Microsoft Exchange Shared Mailbox

Shared Mailbox are special type of mailbox where multiple users can read and send email from the common email address. A shared mailbox is a type of user mailbox that does not have its own username and password. As a result, users cannot log into them directly. To access a shared mailbox, users must first be granted Send As or Full Access permissions to the mailbox after which, the user signs into their own mailboxes and then can access the shared mailbox by adding it to their Outlook profile.

The Active Directory connector supports managing Shared Mailbox as Account Group object. For this feature, the schema attributes and provisioning plan for the Shared Mailbox must be added in the application xml file.

Supported Operations

Operations	Features
Aggregation	Aggregate Shared Mailbox as Account Group Object Aggregation of User’s Shared Mailbox assignment as an entitlement.
Create, Update, Delete	Supports creating and updating attributes of the Shared Mailbox along with assigning and removing permissions of the Shared Mailbox. For more information, refer to Microsoft Exchange Shared Mailbox

Operations

Features

Aggregation

Aggregate Shared Mailbox as Account Group Object
Aggregation of User’s Shared Mailbox assignment as an entitlement.

Create, Update, Delete

Supports creating and updating attributes of the Shared Mailbox along with assigning and removing permissions of the Shared Mailbox.

For more information, refer to Microsoft Exchange Shared Mailbox

Prerequisites

IQService must be configured in the application
Exchange configuration details are required for aggregation and provisioning operations

Administrator Permissions

For aggregation of Shared Mailbox and aggregating user's Shared Mailbox Membership, the service account must be a member of Account Operator Group and Recipient Management Group.
For Create, Update, and Delete operations on a Shared Mailbox and when assigning a Shared Mailbox to a user account:
- Service account must be a member of Account Operator Group and Recipient Management Group.
- Updating Send As permission of the Shared Mailbox, service account must have Active Directory Permissions Exchange Role. By default, a member of an Organization Management group has an Exchange Role with higher capabilities that are not required for this operation. It is recommended that you create a custom Exchange Admin Role Group.

Complete the following to create a custom Exchange Admin Role Group:

On the Exchange admin center page, select Permissions in the left pane.
Under the admin roles tab, click + icon to create new Role Group.
On the Role Group window that appears, enter the Name and Description.
From the list of displayed Roles, search and select Active Directory Permissions Role and select Save.

This creates a Universal Security Group with the given name under Microsoft Exchange Security Groups organizationUnit. Add the service account to this group.


	You are here: