Create A Shared Mailbox in Office 365: How-to Guide

Admins create a shared mailbox in Office 365 to enable their teams to manage emails from a single, shared address, such as [email protected]. This guide provides clear and direct instructions for administrators to make and manage shared mailboxes.

What are Shared Mailboxes?

A shared mailbox uses a common email address to make a centralized mailbox. This is accessible by multiple authorized users (up to 25 at a time) with their private account credentials. Moreover, M365 Shared mailboxes do not have a direct login password. Moreover, for a broader understanding, it’s helpful to know about the different Office 365 mailbox types and their significance.

Why do Admins Make Them? Key Benefits Explained

• Centralized Group Email: For addresses like sales@ or support@.
• Team Collaboration: Multiple users can monitor and respond.
• Cost-Effective (Often): No extra license is needed if mailbox data remains ≤ 50 GB.

Before you Begin Setting up a Shared Mailbox in Office 365: Check Administrative Roles

To perform these actions, your Office 365 account must have one of these roles:

• Global Administrator
• Exchange Administrator

To assign, ask the global admin to visit the M365 admin portal > Expand Roles > Select Role Assignments > Then, click on the three vertical dots (in the Exchange or Global Admin role) > Assign Admins > Add Users > Mark the checkbox > Press Add.

Create a Shared Mailbox in Office 365: Step-by-Step Methods

Microsoft 365 Admin Center

• Navigate to Teams & groups > Shared mailboxes.
• Then, click + Add a shared mailbox.
• Just enter the Name, email address fills automatically. Change it if you so desire. Don’t forget to select the correct domain.
• Click Save changes.
• After creation, click the link Add members to your shared mailbox.
• Click + Add members, search for and select users, then click Add (#). Users are typically granted Full Access and Send As permissions.

Exchange Admin Center (EAC)

• Navigate to Recipients > Mailboxes.
• Click + Add a shared mailbox.
• Enter the Display Name, Email address, and Alias (optional).
• Then, click Create.
  
• After creation, select the Add users to this mailbox from the list.
• Tap + Add members. Select and Confirm.
  

Creating a Shared Mailbox via PowerShell

Step 1. Connect to Exchange Online PowerShell

Connect-ExchangeOnline -UserPrincipalName [email protected]

Step 2. Create a new Shared Mailbox:

New-Mailbox -Name "Marketing Campaigns" -DisplayName "Marketing Campaigns" -Shared -PrimarySmtpAddress [email protected]

Step 3. Assign Permissions using PowerShell:

# Grant Full Access permission
Add-MailboxPermission -Identity "[email protected]" -User "[email protected]" -AccessRights FullAccess -InheritanceType All

# Grant Send As permission
Add-RecipientPermission -Identity "[email protected]" -Trustee "[email protected]" -AccessRights SendAs

# Grant Send on Behalf:
Set-Mailbox -Identity "[email protected]" -GrantSendOnBehalfTo "[email protected]"

Step 4. After you create a shared mailbox in Office 365, check. Here is a sample script you can use to check the user accessibility details for a particular shared mailbox.

<# >> .SYNOPSIS
>>     Displays Full Access, Send As, and Send on Behalf Of permissions for a specified shared mailbox.
>>
>> .DESCRIPTION
>>     This script queries Exchange Online for three types of permissions assigned to a shared mailbox:
>>     1. Full Access: Who can open and manage the mailbox content.
>>     2. Send As: Who can send email as the shared mailbox.
>>     3. Send on Behalf Of: Who can send email on behalf of the shared mailbox.
>>
>>     It requires the ExchangeOnlineManagement module and an active connection to Exchange Online.
>> #>
>>
>> # --- START: Configuration ---
>> # Replace this with the email address, alias, or display name of the shared mailbox you want to check.
>> $SharedMailboxIdentity = "[email protected]"
>> # --- END: Configuration ---
>>
>> "" # Adds a blank line for cleaner output
>> Write-Host "---------------------------------------------------------------------" -ForegroundColor Magenta
>> Write-Host "           PERMISSIONS REPORT FOR: $SharedMailboxIdentity" -ForegroundColor Magenta
>> Write-Host "---------------------------------------------------------------------" -ForegroundColor Magenta
>> ""
>>
>> # 1. Get Full Access Permissions
>> Write-Host "--- 1. Full Access Permissions ---" -ForegroundColor Cyan
>> $FullAccessPermissions = Get-MailboxPermission -Identity $SharedMailboxIdentity | Where-Object { $_.User -notlike "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false } | Select-Object User, @{Name="AccessRights";Expression={$_.AccessRights -join ','}}, Deny
>> if ($FullAccessPermissions) {
>>     $FullAccessPermissions | Format-Table -AutoSize
>> } else {
>>     Write-Host "No explicit Full Access permissions found (excluding NT AUTHORITY\SELF and inherited permissions)."
>> }
>> ""
>>
>> # 2. Get Send As Permissions
>> Write-Host "--- 2. Get Send As Permissions ---" -ForegroundColor Cyan
>> $SendAsPermissions = Get-RecipientPermission -Identity $SharedMailboxIdentity | Where-Object { $_.Trustee -notlike "NT AUTHORITY\SELF" } | Select-Object Trustee, @{Name="AccessRights";Expression={$_.AccessRights -join ','}}, Deny, IsInherited
>> if ($SendAsPermissions) {
>>     $SendAsPermissions | Format-Table -AutoSize
>> } else {
>>     Write-Host "No explicit Send As permissions found (excluding NT AUTHORITY\SELF)."
>> }
>> ""
>>
>> # 3. Get Send on Behalf Of Permissions
>> Write-Host "--- 3. Get Send on Behalf Of Permissions ---" -ForegroundColor Cyan
>> $SendOnBehalfToIdentities = (Get-Mailbox -Identity $SharedMailboxIdentity).GrantSendOnBehalfTo
>> if ($SendOnBehalfToIdentities) {
>>     Write-Host "Users/Groups granted Send on Behalf Of permission (resolving identities...):"
>>     $ResolvedSendOnBehalfTo = $SendOnBehalfToIdentities | ForEach-Object {
>>         try {
>>             Get-Recipient -Identity $_ -ErrorAction Stop | Select-Object DisplayName, PrimarySmtpAddress, RecipientType
>>         } catch {
>>             Write-Warning "Could not resolve identity: $_. It might be an external user or an object no longer available."
>>             # Output a custom object for unresolved identities
>>             [PSCustomObject]@{
>>                 DisplayName      = "<Unresolved/External>"
>>                 PrimarySmtpAddress = $_ # Show the raw identifier
>>                 RecipientType    = ""
>>             }
>>         }
>>     }
>>     $ResolvedSendOnBehalfTo | Format-Table -AutoSize
>> } else {
>>     Write-Host "No Send on Behalf Of permissions granted."
>> }
>> ""
>>
>> Write-Host "---------------------------------------------------------------------" -ForegroundColor Magenta
>> Write-Host "                         END OF REPORT" -ForegroundColor Magenta
>> Write-Host "---------------------------------------------------------------------" -ForegroundColor Magenta

Converting an Existing User Mailbox to a Shared Mailbox

If you dont want to create a shared mailbox in Office 365 from scratch, and want to retain an ex-employee’s mailbox data for team access, do this:

• License Management: Consider removing the departing user’s license (if the mailbox is ≤ 50GB and no archive access is needed for the shared mailbox). If the mailbox is larger or an archive needs to be accessible, the shared mailbox will require its own license.
• Conversion Process:
  • EAC: Go to Recipients > Mailboxes. Select the user mailbox. Click Convert to shared mailbox from the command bar or details pane. Confirm.
  • PowerShell:

    Set-Mailbox -Identity "[email protected]" -Type Shared

• Block Original User Sign-in: Disable the departed user’s Office 365 account.
• Then, Assign Member Permissions: Grant Full Access and/or Send As permissions to team members for the newly converted shared mailbox.
• Archive Mailbox Considerations During Conversion:
  • If the original user mailbox had an online archive, it’s preserved during conversion.
  • To allow members to access this archive via the shared mailbox, the shared mailbox must be assigned an Exchange Online Plan 2 license or an Exchange Online Plan 1 license with an Exchange Online Archiving add-on.
• After conversion or creation, you might need to import PST files to the shared mailbox in Office 365 to populate it with existing data.

Shared Mailbox Licensing: Unlicensed vs. Licensed

• Unlicensed Shared Mailbox:
  • No direct license cost if storage is ≤ 50 GB.
  • Cannot enable or access an Online Archive.
  • No premium features (e.g., Litigation Hold).
• Licensed Shared Mailbox:
  • Required if storage > 50GB, or if an Online Archive or features like Litigation Hold are needed.
  • Assign an appropriate Exchange Online license (e.g., Plan 1 or Plan 2) to the shared mailbox itself.

Making Shared Mailboxes Accessible to Users

Post Creation GAL Visibility and Access Control:

• Shared mailboxes are visible in the Global Address List (GAL) for all tenant members.
• However, only users with explicit permissions can access the contents or send from it.
• Hiding from GAL (Admin Task):
  • In the EAC, select the shared mailbox. Use the Hide from address list option in its properties.

Note: Hiding from GAL just prevents manual search-and-add by users. Auto-mapping for Full Access members should still function.

Outlook Desktop (Classic Version):

• After an admin grants membership, users should restart Outlook.
• Then, the shared mailbox typically auto-appears in the Folder Pane (auto-mapping). If you find the Office 365 shared mailbox not showing in Outlook, you may need to troubleshoot further.

“New” Outlook for Desktop:

• Right-click on your primary account folder (or use the three-dots menu).
  
• Then, click Add shared folder or mailbox.
• Search for and add the shared mailbox (if not hidden from GAL).
  
• It appears under a “Shared with me” folder in the left pane.
  

Outlook on the Web to access a newly created shared mailbox in Office 365

• Right-click on your primary account folder (or use the three-dots menu).
  
• Select Add shared folder or mailbox.
• Then, search for and add the shared mailbox (if not hidden from GAL).
  
• It appears in the left folder pane.

Outlook Mobile (iOS & Android):

• Open the Outlook app. Tap your account icon (top left).
• Tap the “Add Account” icon (envelope with ‘+’).
• Then, select Add a Shared Mailbox.
• Enter the shared mailbox email address. Tap “Continue” or “Add.”
• Finally, the shared mailbox will appear in your list of accounts.

Admin Note for Mobile: Full Access permissions often lead to a better mobile experience.

Keep Shared Mailbox Data Safe with A Professional Solution

An admin’s job does not end when they create a shared mailbox in Office 365. Rather, it begins there. Maintaining the safety of shared mailboxes and making sure that the data in them does not breach the 50 GB capacity is tough. Therefore, to ease that issue, we have the SysTools Office 365 Backup tool, the only solution you need to keep a secure copy of all shared mailboxes offline.

This tool allows admins to take charge of the shared mailbox conversion and safely clean out old data without even purchasing a new license. Any organization that manages the Shared Mailboxes on Office 365 must have this tool with them. Moreover, we also have the steps to use the tool right here:

• Install a copy and pick the Admin mode (as Shared mailboxes are under organization control and don’t have any password component).
• On the setup screen, pick Microsoft 365 as the source and Keep Outlook (PST) as the destination.
• Then, select the email workload, apply a date filter, and continue.
• Validate admin credentials.
• Then, validate the destination local folder.
• Map shared mailboxes by downloading the custom template, editing it, and re-uploading it into the tool.
• Select Prioritize and Validate, and begin backup.

Conclusion

Correctly configured shared mailboxes enhance team communication and efficiency. This guide provides the necessary steps for administrators to create, convert, and manage these valuable Office 365 resources, including critical licensing and access considerations.