Manage Shared Mailbox by using PowerShell | Office 365 4.33/5 (6) 9 min read

In the current article, we review how to implement common management tasks of Exchange Shared mailboxes using PowerShell.

PowerShell | Help & additional information

Running PowerShell commands in Office 365 based environment
To be able to run the PowerShell commands specified in the current article, you will need to create a remote PowerShell with Azure Active Directory or Exchange Online. In case that you need help with the process of creating a Remote PowerShell session, you can use the links on the bottom of the Article.

SECTION A: Create NEW Shared Mailbox

Shard mailbox is a special type of Exchange mailbox. To “inform” Exchange that we want to create a Shared mailbox type, we use the parameter “Shared.”

Create NEW Shared Mailbox

PowerShell command syntax

PowerShell command Example

Create NEW Shared Mailbox + define an Alias + Email Address

PowerShell command syntax

PowerShell command Example

SECTION B:  Manage permissions – Shared Mailbox

Assign permissions to the Shared Mailbox

Full Access permissions and AutoMap feature

When we assign to a User “Full Access” permission to another user Mailbox (Such as Shared Mailbox in our example), the Mailbox is automatically added to the user’s Outlook mail profile. This feature described as: AutoMap.

In some scenarios, we need to disable the option of AutoMap. For example, a scenario in which we want to enable specific user Full Access permission to multiple Shared mailboxes, but we don’t want that this Shared mailbox will be automatically added to the specific user Outlook profile.

In this case we can add the PowerShell parameter “-AutoMapping $False

Assign FULL ACCESS permissions for Shared Mailbox + AutoMap (Default)

PowerShell command syntax

PowerShell command Example

Assign FULL ACCESS permissions for Shared Mailbox + NO AutoMap

PowerShell command syntax

PowerShell command Example

Assign FULL ACCESS permissions for ALL Shared Mailbox + NO AutoMap (Bulk)

PowerShell command Example

Full Access permissions to a group and the AutoMap feature

When we assign “Full Access” permission to a Group, the AutoMap feature is not “activated” because, the Full Access permission granted to “Group Object,” and not for the “User object” (the group members).

In this case, we will need to instruct each of the group members how to add the “additional Mailbox” manually for the Exchange mailbox which they have “Full access” permission.

To avoid this default behavior, we can use a “little trick,” by using a PowerShell command.
The PowerShell command will “extract” group members to a “user list” and in the next step assigns the Full Access permission separately, for each user (each of the Group members).

Assign Full Access permissions for each group member

PowerShell command syntax

PowerShell command Example

Assign SEND AS permissions to the Shared Mailbox

Assign SEND AS permissions for Shared Mailbox

PowerShell command syntax

PowerShell command Example

Assign SEND AS permissions for ALL Shared Mailbox (Bulk)

PowerShell command Example

Assign permissions to the Shared Mailbox Calendar

To view the permissions of a specific mailbox folder such as Calendar folder, we need to use a syntax in which we define the mailbox name + the specific Folder name.

Given that the Exchange mailbox is the English language (defined as MailboxRegionalConfiguration), the calendar folder name whom we use is -“calendar.” In case that the Exchange mailbox uses a different Mailbox Regional Configuration, we will need to write the calendar folder name respectively.

Assign Publishing Editor permissions to the Shared Mailbox Calendar

PowerShell command Example

View (displays) various types of Mailbox permissions

View (displays) information about FULL ACCESS and SEND AS permissions

The default output of the PowerShell cmdlet Get-MailboxPermission that we use for view Mailbox permissions and the PowerShell cmdlet Get-RecipientPermission that we use for view SEND AS permissions, displays redundant information, that makes it difficult to understand the information about the Exchange mailbox permissions clearly.
For this reason, we add “filter” that removes that redundant information.

View (displays) FULL ACCESS permissions for Shared Mailbox

PowerShell command Example

View (displays) SEND AS permissions for Shared Mailbox

PowerShell command Example

View (displays) Calendar permissions for Shared Mailbox

PowerShell command Example

Remove permissions – Shared Mailbox

Remove FULL ACCESS permissions for Shared Mailbox

PowerShell command syntax

PowerShell command Example

Remove SEND AS permissions for Shared Mailbox

PowerShell command syntax

PowerShell command Example

Remove Publishing Editor permissions to the Shared Mailbox Calendar

PowerShell command syntax

PowerShell command Example

SECTION C:  Convert Mailbox

A Shared mailbox can be converted to a “regular Exchange mailbox” and vice versa.
In a scenario in which we convert Shared mailbox to User mailbox (regular Exchange mailbox), we will need to assign an Office 365 license to the converted mailbox.

Convert Regular mailbox to Shared Mailbox

PowerShell command syntax

PowerShell command Example

Convert Shared Mailbox to Regular Mailbox

PowerShell command syntax

PowerShell command Example

SECTION D:  Shared Mailbox specific settings

Set Shared mailbox size

Set Shared mailbox size to 10 GB

PowerShell command syntax

PowerShell command Example

Define the behavior of Shared mailbox and Sent items folder

In a scenario in which we assign the SEND AS permissions to a recipient on a Shared mailbox, when the recipient sent an email on behalf of the Shared mailbox (using his SEND AS permissions) the mail that was sent, will be saved by default, in the Shared mailbox “Sent Items” but a copy of the sent mail, will not save in the mailbox of recipient.

To be able to change this default behavior, we can use the PowerShell parameter – MessageCopyForSentAsEnabled.

You can read additional information about this subject in the article – Save a copy of sent mail items when using Send As permissions | Shared mailbox | Office 365

Set Shared Mailbox to Save a copy of sent mail items when using Send As permissions

PowerShell command Example

View Shared Mailbox “Save a copy of sent mail items” settings

PowerShell command Example

SECTION E:  Display + Export information on Shared Mailbox

Display a list of existing Shared mailboxes

PowerShell command Example

Export a list of existing Shared mailboxes

PowerShell command Example


For your convenience, I have “Wrapped” all the PowerShell commands that were reviewed in the article,
in a “Menu Based” PowerShell Script.

You are welcome to download the PowerShell script and use it.
Download -o365info PowerShell Script

Manage Shared Mailbox by using PowerShell | Office 365
In case you want to get more detailed information about how to use the o365info menu PowerShell script, you can read the following article

Watch the Video: Shared Mailbox Office 365 (Part 1 + Part 2 )


Getting started with Office 365 PowerShell

PowerShell Naming Conventions & general information
Get more information about the Naming Conventions that are used in the PowerShell articles – Help and additional information – o365info.com PowerShell articles
Creating a remote PowerShell session to Exchange Online 
To get more information about the required remote PowerShell commands that you need to use for connecting to Exchange Online, read the following article:
Connect to Exchange Online by using Remote PowerShell
Creating a remote PowerShell session to Azure Active Directory
To get more information about the required software component + the remote PowerShell commands that you need to use for connecting Azure Active Directory, read the following article: Part 2: Connect to Office 365 by using Remote PowerShell
Basic introduction to PowerShell in Office 365 based environment
If you are new in the PowerShell world, you can read more information about how to start working with PowerShell in Office 365 based environment in the following article series:  Getting started with Office 365 PowerShell – Part 1, Part 2, Part 3.
Running and using o365info PowerShell scripts
In case that you need more information about how to use the o365info PowerShell scripts that I add to the PowerShell articles, you can read the article – How to run and use o365info PowerShell menu script

PowerShell command syntax – Office 365 | Article series index

Now it’s Your Turn!
It is important for us to know your opinion on this article

Print Friendly, PDF & Email

Related Post

Please rate this

Eyal Doron on EmailEyal Doron on FacebookEyal Doron on GoogleEyal Doron on LinkedinEyal Doron on PinterestEyal Doron on RssEyal Doron on TwitterEyal Doron on WordpressEyal Doron on Youtube
Eyal Doron
Share your knowledge.
It’s a way to achieve immortality.
Dalai Lama

9 Responses to “Manage Shared Mailbox by using PowerShell | Office 365”

  1. Martin Robson Reply

    Hi.

    Thank you for a great article. I’ve been struggling with Shared mailboxes, and this article has everything I need.
    Could you explain what the AutoMAP function is?

    Thank you.

    Martin Robson.

  2. Hello Martin
    Regarding your question about the “AutoMap”:
    The AutoMap feature is implemented in the following way: when you assign a “Full Access” permission to user object (for other user Mailbox), the user Mailbox is automatically appear in the user outlook mail profile.
    When we assign a “Full Access” permission to group (instead of specific user), the AutoMap feature is not implemented, and by default, we will need to add the shared Mailbox manually to each of the group members. To avoid this operation, we use a little “trick”: before we assign the permission we “extract” each of the group member name (by using the command “ExpandProperty”) and assign the “Full Access” permission separately for each member. Using this option, we are able to use the AutoMap feature when assigning permission to group.

    • ….which is the same as just adding a number of different Mailboxes with Full Access rights, so the security group -idea is futile.

      How would one remove access rights in your “trick”?

  3. I keep getting an error when trying to apply the trick to apply the rights to the distribution group. I keep getting an error stating that “Unexpected token ‘in’ in expression or statement.

Leave a Reply

Your email address will not be published. Required fields are marked *