Forum Discussion

Tom Glorieux's avatar
Tom Glorieux
Copper Contributor
Nov 23, 2017

Shared mailbox: Use send-as, not send on behalf from Outlook 2016

Hello,

 

We have a lot of shared mailboxes. For every shared mailbox, we create a specific security group that contains the members who should have access to that particular shared mailbox.

 

We give full mailbox permissions and send-as permissions for that particular security group onto the shared mailbox.

 

For example, security group A has full mailbox access and send-as permissions onto shared mailbox A. By adding users to security group A, they have full access to the shared mailbox.

 

We create every new shared mailbox/security group combo using Powershell. That has been working flawlessly for the last years.

 

However, for a recent new shared mailbox/security group combination, when a user that's member of the related security group wants to send an e-mail from the shared mailbox (by changing the from field in Outlook and selecting the shared mailbox from the global address list), Outlook tries to send every time 'send-on behalf'. This only happens for that newly created mailbox.

 

I compared the output of Get-Mailbox and Get-RecipientPermission for the new problem shared mailbox and an older shared mailbox (which enable users to send mail send-as from outlook just fine) but I couldn't find any differences.

 

For your information, that's the error we get back immediately after trying to do a send-as for the new shared mailbox:

 

Your message did not reach some or all of the intended recipients.

 

      Subject:    Test from Outlook

      Sent:  23/11/2017 9:27

 

The following recipient(s) cannot be reached:

 

      name of sending user on 23/11/2017 9:27

            This message could not be sent. Try sending the message again later, or contact your network administrator. You do not have the permission to send the message on behalf of the specified user. Error is [0x80070005-0x0004dc-0x000524].

 

Why does Outlook always tries to do a send on behalf (what we don't want) where else for other shared mailboxes, send-as works fine?

Using send-as from OWA however works just fine for the newest shared mailbox. It only seems a problem related to Outlook (tested on multiple clients that have access to the shared mailbox) and that particular new shared mailbox.

 

Thanks in advance.

    • Tom Glorieux's avatar
      Tom Glorieux
      Copper Contributor

      When choosing the From address using the Global Address List instead of the offline one, I'm now able to send-as. :)

       

      Thanks for the help

      • Ron Schmitt's avatar
        Ron Schmitt
        Copper Contributor

        What's odd is that--- - yes when i choose the From, from the ONLINE Global Address list -- it works.  However on subsequent emails, the autocompleted address does not.   It seems i have to click into the Online GAL on each and every message I send.  

         

        Is there any way to avoid this?

    • Haneef Ibn Ahmad's avatar
      Haneef Ibn Ahmad
      Iron Contributor
      Very insightful article! Thanks.

      Do you have any piece on the differences between: Shared Mailbox, User mailbox that is shared, Office 365 group, and Mail Enabled Security Group.

      Thanks
      • VasilMichev's avatar
        VasilMichev
        MVP

        Difference in terms of the Send As functionality, or in general? For Send As, it doesn't matter that much what kind of object you have, as long as you have the necessary permissions. The difference is mainly in how you want to handle the messages (i.e. gather them centrally in some mailbox), as different objects can have different methods to use on that part.

    • WMauney's avatar
      WMauney
      Copper Contributor
      Your link goes to an article titled 'Postpone the deletion of your SharePoint Online Public website'. any chance you have the correct post somewhere?
  • Daniel_Cardoso's avatar
    Daniel_Cardoso
    Copper Contributor
    Hello,

    I solved it with the following solution, in Exchange in the Shared Mailbox, uncheck the "Hide from address books" option, wait about 5 minutes, close and open Outlook to reload the address list or force it to update in the Outlook menu, after that in send how to select From to choose the email directly from the address list (It may sometimes take a while for it to appear, but be calm, remember to remove what you had already saved from the list), after that try again, in my case it worked in time and before I was having the same problem.
  • OnezoTom's avatar
    OnezoTom
    Copper Contributor

    Tom Glorieux I was trying to get this work using various fixes on forums for a good few hours before I managed to get it to work. 

    As many people have already stated in online forums, when you remove the address from the "From" list in outlook and then reselect it from the "Global Address List" it works fine for one email, but subsequent emails fail to send. 

    For some reason, the Outlook desktop client must use the "offline global address list" by default even after you change it. 

    The fix for us was fairly simple in the end:

    1. Go to "Send/Receive" tab and select "Send/Receive Groups" 

    2. Click "Download Address Book" 

    3. Ensure the choose address book field says "\Offline Global Address List" and click OK. 

     

    Once the download has finished, the emails sent as the correct mailbox every single time. I have no real clue as to why this would be the case, but I'm guessing it updates the permission list on the mailboxes for the outlook client? 

     

    But it worked!