SOLVED

Shared Mailbox Access

%3CLINGO-SUB%20id%3D%22lingo-sub-1298143%22%20slang%3D%22en-US%22%3EShared%20Mailbox%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1298143%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3CBR%20%2F%3E%3CBR%20%2F%3EI%20have%20remove%20the%20license%20of%20a%20mailbox%2C%20and%20convert%20the%20mailbox%20to%20Shared%20Mailbox.%20However%20the%20Shared%20Mailbox%20can%20still%20be%20accessible%20by%20signing-in%20from%20OWA.%20Is%20that%20the%20normal%20behavior%3F%3CBR%20%2F%3E%3CBR%20%2F%3EOnce%20is%20converted%20to%20Shared%20Mailbox%2C%20should%20the%20login%20access%20be%20remove%3F%3CBR%20%2F%3E%3CBR%20%2F%3EThanks.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1298143%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%20Online%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1298411%22%20slang%3D%22en-US%22%3ERe%3A%20Shared%20Mailbox%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1298411%22%20slang%3D%22en-US%22%3E%3CP%3EYes%2C%20that's%20the%20expected%20behavior.%20If%20you%20don't%20want%20people%20to%20access%20the%20mailbox%20anymore%2C%20remove%20the%20permissions.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1298826%22%20slang%3D%22en-US%22%3ERe%3A%20Shared%20Mailbox%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1298826%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Vasil%2C%3CBR%20%2F%3E%3CBR%20%2F%3EIs%20not%20the%20assigned%20member%20who%20is%20accessing%20the%20Shared%20Mailbox.%20But%20the%20original%20account%20password%20can%20still%20be%20used%20to%20login.%3CBR%20%2F%3E%3CBR%20%2F%3EScenario%20is%20if%20I%20have%20an%20employee%20who%20left%20the%20company%2C%20and%20I%20have%20converted%20his%20account%20to%20a%20Shared%20Mailbox.%20But%20he%20is%20still%20able%20to%20access%20his%20mailbox%20through%20Outlook.com%2C%20by%20signing-in%20using%20his%20existing%20password.%3CBR%20%2F%3E%3CBR%20%2F%3EMy%20understanding%20was%20once%20converted%20to%20a%20Shared%20Mailbox%2C%20the%20Shared%20Mailbox%20will%20not%20be%20an%20active%20account%20and%20cannot%20be%20login%20anymore%2C%20or%20setup%20for%20SMTP.%3CBR%20%2F%3E%3CBR%20%2F%3ECorrect%20me%20if%20I'm%20wrong.%3CBR%20%2F%3E%3CBR%20%2F%3EThanks.%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1299968%22%20slang%3D%22en-US%22%3ERe%3A%20Shared%20Mailbox%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1299968%22%20slang%3D%22en-US%22%3E%3CP%3ERight%2C%20that's%20also%20an%20%22expected%22%20behavior%2C%20as%20Microsoft%20doesn't%20enforce%20licensing%20requirements%20in%20code.%20Being%20able%20to%20login%20directly%20to%20a%20shared%20mailbox%20is%20something%20that%20has%20worked%20for%20ages%2C%20it's%20simply%20not%20often%20discussed%20publicly%20as%20it's%20against%20the%20license%20agreement.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1300053%22%20slang%3D%22en-US%22%3ERe%3A%20Shared%20Mailbox%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1300053%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3ESo%20it%20is%20still%20advisable%20to%20reset%20the%20password%20once%20the%20employee%20left%20the%20company%2C%20while%20maintaining%20their%20account%20as%20Shared%20Mailbox.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1301126%22%20slang%3D%22en-US%22%3ERe%3A%20Shared%20Mailbox%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1301126%22%20slang%3D%22en-US%22%3E%3CP%3EWell%2C%20given%20that%20O365%20is%20a%20cloud%20service%2C%20available%20anywhere%20from%20any%20location%2C%20not%20changing%20the%20password%20for%20a%20departed%20user%20is%20just%20asking%20for%20trouble.%20Anyway%2C%20Microsoft's%20guidance%20on%20the%20whole%20%22departed%22%20user%20is%20still%20a%20bit%20unclear%2C%20they've%20positioned%20%22inactive%20mailboxes%22%20for%20this%20scenario%2C%20but%20then%20did%20the%20whole%20%22convert%20to%20shared%20mailbox%22%20thingy%20as%20part%20of%20the%20%22remove%20user%22%20wizard.%20Here's%20an%20article%20from%20a%20while%20back%20where%20I%20compare%20the%20two%20methods%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fpractical365.com%2Fexchange-online%2Fshared-mailboxes-vs-inactive-mailboxes-departed-users%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fpractical365.com%2Fexchange-online%2Fshared-mailboxes-vs-inactive-mailboxes-departed-users%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1301151%22%20slang%3D%22en-US%22%3ERe%3A%20Shared%20Mailbox%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1301151%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20link.%20Appreciate.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Contributor

Hi,

I have remove the license of a mailbox, and convert the mailbox to Shared Mailbox. However the Shared Mailbox can still be accessible by signing-in from OWA. Is that the normal behavior?

Once is converted to Shared Mailbox, should the login access be remove?

Thanks.

 

6 Replies

Yes, that's the expected behavior. If you don't want people to access the mailbox anymore, remove the permissions. 

Hi Vasil,

Is not the assigned member who is accessing the Shared Mailbox. But the original account password can still be used to login.

Scenario is if I have an employee who left the company, and I have converted his account to a Shared Mailbox. But he is still able to access his mailbox through Outlook.com, by signing-in using his existing password.

My understanding was once converted to a Shared Mailbox, the Shared Mailbox will not be an active account and cannot be login anymore, or setup for SMTP.

Correct me if I'm wrong.

Thanks.

 

 

Right, that's also an "expected" behavior, as Microsoft doesn't enforce licensing requirements in code. Being able to login directly to a shared mailbox is something that has worked for ages, it's simply not often discussed publicly as it's against the license agreement.

@Vasil Michev 

So it is still advisable to reset the password once the employee left the company, while maintaining their account as Shared Mailbox.

best response confirmed by cllee (Contributor)
Solution

Well, given that O365 is a cloud service, available anywhere from any location, not changing the password for a departed user is just asking for trouble. Anyway, Microsoft's guidance on the whole "departed" user is still a bit unclear, they've positioned "inactive mailboxes" for this scenario, but then did the whole "convert to shared mailbox" thingy as part of the "remove user" wizard. Here's an article from a while back where I compare the two methods: https://practical365.com/exchange-online/shared-mailboxes-vs-inactive-mailboxes-departed-users/

@Vasil Michev 

 

Thanks for the link. Appreciate.