Jaa


Shared Mailboxes

Exchange Server 2007 introduces many new and really well defined recipient types. One of them is the one my customer asked me about. The process to create a Shared Mailbox will create a disable Active Directory user as there is no point to have it - that is not the purpose of this recipient. On the old and still actual days of Exchange Server 2003 or older, when we created a Shared Mailbox we basically created an Active Directory account with an associated mailbox and those credentials would be shared within who needed to use it. What is the issue here? Security! Was never a good idea to more than one individual login with same credentials. Control on it would be inexistent.

So in Exchange Server 2007 what we have is a mailbox with a disabled user and in a way we can give access to users or distributions lists we just add the proper permissions to the mailbox and it is done.

First of all we need to create our Shared Mailbox and to do that we need to use the Exchange Management Shell!

[PS] C:\>New-Mailbox -Name "mailbox" -Database "database" -UserPrincipalName mailbox@domain.com -Shared

At this stage we have our mailbox created and our active directory user disabled...

However now we need to give the right permissions...

Let's start by giving instructions to the shared mailbox that a few users should have Full Access on it, otherwise won't work. Advice here is do this to a Security Group more than to individual users by the same reasons referred above. Let's do it then to the users on the Sales Team!

[PS] C:\>Add-MailboxPermission "mailbox" -User "user" -Access Rights FullAccess

Almost done but a couple more things to do. At this stage the users on the Sales Team can access totally the mailbox however they still can't send e-mails from the shared mailbox. To do that we need to give them some permissions in Active Directory side...

[PS] C:\>Add-ADPermission "mailbox" -User "user" -ExtendedRights Send-As

At this stage the Sales Users are GOD within the Sales Team Shared Mailbox.

With Exchange Server 2007 Service Pack 1 we can actually setup the Full Access and Send As permissions. Basically we just right click on the Shared Mailbox and add the recipients to the desired permission or just select the account, and on the right hand side of the console you will see the same options.

And that's it!

Comments

  • Anonymous
    January 01, 2003
    Unfortunately and apparently by design your wish is not possible to acomplish at the present moment...

  • Anonymous
    January 01, 2003
    Hi Ashraf, Are we talking about Exchange 2007? I am not sure I understood your question right. You can indeed receive emails for X domains as far as you own them and have configured Receive Connectors setup for that effect. Each mailbox will then have one primary SMTP address – which will be the one which is shown when someone send an email, and many alternative which will give the ability to that mailbox receives all of them. So if you want to change your main SMTP address that is easy, but then when you send an email will be with that new @yourdomain.com instead of @mydomain.com. Is this what you intend to do? HTH

  • Anonymous
    November 07, 2008
    Hi, We would like to switch from public folders to shared mailboxes. Is there a way to turn off the shared view so that when one user reads a mail it isn't marked as read for the other users. Thanks

  • Anonymous
    February 26, 2011
    Hi, I have an exchange setup which receives email for mydomain.com but now i want to receive email for yourdomain.com. In this situation can you please help me on how to create the user mailbox for yourdomain.com and login with that user? Thanks in advance.