Remote Shared Mailbox (ExO)

For this tip of the week we’ll talk about something specific in Exchange Hybrid and PowerShell. Specifically it has to do with the creation of Remote Mailboxes in you Exchange Online tenant. From your Exchange on-premises server there is a cmdlet called New-RemoteMailbox. While this cmdlet is great for creating mailboxes in Exchange Online as well as their connected AD object for you in one fell swoop, there was a limit to its functionality. Simply put, you could not add a remote mailbox directly with the cmdlet.

We can now create a Shared Mailbox like so:

[sourcecode language=”powershell”]
New-RemoteMailbox -Name "Accounts Payable" -Shared -UserPrincipalName AccountsPayable@domain.com -OnPremisesOrganizationalUnit "domain.com/Shared"
[/sourcecode]
Notice the one-liner is similar to how you were able to create a remote resource mailbox in Exchange Online. Those mailboxes could be created with the -Equipment or -Room switch as needed.

Prior to these changes in order to create a Shared Remote Mailbox prior to these changes you would have to do the following in PowerShell:

(1) From your Exchange on-premises server, run something similar to this:
[sourcecode language=”powershell”]
New-RemoteMailbox ……
[/sourcecode]
(2) Then you would start a delta sync from your Azure AD Connect server:
[sourcecode language=”powershell”]
Start-ADSyncSyncCycle Delta
[/sourcecode]
(3) Finally, once that mailbox was in your Exchange Online tenant, you would be able to convert the mailbox into a shared mailbox. However, you would need to connect to Exchange Online PowerShell which could be complicated by an MFA login. [** Note ** If you haven’t turned on MFA for those who have access to Exchange Online PowerShell, you should. It is a best practice as per Microsoft.]

Non-MFA Method
[sourcecode language=”powershell”]
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session
[/sourcecode]
MFA Method
[sourcecode language=”powershell”]
$LiveCred = Get-Credential
Connect-EXOPSSession -Credential $LiveCred
[/sourcecode]
Once connected, you were then able to convert the mailbox, with PowerShell, to a shared mailbox with a one-liner like this:
[sourcecode language=”powershell”]
Get-Mailbox NewShared | Set-Mailbox -Type Shared
[/sourcecode]
Notes from Microsoft

https://github.com/MicrosoftDocs/office-docs-powershell/blob/master/exchange/exchange-ps/exchange/federation-and-hybrid/New-RemoteMailbox.md

“-Shared
Note: This switch is available only in Exchange 2013 CU21 or later and Exchange 2016 CU10 or later. To use this switch, you also need to run setup.exe /PrepareAD. For more information, see KB4133605.
The Shared switch specifies that the mailbox in the service should be created as a shared mailbox. You don’t need to specify a value with this switch.
You can’t use this switch with the Room or Equipment switches.”

** Caveats to the new parameter – you will need to run this prior to seeing the parameter available in PowerShell:
[sourcecode language=”powershell”]
setup /preparead /IAcceptExchangeServerLicenseTerms
[/sourcecode]
Make sure to also read the just posted article about Shared Mailbox sizing and provisioning at the EHLO blog – https://techcommunity.microsoft.com/t5/exchange-team-blog/correcting-shared-mailbox-provisioning-and-sizing/ba-p/607991

Related Post