SOLVED

Shared mailbox: Use send-as, not send on behalf from Outlook 2016

Copper Contributor

Hello,

 

We have a lot of shared mailboxes. For every shared mailbox, we create a specific security group that contains the members who should have access to that particular shared mailbox.

 

We give full mailbox permissions and send-as permissions for that particular security group onto the shared mailbox.

 

For example, security group A has full mailbox access and send-as permissions onto shared mailbox A. By adding users to security group A, they have full access to the shared mailbox.

 

We create every new shared mailbox/security group combo using Powershell. That has been working flawlessly for the last years.

 

However, for a recent new shared mailbox/security group combination, when a user that's member of the related security group wants to send an e-mail from the shared mailbox (by changing the from field in Outlook and selecting the shared mailbox from the global address list), Outlook tries to send every time 'send-on behalf'. This only happens for that newly created mailbox.

 

I compared the output of Get-Mailbox and Get-RecipientPermission for the new problem shared mailbox and an older shared mailbox (which enable users to send mail send-as from outlook just fine) but I couldn't find any differences.

 

For your information, that's the error we get back immediately after trying to do a send-as for the new shared mailbox:

 

Your message did not reach some or all of the intended recipients.

 

      Subject:    Test from Outlook

      Sent:  23/11/2017 9:27

 

The following recipient(s) cannot be reached:

 

      name of sending user on 23/11/2017 9:27

            This message could not be sent. Try sending the message again later, or contact your network administrator. You do not have the permission to send the message on behalf of the specified user. Error is [0x80070005-0x0004dc-0x000524].

 

Why does Outlook always tries to do a send on behalf (what we don't want) where else for other shared mailboxes, send-as works fine?

Using send-as from OWA however works just fine for the newest shared mailbox. It only seems a problem related to Outlook (tested on multiple clients that have access to the shared mailbox) and that particular new shared mailbox.

 

Thanks in advance.

9 Replies
best response confirmed by Tom Glorieux (Copper Contributor)
Solution

The behavior depends on how you've added the shared mailbox in Outlook (automapped vs additional account), and of course by the method you use to compose the message. Check my ramblings on the topic here: https://www.michev.info/Blog/Post/1430/

When choosing the From address using the Global Address List instead of the offline one, I'm now able to send-as. :)

 

Thanks for the help

Very insightful article! Thanks.

Do you have any piece on the differences between: Shared Mailbox, User mailbox that is shared, Office 365 group, and Mail Enabled Security Group.

Thanks

Difference in terms of the Send As functionality, or in general? For Send As, it doesn't matter that much what kind of object you have, as long as you have the necessary permissions. The difference is mainly in how you want to handle the messages (i.e. gather them centrally in some mailbox), as different objects can have different methods to use on that part.

Thanks for that.

I was looking for a comprehensive comparison of the different types of mailboxes and its available features, pros, cons and restrictions.

What's odd is that--- - yes when i choose the From, from the ONLINE Global Address list -- it works.  However on subsequent emails, the autocompleted address does not.   It seems i have to click into the Online GAL on each and every message I send.  

 

Is there any way to avoid this?

When setting new send-as permissions, a new OAB must be build and downloaded by the clients. If you need to use send-as ad-hoc, you need to switch to Outlook Online Mode. Alternatively, you can use Outlook on the Web.

-Thomas

Hello,

I solved it with the following solution, in Exchange in the Shared Mailbox, uncheck the "Hide from address books" option, wait about 5 minutes, close and open Outlook to reload the address list or force it to update in the Outlook menu, after that in send how to select From to choose the email directly from the address list (It may sometimes take a while for it to appear, but be calm, remember to remove what you had already saved from the list), after that try again, in my case it worked in time and before I was having the same problem.

@Tom Glorieux I was trying to get this work using various fixes on forums for a good few hours before I managed to get it to work. 

As many people have already stated in online forums, when you remove the address from the "From" list in outlook and then reselect it from the "Global Address List" it works fine for one email, but subsequent emails fail to send. 

For some reason, the Outlook desktop client must use the "offline global address list" by default even after you change it. 

The fix for us was fairly simple in the end:

1. Go to "Send/Receive" tab and select "Send/Receive Groups" 

2. Click "Download Address Book" 

3. Ensure the choose address book field says "\Offline Global Address List" and click OK. 

 

Once the download has finished, the emails sent as the correct mailbox every single time. I have no real clue as to why this would be the case, but I'm guessing it updates the permission list on the mailboxes for the outlook client? 

 

But it worked!

 

1 best response

Accepted Solutions
best response confirmed by Tom Glorieux (Copper Contributor)
Solution

The behavior depends on how you've added the shared mailbox in Outlook (automapped vs additional account), and of course by the method you use to compose the message. Check my ramblings on the topic here: https://www.michev.info/Blog/Post/1430/

View solution in original post