You would like to grant a distribution group configured in an Exchange 2013 organization permissions to a resource calendar:
… so you open up the properties of the group:
… and change the Group type from Distribution to Security:
You proceed to use the Add-MailboxFolderPermissions cmdlet to add the distribution group as a reviewer but receive the following error:
Add-MailboxFolderPermission “<ResourceMailBox>:\calendar” -user <SMTPofGroup> -accessrights “Reviewer”
The user “<SMTPofGroup>” is either not valid SMTP address, or there is no matching information.
+ CategoryInfo: NotSpecified (:) [Add-MailboxFolderPermission], InvalidExternalUserIdException
+ FullyQualifiedErrorId : [Server=<serverName>,RequestId=3ad24ea6-18c4-4abd-97da-f875f50790c5,TimeStamp=1/16/2015 2:04:35 PM] [FailureCategory=Cmdlet-InvalidExternalUserIdException] E4DC5802,Microsoft.Exchange.Management.StoreTasks.AddMailboxFolderPermission
+ PSComputerName : <serverName.FQDN>
There are actually a few reasons why the error message above would be thrown and the obvious one is if the group isn’t a security group or, as the error message indicates, the SMTP address specified is not valid but for the situation I encountered, it wasn’t as obvious until I tried opening the resource calendar’s properties and add it via the GUI which was when I received the following error:
One or more users cannot be added to the folder access list.
Non-local users cannot be given rights on this server.
Seeing this error message immediately reminded me that because I had converted the group from distribution to security, I needed to set the group to restrict members from removing their membership with the following cmdlet:
Set-Distributiongroup -identity <GroupName> -MemberDepartRestriction Closed
Once I successfully executed the cmdlet above, I was then able to add the group as a reviewer to the resource mailbox’s calendar: