Public folder is appearing to unauthorized user in OWA

Question: Public folder visible to unauthorized user in OWA
 
Answer:
 
If you have created public folder or modified its permissions manually in the Exchange Server then there is a chance that such problem might appear because of incorrect permissions.
 
There are several cases for Public Folder permissions which could cause this issue:
 
Case 1: If Public Folder Client Permissions are assigned on '/' .
Case 2: If Public Folder Client Permissions are assigned on '/<Organization_Unit>'.
Case 3: If Public Folder Client Permissions are assigned on '/<Organization_Unit>/ChildPF'.
 
 
You can check PF Client Permissions i.e. permissions of the mailbox users for each of the three cases mentioned above by following the instructions given below:
 
 
To see the Public Folders permission on root public folder and child public folders run following command.
 
Case 1 ( To check PF Client Permissions for root OU ):  To see the PF Client permissions on root OU, following command can be executed from Exchange Management Shell (EMS):
 
Get-PublicFolderClientPermission -Identity '\'
 
Case 2 ( To check PF Client Permissions for specific OU ):  To see the PF Client permissions on an OU, following command can be executed from Exchange Management Shell (EMS):
 
Get-PublicFolderClientPermission -Identity '\<Organization_Unit>'
 
 
Case 3 ( To check PF Client Permissions for child PF under the OU ):  To see the PF Client permissions on Child Public Folder under the OU, following command can be executed from Exchange Management Shell (EMS):
 
Get-PublicFolderClientPermission -Identity '\<Organization_Unit>\<Child_Public_Folder>'
 
 
Note: If you want to check specific mailbox's permission on Root of OU, you may run the following command:
 
get-publicFolderClientPermission '\<Organization_Unit>' -user mailbox@maildomain.com
 
 
If using above  command, you find the mailbox which is not related user and is being listed there then that user can be removed using the below command:
 
Remove-PublicFolderClientPermission -Identity "\My Public Folder" -User chris@constoso.com