PROBLEM
Often when a User has their employment terminated with a Client, the Client wants to keep the User’s Office 365 mailbox intact and accessible for historical reasons.
The best way to achieve this is to convert the User’s mailbox into a 365 Shared Mailbox
If a User wants to access a Shared Mailbox, the User may decide to add the Shared Mailbox to their Outlook profile. This is ok for maybe 1 or 2 Shared Mailboxes but anymore than this and Outlook will start to slow down. Shared Mailboxes can slow down Outlook to the point that it becomes frustrating for Users.
SOLUTION
In summary, and at the request of the Client, the best practise method of handling these situations, is to convert the User’s mailbox into a 365 Shared Mailbox and then access all of the 365 Shared Mailboxes from a single Web-Based 365 user account, dedicated to the task of accessing all of the old mailbox information. The 3 Steps to set this up are as follows:
STEP 1 – SETUP THE DEDICATED WEB-BASED 365 MAILBOX
- In Azure/AD Portal or 365 Exchange Portal – Create a new “Cloud” User called “MailboxArchive@{domain_name}”
- Add a low cost Exchange Online (Plan 1) license to this new User
- Convert User’s mailboxes into Shared Mailboxes and then add these Share Mailboxes to the MailboxArchive User mailbox as additional Email Folders
|
STEP 2 – CREATE THE SHARED MAILBOX – (NOTE: these shared mailboxes do not incur monthly license costs)
- For each User’s mailbox that needs to be archived, convert the mailbox into a Shared Mailbox inside the 365 Exchange Management Portal
- Change the “Display name” for the User by adding the words “historical_” to the start of their name
- Removed the Office 365 license from the User’s account
- Delete the Users account in Azure Active Directory – if the User Account is a Cloud Azure AD only account then remove the User account using the Azure AD portal – otherwise, if the User is synced from the on premise Active Directory, then remove the User from the Active Directory Organizational Groups that are set to sync to Azure AD and once the “On-premise sync enabled” status in Azure AD portal has changed to “No”, then delete the User from Azure AD
- Remove the Shared Mailbox from the GAL in Exchange
- Add “FULL” “Delegation” permissions to the new “MailboxArchive” User account
- Optional: Configure a “Forwarding Rule” – to forward all new inbound emails to the Shared Mailbox, to be forwarded to a nominated mailbox
|
STEP 3 – ADD THE SHARED MAILBOXES TO THE “MailboxArchive” USER’S MAILBOX
- Login to Office 365 online in a browser, as the “MailboxArchive@{domain_name}” User and add all of the historical Shared Mailboxes to the “FOLDERS” section in Outlook
- Permitted Users can now login to the 365 Mailbox for the “MailboxArchive” user to read historical mailbox contents
|
| Sample of mailboxes that have been converted into Shared Mailboxes |
 |
| Other Information |
- If you disable an AD User but leave them in the OU that Azure AD syncs from, then the User remains in Azure AD as an active User, despite the User being disabled in AD
- To remove a User from Azure AD that was synced from AD, you must move the User in AD to an OU that is not designated as an OU for syncing purposes
- A Shared Mailbox still requires an Azure AD User account to exist, (usually in the same name), for the Shared Mailbox to be anchored to
|
Revision:
50
Last modified:
Aug 27, 2023
Post your comment on this topic.