Skip to main content
Jorge Bernhardt Jorge Bernhardt
  1. Posts/

How to Create and Manage Shared Mailboxes

·1162 words·6 mins· 100 views · 5 likes ·
Add-MailboxPermission Add-RecipientPermission Connect-ExchangeOnline Exchange Online

Happy New Year everyone, life is short - let’s dream big and make the most of 2022! In the year’s first article, I want to show you how to create shared mailboxes in Microsoft Exchange Online and perform the most common administrative tasks using Powershell. Important: To perform the tasks described below, your user must be a Global admin or belong to the Exchange admin group.

PowerShell Workaround>

PowerShell Workaround #

First, you need to ensure the ExchangeOnlineManagement module is installed on your computer and then import it into your Powershell session. To do that, you should use the following commands.

Install-Module -Name ExchangeOnlineManagement
Import-Module -Name ExchangeOnlineManagement

Once you have imported the module, you are ready to start.

Connect to Exchange Online>

Connect to Exchange Online #

The easiest way to get started is to log in interactively at the command line.

Connect-ExchangeOnline
Set the variables>

Set the variables #

Here we define the basic information of the shared mailbox that we want to create/manage. You should replace <E-MAIL> with the mail you want to assign to the shared mailbox.

$sharedMailboxName  = "New Department SharedMailbox"
$sharedMailboxAlias = "NewDepartment"
$sharedMailboxEmail = "<E-MAIL>"
Create the shared mailbox>

Create the shared mailbox #

I’ll start by creating the shared mailbox; I will use the New-Mailbox cmdlet with the following syntax.

New-Mailbox `
    -Shared `
    -Name $sharedMailboxName `
    -DisplayName $sharedMailboxName `
    -Alias $sharedMailboxAlias `
    -PrimarySmtpAddress $sharedMailboxEmail `
    -Archive
Shared Mailboxes
>

Shared Mailboxes
#

Manage mailbox permissions>

Manage mailbox permissions #

After the mailbox is created, you need to permit users to use the shared mailbox. Remember that only people within your organization can use a shared mailbox. You should use the Add-MailboxPermission cmdlet with the following syntax to add permissions to the shared mailbox.

Add-MailboxPermission `
    -User "[email protected]" \`
    -Identity $sharedMailboxEmail `
    -AccessRights FullAccess `
    -InheritanceType All `
    -AutoMapping:$false

If you want To retrieve permissions on a mailbox, use the Get-MailboxPermission cmdlet with the following syntax.

Get-MailboxPermission `
    -Identity $sharedMailboxEmail `
    | Where-Object {($_.IsInherited -eq $false) -and -not ($_.User -like "NT AUTHORITY\SELF")}

In case you want to remove a user’s permissions on the shared mailbox, you should use the Remove-MailboxPermission cmdlet with the following syntax.

Remove-MailboxPermission `
    -User "[email protected]" `
    -Identity $sharedMailboxEmail `
    -AccessRights FullAccess `
    -InheritanceType All `
    -Confirm:$false
 Manage “Send as” permission>

 Manage “Send as” permission #

SendAs permission allows a user or group member to send messages that appear to come from the specified mailbox. To add SendAs permission to users, you should use the Add-RecipientPermission cmdlet with the following syntax.

Add-RecipientPermission `
    -Identity $sharedMailboxEmail `
    -AccessRights SendAs `
    -Trustee "[email protected]" `
    -Confirm:$false

Add-RecipientPermission
To list the users who have SendAs permission on the shared mailbox, use the Get-RecipientPermission cmdlet.

Get-RecipientPermission `
    -Identity $sharedMailboxEmail `
    | Where-Object {($_.IsInherited -eq $false) -and -not ($_.Trustee -like "NT AUTHORITY\SELF")}

If you want to remove SendAs permission from a user or group, use the Remove-RecipientPermission cmdlet with the following syntax.

Remove-RecipientPermission `
    -Identity $sharedMailboxEmail `
    -AccessRights SendAs `
    -Trustee "[email protected]" `
    -Confirm:$false
Configure the shared mailbox>

Configure the shared mailbox #

This section will show you how to carry out shared mailboxes’ most common administration tasks. To perform the following tasks, you should use the Set-Mailbox cmdlet.

Send on behalf of permissions>

Send on behalf of permissions #

The GrantSendOnBehalfTo parameter specifies who can send on behalf of this mailbox.

Set-mailbox `
    $sharedMailboxEmail `
    Grantsendonbehalfto @{add="[email protected]"}

To confirm that the user has been successfully added, you should use the following command:

Get-Mailbox `
    $sharedMailboxEmail `
    | format-table Name, grantsendonbehalfto

if you want to remove users to Send on Behalf permissions for the shared mailbox. Remove= list if a comma-separated list. Each email address should be in double-quoted brackets.

Set-mailbox `
    $sharedMailboxPrimarysmtp `
    Grantsendonbehalfto @{Remove="<E-MAIL>"}
Shared mailbox email forwarding>

Shared mailbox email forwarding #

The ForwardingSmtpAddress parameter specifies a forwarding SMTP address for messages that are sent to this mailbox.

Set-mailbox `
    $sharedMailboxEmail `
    -ForwardingAddress "demouser" `
    -ForwardingsmtpAddress "[email protected]" `
    -DeliverToMailboxAndForward $true
The DeliverToMailboxAndForward parameter determines how messages are delivered and forwarded. $true: Messages are sent to this mailbox and forwarded to the specified email address. $false:  Messages are only forwarded to the specified email address. Messages are not delivered to this mailbox.>

The DeliverToMailboxAndForward parameter determines how messages are delivered and forwarded. $true: Messages are sent to this mailbox and forwarded to the specified email address. $false:  Messages are only forwarded to the specified email address. Messages are not delivered to this mailbox. #

To get the address listing for email forwarding, use the following cmdlet.

Get-Mailbox `
    $sharedMailboxEmail `
    | FL DeliverToMailboxAndForward,ForwardingAddress,ForwardingSmtpAddress

If you want to disable Email Forwarding settings, you should use the following cmdlet.

Set-mailbox `
    $sharedMailboxEmail `
    -ForwardingAddress $null `
    -ForwardingsmtpAddress $null `
    -DeliverToMailboxAndForward $false
Manage sent items>

Manage sent items #

Copy items sent as this mailbox, or on behalf of this mailbox, to the mailbox’s Sent Items folder. This lets shared mailbox members see the email other members have sent. If you don’t copy sent items to the mailbox, they will only be saved to the sender’s Sent Items folder. You should use the MessageCopyForSendOnBehalfEnabled and MessageCopyForSentAsEnabled parameters to set the desired settings.

Set-mailbox `
    $sharedMailboxEmail `
    -MessageCopyForSentAsEnabled $True `
    -MessageCopyForSendOnBehalfEnabled $True

To get the existing sent item settings, use the following cmdlet.

Get-Mailbox `
    $sharedMailboxEmail `
    | FL MessageCopyForSentAsEnabled,MessageCopyForSendOnBehalfEnabled

Use the following cmdlet if you want to disable the “Copy items sent as this mailbox ” or “ Copy items sent on behalf of this mailbox " options.

Set-Mailbox `
    $sharedMailboxEmail `
    -MessageCopyForSentAsEnabled $false `
    -MessageCopyForSendOnBehalfEnabled $false
Manage automatic replies>

Manage automatic replies #

To enable auto-reply messages (Out of Office), you should use the Set-MailboxAutoReplyConfiguration cmdlet with the following syntax.

Set-MailboxAutoReplyConfiguration `
    -Identity $sharedMailboxEmail `
    -AutoReplyState Enabled `
    -ExternalMessage "External auto-reply message."

To get the existing auto-reply settings, you should use the Get-MailboxAutoReplyConfiguration cmdlet.

Get-MailboxAutoReplyConfiguration `
    -Identity $sharedMailboxEmail

If you want to disable auto-reply messages, use the following cmdlet.

Set-MailboxAutoReplyConfiguration `
    -Identity $sharedMailboxEmail `
    -AutoReplyState Disabled
Manage email apps>

Manage email apps #

You should use the Set-CASMailbox cmdlet to configure client access settings on a mailbox. Using this cmdlet, you can configure settings for Exchange ActiveSync, Outlook, Outlook on the web (OWA), POP3, and IMAP4.

To get the existing mail apps access settings, use the following cmdlet.

Get-CASMailbox `
    $sharedMailboxEmail `
    | FL PopEnabled,ImapEnabled,MAPIEnabled,OWAEnabled,ActiveSyncEnabled,EWSEnabled

For example, to disable the POP3 access for the shared mailbox, I should use the following cmdlet.

Set-CASMailbox `
    $sharedMailboxEmail `
    -PopEnabled $false `
    -ImapEnabled $true `
    -MAPIEnabled $true `
    -OWAEnabled $true `
    -ActiveSyncEnabled $true `
    -EWSEnabled $true
Manage global address list visibility>

Manage global address list visibility #

To get visibility of the shared mailbox in the address lists, use the following command.

Get-Mailbox `
    $sharedMailboxEmail `
    | FL HiddenFromAddressListsEnabled

To make the shared mailbox visible in address lists, use the value $false for the HiddenFromAddressListsEnabled parameter.

Set-Mailbox `
    -Identity $sharedMailboxEmail `
    -HiddenFromAddressListsEnabled:$false

Thanks for reading my post. I hope you find it helpful. If you want to learn more About shared mailboxes, check out this link.