Dear NC,
i have the following issue on an Exchange 2013CU1 System:
When I add a Public Folder and grant a specific Usergroup permissions the Folder is also visible in Outlook for all other Users. They cannot access this Folder but they can see it. After a Restart of Outlook the Folder is gone.....*strange* I have this issue with Outlook 2010 and 2013 and also on OWA.

I removed the default Access Rights:
Remove-PublicFolderClientPermission -Identity "\demo" -User Default
Remove-PublicFolderClientPermission -Identity "\demo" -User Anonymous

and add the wanted Usergroup:
Add-PublicFolderClientPermission -Identity "\demo" -User demo -AccessRights Owner

Get-PublicFolderClientPermission -Identity \demo |fl

RunspaceId   : 4c2a72f6-dd8a-428a-8069-ea9f92d06620
Identity     : \demo
FolderName   : demo
User         : Default
AccessRights : {None}
IsValid      : True
ObjectState  : New

RunspaceId   : 4c2a72f6-dd8a-428a-8069-ea9f92d06620
Identity     : \demo
FolderName   : demo
User         : Anonymous
AccessRights : {None}
IsValid      : True
ObjectState  : New

RunspaceId   : 4c2a72f6-dd8a-428a-8069-ea9f92d06620
Identity     : \demo
FolderName   : demo
User         : demo
AccessRights : {Owner}
IsValid      : True
ObjectState  : New

any ideas on that...??

-Bernd

In OWA you cannot see exchange 2013 public folders. Apply permission to the public folder as soon as you create it. If you apply proper permissions then only those user are able to view the folder.

This is wrong!
You can add Public Folders in Ex2013CU1 to Favorites.

In the mean Time this behavior has been adressed as an issue by MS Support.
When a solution becomes available i will post it here.

I got it man. You are right. You installed CU1 2013. I forgot to consider that.

Bernd,

This is a known behavior of Outlook. Outlook will refresh its cache for granted permissions faster than it does for revoked permissions. The permissions are still enforced on the server side, so even if users see folders and items they are not supposed to, any operation that is disallowed by the server will ultimately fail.

Is there any specific scenario that you are trying to accomplish by revoking permissions after the folder has been created? If this is the case where you want new folders to be created with a set of specific permissions but remain invisible from currently opened sessions in Outlook, there is a way for doing that on Exchange 2013: you can create the folders under NON_IPM_SUBTREE (which is invisible from Outlook), assign the proper permissions and finally move the folder under the proper parent (see Set-PublicFolder documentation, Path parameter).

Let us know if that fixes your question.

Hi Fred,
thanks for your answer! I have allready placed a Support Call at the MS Hotline for this issue.

First of all: this is not a good behavior and should IMHO be fixed very soon because of Compliance and Privacy rules. Users who do no have the right should not see the name the Public Folder!!!
I want to use this an a multi tenant eviroment where every tenant gets his own private public Folder Mailbox and Folder Structure. 

But even in "normal" enviroments this is a problem when Users can see the names of Folders they do not have the right for!!!

So in my eyes this is a real security and privacy issue not a behavior!

-Bernd