View only shared calendar

Question

We have a client with a specific requirement.

They want a shared calendar which will show a list of holidays, but only the owner of the calendar can add events, the members shouldn't have the permissions to update or create new event in the shared calendar. Also any new member added to the group should have access to the calendar without them having to accept the invite or request to join.

We tried creating a Microsoft 365 group with sharing the calendar but there is no setting to have view only access to the calendar in outlook.

we tried creating a shared calendar from a work account and sent the mail to a mail-enabled security group but users who were added after the invite was sent did not get calendar access.

Answer 1

Hi @Shreya Bhurkuse  

Thank you for posting your question in the Microsoft Q&A forum.  

To meet the requirement of a shared calendar that everyone can view but only admins can edit, you can configure a Shared Mailbox and set appropriate permissions. 

1.Create a Shared Mailbox 

New-Mailbox -Shared -Name "<MailboxName>" -DisplayName "<Mailbox Display Name>" -Alias <MailboxAlias>  

2.Set calendar permissions (read-only for users) 

Set-MailboxFolderPermission "<MailboxEmail>:\Calendar" -User Default -AccessRights Reviewer 

This ensures all users can view the calendar but cannot add or modify events. 

3.Grant mailbox access via a security group  

Add-MailboxPermission -Identity <MailboxEmail> -User <SecurityGroupEmail> -AccessRights FullAccess -AutoMapping $true 

4.Give admin edit access to the calendar 

Add-MailboxFolderPermission "<MailboxEmail>:\Calendar" -User <AdminAccountEmail> -AccessRights Editor 

5.Verify permissions 

Get-MailboxFolderPermission "<MailboxEmail>:\Calendar" 

If you add a new member to the security group later, they automatically inherit FullAccess to the mailbox, but the calendar folder permissions aren’t automatically applied to them. To grant the new user Reviewer access, you can either: 

-Run Add-MailboxFolderPermission for the individual user, or 

-Use a PowerShell script to loop through all members of the security group and apply Reviewer permissions to the calendar folder. For example: 

$GroupMembers = Get-DistributionGroupMember -Identity <SecurityGroupEmail>  
foreach ($member in $GroupMembers) { 
    Add-MailboxFolderPermission -Identity <SharedMailboxEmail>:\Calendar -User $member.PrimarySmtpAddress -AccessRights Reviewer -ErrorAction SilentlyContinue 
} 

I hope this helps. 

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".   

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. 

Answer 2

Microsoft 365 Groups leverage the principle of "equal access" by default, each member gets edit access to all items stored in the group's mailbox, OneDrive or other associated resources. That said, for Calendar scenarios, Microsoft has introduced a method to grant read-only access, but it can only be toggled via PowerShell and the -CalendarMemberReadOnly switch:

Set-UnifiedGroup groupname -CalendarMemberReadOnly:$true -WhatIf

Toggling the switch till ensure any member of the group has a read-only access to the Calendar, while owners will preserve their "edit" rights.

Apart from that, you can also play with the Calendar folder permissions directly (again via PowerShell), but that's not an officially supported method. Just in case, you can find more details about it here: https://michev.info/blog/post/2760/managing-folder-level-permissions-for-office-365-groups

Alternatively, you can use a Calendar stored within a user/shared mailbox. This gives you a lot more granularity when it comes to configuring the permissions, but it lacks a bit when it comes to ensuring people can see/access said Calendar within their Outlook clients. With the upcoming "automapping" feature that should be solved (for the New Outlook client), but until then, you might have to instruct the users to add the shared Calendar manually.

Answer 3

To achieve a shared calendar where only the owner can add events and all members have view-only access, you can utilize the calendar sharing settings in Outlook. However, it is important to note that Microsoft 365 groups do not support the specific requirement of view-only access for shared calendars as you've experienced.

Here are some steps you can consider:

1. Create a Shared Calendar: Create a calendar in Outlook and share it with the desired users, granting them freeBusyRead or limitedRead permissions. This will allow them to see the calendar but not edit it.
2. Use Delegation: If you want to ensure that only the owner can add events, you might consider using delegation settings where the owner can manage permissions and restrict editing rights.
3. Adding New Members: For new members to automatically have access without accepting an invite, you may need to manage this through the calendar settings or consider using a different method of sharing, such as a shared mailbox, which might offer more flexibility in permissions.

Unfortunately, the current limitations in Outlook sharing settings may not fully meet your client's requirements as you've outlined. It may be beneficial to explore other solutions or third-party tools that can provide the specific functionality needed for managing shared calendars with strict access controls.

---

References:

• Share or delegate a calendar in Outlook
• Create Outlook events in a shared or delegated calendar