Shared Mailboxes in Microsoft 365: The Ultimate Positive Guide for Easy Setup & Best Practices

by

Understanding Shared Mailboxes in Microsoft 365 is a crucial skill for every Exchange Online administrator. If you’re learning Exchange Online through this blog series, then today you’re mastering one of the most commonly used and heavily misunderstood mailbox types.

Shared-Mailboxes
Shared Mailboxes

In this detailed guide, I’ll walk you through how Shared Mailboxes work, how to set them up properly, how permissions really behave behind the scenes, and the best practices every admin should follow to avoid data loss, audit failures, and permission chaos.

This is the same structured approach I use when training new IT administrators, messaging engineers, and Microsoft 365 consultants.

1. Introduction to Shared Mailboxes

Let’s begin with the basics. A Shared Mailbox is a mailbox in Exchange Online that multiple users can access same time. Unlike a user mailbox, Shared Mailboxes do not have login credentials unless you explicitly assign them a license.

Shared Mailboxes are ideal for departments that need centralized communication access such as:

  • Support teams
  • HR departments
  • Finance teams
  • Sales groups
  • Operations or logistics teams

In real‑world Microsoft 365 deployments, Shared Mailboxes reduce licensing costs while improving collaboration—making them one of the most efficient mailbox types in your Exchange Online toolbox.

2. Why Organizations Use Shared Mailboxes

Most companies use Shared Mailboxes because they:

Centralize communication

Everyone sees incoming emails, outgoing replies, and historical threads.

Reduce licensing costs

Shared Mailboxes under 50GB don’t require a license.

Improve continuity

When employees leave, communication stays within the team.

Support team workflows

Teams like support@ or hr@ need group visibility.

Improve accountability

With auditing enabled, you always know who sent what.

Understanding these advantages will help you design scalable and secure communication workflows.

3. How Shared Mailboxes Work Technically

Behind the scenes, a Shared Mailbox is simply a mailbox object in Azure AD and Exchange Online with a specific mailbox type classification.

Key technical behaviors:

  • Does not require login (unless licensed)
  • Supports Send As and Send on Behalf
  • Supports full access for delegated users
  • Accessible on mobile
  • Does not count toward user mailbox quotas
  • Auto‑appear into Outlook if automapping is enabled

Shared Mailboxes behave 90% like user mailboxes—just without their own credentials.

4. Licensing Requirements

A Shared Mailbox does NOT require a license if:

  • Its capacity is below 50GB
  • It is not accessed via direct login

A Shared Mailbox requires a license if:

  • Mailbox size must exceed 50GB
  • You need to enable litigation hold
  • You must enable eDiscovery retention
  • You want users to sign in directly
  • You want to use mobile applications

Most organizations keep Shared Mailboxes unlicensed unless a compliance requirement demands otherwise.

5. Creating a Shared Mailbox

You can create a Shared Mailbox through:

Microsoft 365 Admin Center

  1. Go to Teams & GroupsShared mailboxes
  2. Select Add a shared mailbox
  3. Enter mailbox name + email
  4. Click Create
  5. Add members under “Members”

Exchange Admin Center

  1. Go to RecipientsShared
  2. Add shared mailbox
  3. Assign users as members

PowerShell (Recommended for admins)

New-Mailbox -Shared -Name "Support" -DisplayName "Support Team" -PrimarySmtpAddress support@domain.com

PowerShell gives you more control and is ideal for bulk provisioning.

6. Assigning Permissions

There are three critical permissions for Shared Mailboxes:

1. Full Access

Allows users to read and manage mailbox items. Full access users can not send email until you give them send as permission or send of behalf permission.

Add-MailboxPermission -Identity Support -User user@domain.com -AccessRights FullAccess

2. Send As

Allows users to send email from the Shared Mailbox.

Add-RecipientPermission -Identity Support -Trustee user@domain.com -AccessRights SendAs

3. Send on Behalf

When anyone has send on behalf access of shared mailbox and if user send email from shared mailbox using send of behalf then it will Displays “user@domain.com on behalf of Support”.

Set-Mailbox -Identity Support -GrantSendOnBehalfTo user@domain.com

Understanding these differences is essential for correct configuration.

7. Automapping Explained

Automapping automatically adds the Shared Mailbox to the user’s Outlook profile when you grant Full Access permissions. it is enabled by default and Outlook automatically loads the mailbox.

Cannot be disabled in Admin Center

To disable automapping, use PowerShell:

Add-MailboxPermission -Identity Support -User user@domain.com -AccessRights FullAccess -AutoMapping:$false

Automapping is helpful for most users, but disabling it improves performance for large mailboxes.

8. Converting User Mailboxes ↔ Shared Mailboxes

Convert User → Shared

Used when an employee leaves and the organization retains the mailbox or that mailbox is going to use by multiple Team members and Team leader want to monitor that mailbox.

Set-Mailbox user@domain.com -Type Shared

Convert Shared mailnbox → User mailbox

Needed when the mailbox must have login credentials:

Set-Mailbox support@domain.com -Type Regular

if you Convert shared mailbox to user mailbox or vise versa then it does not delete any data.

9. Using Shared Mailboxes in Outlook & Mobile

Outlook Desktop

Loads automatically if automapping is enabled or users can manually add if needed.

Outlook Web (OWA)

Supports Shared Mailboxes natively.

Mobile Apps

you can access shared Mailboxes in mobile as well but there should be an user mailbox already configured then only it can be access otherwise it cannot be accessed on mobile unless you assign a license and convert them to user mailboxes.

Many admins overlook this!

10. Configuring “Send As” vs “Send on Behalf”

Send As

  • if you send email using send as the email looks like that it was shared from Mailbox directly.
  • Used for professionalism (e.g., support@domain.com).

Send on Behalf

  • Shows the sending user. It will clearly show that message was send on behalf and if you reply on that message then it will go to sender inbox that on shared mailbox inbox.
  • Useful for transparency (e.g., executive assistants).

Always choose based on business need.

11. Mail Flow Settings

Shared Mailboxes support mail flow rules such as:

  • Forwarding
  • Inbox routing
  • Message moderation
  • Automatic replies
  • External disclaimers

You can configure forwarding using below powershell command or you can enable directly from exchange admin center.

From Exchange admin center:

Exchange admin center --> Recipients --> Mailboxes --> select mailbox and click email forwarding --> Enable Forward all emails sent to this mailbox --> enter email ID on which you want to forward email
Set-Mailbox Support -ForwardingAddress manager@domain.com -DeliverToMailboxAndForward $true

Moderation is useful when emails require approval before delivery.

12. Security & Compliance Considerations

Because Shared Mailboxes are accessed by many users, security becomes essential.

Enable mailbox auditing

Enabled by default in modern tenants.

Use least-privilege access

Only assign permissions to those who truly need them.

Use groups for permission assignments

Avoid adding users individually.

Avoid converting high-risk mailboxes into Shared Mailboxes

For example: executive mailboxes.

Be careful with forwarding

Can create accidental data leaks.

Shared Mailboxes often become compliance blind spots—don’t let that happen.

13. Common Mistakes to Avoid

Here are errors frequently made by junior admins:

Giving licenses unnecessarily

Shared Mailboxes under 50GB are free.

Allowing users to directly log in

This defeats the purpose of being “shared”.

Adding permissions directly instead of using security groups

Security becomes chaotic.

Not removing permissions when employees leave

Former employees continue seeing team communication.

Misunderstanding Send As vs Full Access

Full Access does not include Send As.

Avoiding these mistakes will improve your administrative hygiene significantly.

14. Best Practices

Here are expert-level best practices every Exchange Online admin should follow:

Use security groups to assign permissions

Makes permission management scalable.

Audit Shared Mailboxes annually

Identify unnecessary access.

Enable mailbox auditing

Track all actions.

Document ownership & permitted users

Every Shared Mailbox must have an accountable owner.

Avoid using Shared Mailboxes for personal communication

Promotes transparency.

Implement retention policies

Prevents accidental data deletion.

Regularly monitor mailbox size

Avoid unlicensed mailboxes growing beyond 50GB.

Use PowerShell for bulk operations

More accurate and efficient.

Shared Mailboxes are powerful—but only when properly governed.

15. Final Thoughts

Shared Mailboxes in Microsoft 365 are among the most useful tools for organizational communication. But many admins treat them casually, which leads to compliance risks, permission mismanagement, and operational confusion.

By mastering the concepts you learned today—setup, permissions, automation, licensing, and best practices—you’re elevating your Exchange Online skills to a professional level.

This guide is part of my ongoing series where I teach Microsoft 365 and Exchange Online with practical, real‑world insights. Stay tuned: more advanced tutorials are coming soon!

Vishal Prajapati is a Microsoft 365 administrator and technology enthusiast with hands-on experience managing and supporting modern cloud-based environments. He works extensively with Microsoft 365 services and focuses on helping administrators understand complex concepts through clear, practical, and real-world guidance.

Leave a Comment