I have a problem where Users[1..10] have Full Mailbox Access to UserA's mailbox.
UserA, now wants to restrict access so that all the Users[1..10] have access except to the "Sent Items" and "Deleted Items". In this User2 & User3 should carry on having access as previously requested.
Is there a simple way for me to restrict access to the folder without having to remove the Full Mailbox Right permission and apply each individual's user rights on each specific folder?
Sorry if this has been asked before and answered. I did look but I think Google could not understand my query.
I am doing this via powershell as this will need to be repeated numerous times across multiple mailboxes.
referenced from https://stackoverflow.com/questions/43848808/how-do-i-restrict-specific-folders-for-a-user-with-full-mailbox-rights
Best Answer
No.
Full access trumps everything else as highest permissions wins with Exchange, so full mailbox is higher than folder level permission.
Therefore the only option is to remove Full Mailbox Access and grant permissions at a folder level.
You should be able to PowerShell something that grants the permissions to all folders in the mailbox, then removes the permissions on the required folders. However that would also mean that new top level folders would need the permissions changing on them (new sub folders inherit).