Setting Calendar permissions right after mailbox creation

Customer is running Exchange 2013 with approx. 2500 mailboxes. When looking at calendars and sharing information through the availability service only the availability (free, busy or tentative) is shown. No details are shown by default.

Customer now request to publish more information so that users that want to schedule a meeting can see the details of other user’s appointments. This should not only be configured for existing users, but new users should receive this setting directly when provisioned.

For example, when configuring this for a user called Kim Akers ( for all users you can use the following Exchange PowerShell command:

Set-MailboxFolderPermission kima:\Calendar -User Default -AccessRights Reviewer

When scheduling a meeting with Kim Akers I can now see her appointment details in Outlook, and I can open the appointment to see all details (read-only) of this appointment as shown in the following two screenshots:



Note. Check the Set-MailboxFolderPermission article on Microsoft TechNet for all details regarding the permissions that can be assigned.

One thing though, you have to be careful with the language setting. If the user has configured the Mailbox for the Dutch Language (nl-NL), you should use change the folder name, like this:

Set-MailboxFolderPermission kima:\Agenda -User Default -AccessRights Reviewer

For existing users, this is easy to configure, just use the previous PowerShell command. When creating new Mailbox you can use the cmdlet extenstion agent in Exchange Powershell. This is explained in the Cmdlet Extension Agents Part 2: Postconfiguring Mailboxes blogpost written by Michel de Rooij.

To avoid the language setting issue you can use the Get-MailboxFolderStatistics cmdlet and read the name of the first (calendar) folder. This name is used in the Set-MailboxFolderPermission command.

When configuring the cmdlet extension for the New-Mailbox command the following XML needs to be created:

<?xml version="1.0" encoding="utf-8" ?>
<Configuration version="1.0">
<Feature Name="MailboxProvisioning" Cmdlets="New-Mailbox,Enable-Mailbox">
<ApiCall Name="Validate">
# Makes sure readOnlyIConfigurable is available in OnComplete
<ApiCall Name="OnComplete">
$DC = [string]($readOnlyIConfigurable.OriginatingServer)
$Identity= [string]($readOnlyIConfigurable.Identity)
If($succeeded) {
  $TimeOut= (Get-Date).AddSeconds(120)
  While( -not( Get-Mailbox -Identity $Identity -DomainController $DC) -and (Get-Date -lt $Time)) {
  Sleep 1
$CalendarIdentity= ('{0}:\{1}' -f $Identity, (Get-MailboxFolderStatistics -Identity $Identity -FolderScope Calendar -DomainController $DC| Select -First 1).Name)
Set-MailboxFolderPermission -Identity $CalendarIdentity -User Default -AccessRights Reviewer -DomainController $DC

Note. Special thanks to Michel de Rooij for troubleshooting my provisioning issues here πŸ™‚

Store this file using the ScriptingAgentConfig.xml filename in the C:\Program Files\Microsoft\Exchange Server\V15\Bin\CmdletExtensionAgents directory on the Exchange 2013 server. If you have multiple Exchange servers you have to repeat this on all Exchange servers. If you forget one server you might run into the following error:


To enable the Cmdlet Extension agents you have to enable the Cmdlet extension agent on all your Exchange servers using the following PowerShell command:

Enable-CmdletExtensionAgent “Scripting Agent”

When implemented a new Mailbox is created and the requested permissions are set.

More information

Set-MailboxRegionalConfiguration –

Standard Date and Time Format Strings –

5 thoughts on “Setting Calendar permissions right after mailbox creation”

  1. I have been looking for hours, before finding your script, trying all the solutions, with manual setting of Calendars and setting/configuring sharing policies.

    The manuel changes solved it, for the users that did not have the correct Access Rights.

    But your script makes sure, that I don’t forget to set the rights correctly, on new users.

    I love automation, it reduces the workload, and makes administration a lot easier.

    I tried searching for “how to set default calendar rights on exchange 2016”, without finding anything usefull.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s