyContinue -WhatIf
                
                # Write output
                if ($CurrentMailFolderPermission.AccessRights -eq "$Permission") {
                    Write-Host $User.Identity already has the permission $CurrentMailFolderPermission.AccessRights -ForegroundColor Yellow
                }
                else {
                    Write-Host $User.Identity added permissions $Permission -ForegroundColor Green
                }
            }
        }
    }
}

Stop-Transcript

The PowerShell script will have some additions that will help you to meet some requirements for the organization:

  • Exclude users that you don’t want the script to run against. Add them in line 8. If you don’t need this feature, comment out lines 8, 23, 24, 25, 26 and 50.
  • Calendars are not always set in the English language. For example, in The Netherlands, it’s named Agenda. The script will check for the calendar names defined in line 14.
  • Change permission that you want to set for all the users in line 11.

In the next step, you are going to run the script and see it in action.

Bulk set default calendar permissions PowerShell script

Run Windows PowerShell as administrator and Connect to Exchange Online PowerShell. Change the directory to the script path and run Set-DefCalPermissions.ps1.

The script will go through all the mailboxes in Exchange Online. The -WhatIf parameter is added in the script on line 38. If you run the script, nothing will happen in the environment. You will get an output showing what will happen.

PS C:\> cd c:\scripts
PS C:\scripts>.\Set-DefCalPermissions.ps1
Transcript started, output file is C:\temp\Set-DefCalPermissions.log
CEO Mailbox is an exception, don't touch permissions
CTO Mailbox is an exception, don't touch permissions
What if: Setting mailbox folder permission "'LimitedDetails'" on "Carl Wallace:\Calendar" for user "Default".
Carl Wallace added permissions LimitedDetails
What if: Setting mailbox folder permission "'LimitedDetails'" on "Jan Smeets:\Agenda" for user "Default".
Jan Smeets added permissions LimitedDetails
What if: Setting mailbox folder permission "'LimitedDetails'" on "John Walker:\Calendar" for user "Default".
John Walker added permissions LimitedDetails
What if: Setting mailbox folder permission "'LimitedDetails'" on "Emma Stryker:\Calendar" for user "Default".
Emma Stryker added permissions LimitedDetails
Transcript stopped, output file is C:\temp\Set-DefCalPermissions.log

Remove the -WhatIf parameter from the PowerShell script and rerun the script. The default calendar sharing permissions for all users are set.

PS C:\scripts>.\Set-DefCalPermissions.ps1
Transcript started, output file is C:\temp\Set-DefCalPermissions.log
CEO Mailbox is an exception, don't touch permissions
CTO Mailbox is an exception, don't touch permissions
Carl Wallace added permissions LimitedDetails
Jan Smeets added permissions LimitedDetails
John Walker added permissions LimitedDetails
Emma Stryker added permissions LimitedDetails
Transcript stopped, output file is C:\temp\Set-DefCalPermissions.log

Verify default calendar permissions

The output will show in the Windows PowerShell console. Not only that, it will show the output in a log because a transcript is added to the PS script. Go to the C:\temp folder and open the Set-DefCalPermissions.log file.

Set default calendar permissions for all users with PowerShell transcript

I hope this helped you to change default calendar permissions in Exchange Online.

Keep reading: Assign Office 365 licenses with Azure group-based licensing »

Conclusion

In this article, you learned how to set default calendar permissions for all users with the Set-DefCalPermissions.ps1 PowerShell script. When you need to change the default calendar permissions for a lot of users, automate the process. It will save time, and you can always check the transcript logs with the changes.

Did you enjoy this article? You may also like New centers for Microsoft 365 security and compliance. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

This Post Has One Comment

  1. Hi,

    thanks for this script. I had one issue on Exchange Server 2019:

    Fehler beim Aufrufen der Methode, da [Microsoft.Exchange.Data.Directory.ADObjectId] keine Methode mit dem Namen
    “op_Addition” enthält.
    In C:\scripts\Set-DefCalPermissions.ps1:34 Zeichen:17
    + $Cal = $User.Identity + “:\$CalendarName”
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (op_Addition:String) [], RuntimeException
    + FullyQualifiedErrorId : MethodNotFound

    I could fix the issue by adding “.ToString()” in line 34:

    $Cal = $User.Identity.ToString() + “:\$CalendarName”

    Best regards from Germany
    Jan

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top