Public Folder

Remove public folder user with multiple access rights

Posted on Updated on

I have come across an issue where users are assigned different permissions on public folders and I need to remove them fast.

Here is a link where I got the idea on how to go about doing it:

And here is the final script that worked for me:  Example entries for user can be “*lastname*”, “*NT USER:*” for deleted users

$test = Get-PublicFolder “\public folder\folder1” -Recurse | Get-PublicFolderClientPermission | ?{$_.User -like “*user*“} $test | ForEach {Remove-PublicFolderClientPermission -Identity $_.Identity -User $_.User -AccessRights $_.AccessRights -WhatIf}

I hope this script would help other users out there who are running into the same issue as I am.  Please leave a comment if you have any questions.


Event 2028, MSExchangeIS Public Store, how to troubleshoot?

Posted on Updated on

Before I was able to figure out this issue, I have been receiving more than 100 of these alerts in Exchange.


The delivery of a message sent by public folder <publicfolder> has failed.





The non-delivery report has been deleted.


The event ID does not give you a lot of information and it is hard to figure out where this is coming from.

By default, mail-enabled Public Folders are not able to receive NDRs that is why you are seeing these alerts in the logs.

Here are the steps I took to figure out where the emails are being generated:

1.  Login to Exchange Management Console, open the Public Folder Management Console and drill down to the public folder mentioned in the event ID.

2.  Right-click on the public folder, properties, Mail Flow Settings, Delivery Options and then add an email address where you want all NDRs to be sent (All other emails are also forwarded just an FYI).  And DO NOT forget to check the box ‘Deliver message to both forwarding address and mailbox’ so that the regular emails are still being received on the mail-enabled public folder.

Once all settings above are setup, the NDRs will be forwarded to the email specified in the forwarding address field.  And the NDRs will give you all info you need as with a regular NDR.

In my case, the emails are being generated externally by our vendor and I had to quarantine the emails on our SPAM firewall so they no longer reach the Exchange Server.

I hope this helps.


I also added this same comment to the forum in


Get status of a Public Folder replication

Posted on Updated on

Run the powershell command

Set-ExecutionPolicy Unrestricted

To run the report and get a list of data objects returned that can be further processed, just call the script with no parameters:


If you’d like to export the HTML report to a file, then use the -Filename parameter:

.\Get-PublicFolderReplicationReport.ps1 -Filename “PublicFolderReplicationReport.html”

If you’d like to send an email, use the -SendEmail switch:

.\Get-PublicFolderReplicationReport.ps1 -SendEmail -To me@mydomain.local -From PFReport@mydomain.local -SmtpServer smtp.mydomain.local -Subject “Public Folder Replication Report”

Note: When using the -SendEmail switch, the -To, -From and -SmtpServer parameters are mandatory.

If you want to limit to only scanning specified servers, use the -ComputerName parameter:

.\Get-PublicFolderReplicationReport.ps1 -ComputerName @(“EXCH01”, “EXCH02”)

If you want to limit to only scanning specific Public Folders, use the -FolderPath parameter:

.\Get-PublicFolderReplicationReport.ps1 -FolderPath @(“\MyFolder1”, “\MyFolder2”)

If you want to scan a specific Public Folder and all subfolders, use the -Recurse switch:

.\Get-PublicFolderReplicationReport.ps1 -FolderPath “\MyFolderPath” -Recurse