Add a great deal of value at no cost
Every Microsoft Exchange Server or Exchange Online administrator knows about regular mailboxes. But how many know that they can add shared mailboxes to their deployment, at no cost? Making effective use of shared mailboxes can add a great deal of value, whether in an on-premises Exchange Server organization or a Microsoft Office 365 tenant domain. (See also, "Multi-Mailbox Search in Exchange Server 2010.")
What Is a Shared Mailbox?
As defined in the Microsoft article "Understanding Recipients," an Exchange shared mailbox isn't associated with a primary user. Rather, this type of mailbox is "generally configured to allow logon access for multiple users." In other words, a shared mailbox is a functional mailbox that one or more users access for a specific purpose.
For example, suppose you ran a doctor's office. You could have a shared mailbox called Appointments, which you could use to send appointment reminders to patients (rather than sending the messages from the doctor's personal mailbox). In the same way, a consulting company such as mine could have a shared mailbox called Billing or Invoices, used to dispatch invoices to customers. In these scenarios, the users who have access to the shared mailboxes are called delegates. Before these users can work with the shared mailboxes, an administrator must delegate the rights to access and send mail by using those mailboxes.
Unlike regular mailboxes, users cannot log on to shared mailboxes because the Active Directory (AD) accounts that link to these mailboxes are disabled. Office 365 customers don't need to buy subscriptions for shared mailboxes, and on-premises Exchange customers don't need CALs to use shared mailboxes. However, in both instances, the delegates who access the mailboxes must be properly licensed. Apart from the licensing and logon differences, shared mailboxes work in the same way as regular mailboxes. You can assign an archive mailbox or apply a retention policy to a shared mailbox. See the Microsoft Exchange Licensing FAQ for additional details about licensing for shared mailboxes.
Creating a Shared Mailbox
The version of the Exchange Control Panel (ECP) that is provided for Office 365 tenants doesn't support the creation of shared mailboxes. Luckily, you can easily use the Exchange Management Shell (EMS) for this purpose. I recommend that you follow the steps in MVP Brian Desmond's blog to create a Windows PowerShell profile that contains a function that does all the work of setting up a new remote management session with Office 365.
After you're connected to Office 365, you can run the following steps to create the new shared mailbox and to configure it so that users can open it and send email from it. You will need to be a member of the Organization Management or Recipient Management role group to run these cmdlets:
- Run the New-Mailbox cmdlet to create the shared mailbox. Make sure to pass the -Shared parameter to mark the mailbox as shared. The only other parameter that you need to pass is the name of the shared mailbox.
- Run the Add-MailboxPermission cmdlet to delegate the FullAccess right to the mailboxes that you want to access the shared mailbox. This delegation allows the mailbox users to open the shared mailbox via Microsoft Outlook or Outlook Web App (OWA). You can also grant access to a Distribution Group (DG); all the members of the group inherit the access.
- Run the Add-RecipientPermission cmdlet to assign the SendAs right to users who you want to be able to send new messages from the shared mailbox. This cmdlet is unique to Office 365; in Exchange 2010, use the Add-MailboxPermission cmdlet to complete this task.
- If you need an archive for the shared mailbox, run the Enable-Mailbox cmdlet for the mailbox and include the -Archive parameter.
You can perform steps 2, 3, and 4 by using Exchange Management Console (EMC) wizards if you run a hybrid on-premises/cloud Exchange organization.
Figure 1 illustrates the steps to create a new shared mailbox named Billing: assigning FullAccess and SendAs rights to my mailbox. After the new shared mailbox is created, you can manage it through ECP, as if it was a typical mailbox. For example, you can edit the properties of the shared mailbox to add details such as the department.
Figure 1: Using PowerShell to add a new shared mailbox to Office 365
Accessing a Shared Mailbox
If you use Outlook 2010 or 2007, you don't need to do anything to access a shared mailbox after the FullAccess right is assigned to you. The next time that the Autodiscover function runs, it will detect that your mailbox can open the shared mailbox and will provide Outlook with the mailbox details. Microsoft made a change to Autodiscover, called auto-mapping, in Exchange 2010 Service Pack 1 (SP1) and further tweaked it in Exchange 2010 SP2. This change allows an administrator to provide a new, optional parameter to the Add-MailboxPermission cmdlet to tell Autodiscover not to map a shared mailbox for Outlook. Office 365 doesn't support earlier Outlook versions, but you can connect an Outlook 2003 mailbox to a shared mailbox on an Exchange 2010 server by manually adding details of the shared mailbox to the Outlook profile.
Outlook 2010 and 2007 clients run Autodiscover in a background thread each time they start and every 60 minutes thereafter, to ensure that clients always connect to the right resources. To pick up the new shared mailbox, you can either exit and restart Outlook, or you can wait until Autodiscover runs again, which should take no longer than 60 minutes. In either case, Outlook receives the information about the new shared mailbox from Autodiscover, automatically opens the shared mailbox, and lists it in the resources that are available to you. Figure 2 shows the list of resources that are available to me when I start Outlook. You can see that the Billing mailbox is listed, along with its archive.
Figure 2: Shared mailboxes listed by Outlook
