Forum Discussion

MikeGrove's avatar
MikeGrove
Copper Contributor
Feb 16, 2023

Azure B2B account accessing Exchange365 Shared Mailbox

Hello,

 

We are trying to grant access to an account that has been created via B2B Invite. This account can collaborate without issue in SharePoint and Teams. We have the ability to add this account to the Shred Mailbox under "Send as" and "Read and Manage". However when trying to connect to the mailbox the following error occurs:

 

I am looking for some direction as to how to address this error, if we are missing a configuration step,  or if it is currently possible to share a mailbox with a Azure B2B Member.

 

Thanks 

 

  • Mark_Albin's avatar
    Mark_Albin
    Brass Contributor

    MikeGrove 

     

    Hello,

     

    Here are a few things I would check to troubleshoot this issue:


    1.  Verify that the user account has the necessary permissions to access the shared mailbox. You mentioned that the account has been added to the mailbox under "Send as" and "Read and Manage", but it's worth double-checking that the permissions were applied correctly. You can do this by reviewing the mailbox permissions in Exchange Online, or by running the following PowerShell command:

     

    Get-MailboxPermission -Identity <shared mailbox>

     

     

    2.  Make sure the user account is using the correct credentials to access the shared mailbox. If the user is accessing the mailbox through Outlook or another email client, they may need to manually enter the shared mailbox credentials instead of their own.


    3.  Check if there are any mailbox access policies or security restrictions that might be blocking the user from accessing the shared mailbox. You can review the mailbox access policies and security settings in Exchange Online, or by running the following PowerShell command:

     

    Get-Mailbox <shared mailbox> | fl *policy*,*restriction*

     

     

    4.  If the issue persists, try removing the user's permissions from the shared mailbox and then re-granting them. Sometimes this can resolve permission-related issues.

    I hope this helps...

     
     
     
    • MikeGrove's avatar
      MikeGrove
      Copper Contributor

      Mark_Albin 

      Thanks for the reply.
      1. The user in question is marked as having {FullAccess} to the mailbox, the same as other internal users who access the mailbox
      2. Giving the end client direct access (password) to the mailbox completely eliminates B2B from the mix as you are now logging directly into the specified domain. I have checked and they are using the correct B2B creds as they are accessing other B2B components without issue.
      3. All Policies are either set to "Default" or not set. Doing a quick flyover of these policies I did not see anything that would result in blocked access. Let me know if there is something specific here I should be looking at.
      4. I have tried removing / re-adding with no success.

       

      Kidd_Ip I have confirmed that OWA is enabled on both tenants and the shared mailbox is accessible via OWA

       

      Thanks for your help. Let me know if there is any other suggestions. 

    • MikeGrove's avatar
      MikeGrove
      Copper Contributor

      I was hoping that this did not apply to a "Federated" B2B configuration between two Azure Tenants. This is being done as part of a merger of business units, and was hoping we could integrate without the need to duplicate accounts across the tenants.

       

      If there is any other suggestions please feel free to post them.

      • beaumcmahon's avatar
        beaumcmahon
        Copper Contributor

        MikeGrove I'm pretty sure you can do this, BUT you have to purchase at least a EOP1 license(s) and apply it to the user(s), in the tenant that has the shared mailbox. Or if there's another (cheaper) license that's available to you that provides exchange access, you could use that.

Resources