Problem
You would like to grant a distribution group configured in an Exchange 2013 organization permissions to a resource calendar:
… so you open up the properties of the group:
… and change the Group type from Distribution to Security:
You proceed to use the Add-MailboxFolderPermissions cmdlet to add the distribution group as a reviewer but receive the following error:
Add-MailboxFolderPermission “<ResourceMailBox>:calendar” -user <SMTPofGroup> -accessrights “Reviewer”
The user “<SMTPofGroup>” is either not valid SMTP address, or there is no matching information.
+ CategoryInfo: NotSpecified (:) [Add-MailboxFolderPermission], InvalidExternalUserIdException
+ FullyQualifiedErrorId : [Server=<serverName>,RequestId=3ad24ea6-18c4-4abd-97da-f875f50790c5,TimeStamp=1/16/2015 2:04:35 PM] [FailureCategory=Cmdlet-InvalidExternalUserIdException] E4DC5802,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission
+ PSComputerName : <serverName.FQDN>
Solution
There are actually a few reasons why the error message above would be thrown and the obvious one is if the group isn’t a security group or, as the error message indicates, the SMTP address specified is not valid but for the situation I encountered, it wasn’t as obvious until I tried opening the resource calendar’s properties and add it via the GUI which was when I received the following error:
Microsoft Outlook
One or more users cannot be added to the folder access list.
Non-local users cannot be given rights on this server.
Seeing this error message immediately reminded me that because I had converted the group from distribution to security, I needed to set the group to restrict members from removing their membership with the following cmdlet:
Set-Distributiongroup -identity <GroupName> -MemberDepartRestriction Closed
Once I successfully executed the cmdlet above, I was then able to add the group as a reviewer to the resource mailbox’s calendar:
10 Responses
Had same issue, this worked perfectly I changed group to closed as specified and ws able to add the security DL with permissions. . . thanks so much! Jeanne Sophia
I had the exact same issue, and it was driving me crazy. Now it's solved. Thank you for your post!
Just ran into this issue and that solved it.
Where is the requirement to have Member Depart Restriction set to closed documented? I had never seen this before.
Thanks
Ryan
Thank you x 10!! This was so frustrating and your post had the only solution. Kudos to you.
Marcia
Thanks heaps for sharing your expertise – such a great help- well explained
This helped me too. The interesting part about it is, that "closed" was set already.
However I executed the command. Normally exchange warns you, that the command was completed successfully but no changes were made. Not in this case!
It was "closed" before, it is "closed" now, but somehow i can execute my "add-mailboxfolderpermission"-command …
Are there two states of "closed"?
Thanks a lot, saved me hours…
Thanks, I had the exact same problem. Fixed.
Thank you. Had this exact problem. fixed.
Thank you for the solution!