This article applies to:
Exchange 2016

PROBLEM
In public folders client permissions, you are missing entries for Default and/or Anonymous user roles. Those roles are present by default, however in some earlier versions of Exchange, it was technically possible to delete them. So you can end up with inheriting public folders that are missing those permissions.

What are those permissions used for?

Default is applied to any Exchange authenticated users that are not explicitly listed. For example John is an Exchange user and tries to access a public folder.  If there is no permission entry for user John present, the value of Default will be applied to him.
Anonymous is used if you have want give external non-Exchange users access to your public folders.

If those entries are missing, this can cause different problems with access rights processing. Which in end effect can cause crashing of applications that need access public folders. Or public folder client permissions not being processed and applied correctly.

In order to fix this, you can use the PowerShell script given below.
The script will automatically check all your public folders for Default and Anonymous are present and if not it will create entries:
Default with Access Permission FolderVisible 
Anonymous with Access Permission None

The script does not touch existing entries.

You can of course customize the script to you needs, for example to define other type of permissions, if needed.

Copy to Clipboard

This script can also be downloaded from Microsoft TechNet Gallery.

Dejan Foro