Skip to main content
Version: Insiders

Shared Mailboxes

This article guides you through the EasyLife 365 Mail learning path. The goal of the EasyLife 365 Mail learning path is to increase your understanding of how to work with the EasyLife 365 Admin and demonstrate how EasyLife templates and policies work. This learning path takes you through all of EasyLife's policy stages and actions. The learning path requires four days to complete a full cycle, as the EasyLife engine scans run once per day. The individual time required is less than one hour per day.

We want a learning shared mailbox to have at least two owners. The shared mailbox's usage has to be confirmed by the owners after one day. We will also configure an access review policy that requires the owners to review members of the shared mailbox after one day.

Prerequisites

To complete this exercise, there are a few things we will need to have.

  • Complete the onboarding.
  • You will require a Notifications Email Address to which the policies will be configured to send notifications.
  • You need to create a shared mailbox using the Exchange Online Admin portal.
  • Login to the EasyLife 365 Admin to create policies and templates.
  • Login to the EasyLife 365 Mail App to use these policies and templates to create resources.
  • Observe, over a number of days, the EasyLife 365 Mail Engine applying the policies to shared mailboxes we created.

Create policies and templates

info

This part of the exercise is completed in the EasyLife 365 Admin. Sign in to the EasyLife 365 Admin to begin.

Create a policy

As a first step, create a new policy to support our learning scenario.

  • In the EasyLife 365 Admin, go to Policies on the main menu and select Shared Mailbox.
  • Click Create to create a new policy.

Card

We will begin by configuring the basic details for the policy we want to create.

info

You will notice that some sections are invalid, as indicated by a warning icon ⚠. The Save Changes button will remain inactive until all validation issues are resolved. In this case, the validation is highlighting required values that we have not yet supplied. We will proceed to complete the missing information.

  • In the Card section, set the Title to Learning Policy.
  • Enter a Description in the Description field.
  • As you fill out the details, data validation automatically checks if all required entries are completed. The warning icon on the Card section will no longer be displayed.
  • Set the policy to be active by checking the Active box and leave the Default box unchecked.

Owners

We will now configure the minimum owner policy. This policy makes sure a shared mailbox has (at least) a specified number of owners.

  • In the navigation section on the left side, select Owners.
  • Select all of the options on the Auto-heal tab. The Auto-heal feature will be responsible for handling the ownerless policy.
  • On the Escalations tab, enter the Notifications Email Address that will get alerted if a shared mailbox is left without owners.
  • Turn on the minimum owner's policy by enabling the Enable policy toggle.
  • The Trigger for Minimum Owners is by default set to 2.
note

The Trigger for Minimum Owners can be edited on Distribution Lists. This value cannot be edited for Shared Mailboxes, Room Mailboxes, and Equipment Mailboxes.

  • Click Reminders.
  • Set Number of reminders to 2 and Interval between reminders (days) to 1.
  • Click Actions.
  • Enter the Notifications Email Address that will get alerted if owners don't react to notification emails.

Confirmation

We will now configure the confirmation policy. This policy will ask the owners of a resource to confirm that the resource is still in use after a given number of days.

  • In the navigation section on the left side, select Confirmation.
  • Turn on the confirmation policy by enabling the Enable policy toggle.
  • Set the Trigger for Interval (days) to 1.
  • Click Reminders.
  • Set Number of reminders to 2 and Interval between reminders (days) to 1.
  • Click Actions.
  • Choose the radio button Delete.
warning

This will cause the EasyLife 365 Mail Engine to delete this mailbox if no confirmation of continuing use is received from any of the Owners of this shared mailbox.

Access Review

We will now configure the access review policy. This policy asks owners to review members and owners of the shared mailbox after a given number of days.

  • In the navigation section on the left side, select Access Review.
  • Turn on the access review policy by enabling the Enable policy toggle.
  • Set the Trigger for Interval (days) to 1.
  • Click Reminders.
  • Set Number of reminders to 2 and Interval between reminders (days) to 1.
  • Click Actions.
  • Choose the radio button None.
tip

When configuring the above policies, under Triggers, we set the trigger interval to 1. This will allow the EasyLife 365 Mail Engine to scan this shared mailbox daily, which is suitable for testing purposes. However, in practice, you may want to allow longer intervals.

Template Policy

For this Learning Guide we will not look at the template policy. To learn how the template policy works You can visit the following Learning Guide: template policy

Create a template

After creating the policies, we continue and create a new template for our learning shared mailbox.

  • In the EasyLife 365 Admin, go to Templates on the main menu.
  • Select Shared Mailboxes.
  • Click Create to create a new template.

Card

  • In the Card section, set the Title to Learning Template.
  • Enter a Description in the Description field.
  • As you fill out the details, data validation automatically checks if all required entries are completed. The warning icon on the Card section will no longer be displayed.
  • Choose a nice color for the card.
  • Set the template to active by checking the Active box.
  • Leave the text box below Audience empty.

Policies

  • Navigate to the Policies section on the left side.
  • Select the Learning Policy in the drop-down.
  • A summary of the policy configuration will be displayed for your awareness.
  • Click Save changes to create the template.

Execute the learning guide

info

This part of the exercise is completed in the EasyLife 365 Mail App. Sign in to the EasyLife 365 Mail App to begin.

Now you can start with the following steps of the learning path.

Day One

On Day One, we create a new shared mailbox and remove an owner to make it non-compliant with our policies. This will allow us to see how the EasyLife 365 Mail Engine will notify us of this non-compliance and allow us to rectify this.

Create a shared mailbox from EasyLife 365 Mail App

  • In the EasyLife 365 Mail App, go to Create on the main menu.
  • Scroll to the Shared Mailboxes section.
  • Click the Learning Template we created in the previous exercise.
  • This will launch the shared mailbox creation wizard.
  • Complete the required information. Use values that you will remember as we will need to refer back to this shared mailbox.
  • Click Next to navigate to the Members and Owners step.
  • You have to add a second owner because the policy requires a minimum of two owners.
  • On the Members and Owners step, select one additional user.
info

You are already added as an owner. So you only need to select one additional owner. You will not be able to add a user more than once.

  • Change the role of the selected user to "Owner" in the dropdown.
  • Click Let's do it to queue the shared mailbox for creation.

The shared mailbox is created and should now appear under the Shared Mailboxes section. Please note that this may take a few minutes to complete the provisioning.

Remove an owner from the shared mailbox

  • In the EasyLife 365 Mail App go to Shared Mailboxes on the main menu.
  • Wait until the Shared Mailbox appears on this page. You may refresh the page a few times and use the name filter to aid you.
  • Click the shared mailbox you created.
  • Navigate to the Team section on the left.
  • Select the Access tab and wait for the data to update.
  • Click on Edit.
  • Remove the second owner using the corresponding delete button in the permissions table.
  • Click Save to apply the changes.

At this stage, the shared mailbox is no longer compliant with the policies that we set up.

Shared mailbox using Auto-Heal policy

Auto-Heal is a valuable feature available for shared mailboxes, room mailboxes, and equipment mailboxes. This functionality activates when no owners have been designated for a resource, automatically assigning an owner based on the auto-heal configuration. To be able to test this test feature on would need to create a shared mailbox in Exchange Online through the Exchange Admin Center (EAC). Below is a simplified instruction for creating the mailbox using the EAC, along with how to add users with Send As and access permissions.

Creating a Shared Mailbox in the Exchange Admin Center
  • Log into the Exchange Admin Center if not already logged in.
  • Resources In the left navigation, click on Resources.
  • Add an equipment mail Click on Mailboxes tab, then + Add a shared mailbox.
  • Fill in the Details and enter the necessary details (name, email address, etc.). Use values that you will remember as we will need to refer back to this shared mailbox.
  • Click Save to finish setting up the shared mailbox.
Adding Users with Send As Permissions:
  • Select the Mailbox and click on the mailbox you just created (shared, room, or equipment).
  • Manage Permissions under Mailbox delegation, you'll find the Send As section.
  • Add Users:
    • Click on + Add permissions in the Send As section.
    • Search and select the users you want to grant permissions to.
    • Click Add and then Save to apply the changes.
Adding Users with Access Permissions:
  • Select the Mailbox In the EAC, click on the mailbox to which you want to grant access.
  • Mailbox Delegation Find the Mailbox delegation section.
  • Full Access In the Full Access section, click on + Add permissions.
  • Add Users:
    • Search and select the users you want to give access to.
    • Click Add and then Save to apply the changes.

Day Two

On Day Two, we receive a notification from the EasyLife 365 Mail Engine and attempt to rectify the issue. The Owner Count policy marks the shared mailbox as not compliant because you removed the second owner.

  • Check the Notifications Email Address for notifications from EasyLife 365 Mail.
  • Identify the notification for assigning owners to our now non-compliant shared mailbox.
  • Use the button to add a second owner right there from the notification.

Applying Auto-heal policy

  • In the EasyLife 365 Admin go to the Manage on the main menu and press it, and on the page that loads then press Shared Mailbox. A list of all shared mailboxes in your tenant will be shown along with their assigned template, policy, and compliance status.
  • In the name filter, filter for the shared mailbox that you created in the Exchange Admin Center on Day One by its name.
  • Select the checkbox beside the mailbox name in the filtered results.
  • Click on the Change Policy button.
  • A list of policies and select the Learning Policy policy, and then click Next.
  • A summary of the policy that will be applied will be loaded, once you have gone through it you can click the Do it button to complete the process.

Day Three

On Day Three, we focus on the confirmation policy and the auto-heal feature on the owner policy. The Confirmation policy marks the Shared Mailbox as not compliant.

  • Check the Notifications Email Address for notifications from EasyLife 365 Mail.
  • Identify the corresponding notification for confirming the usage of our now non-compliant shared mailbox.
  • Leave it as is to trigger the confirmation policy action on the next policy scan cycle.

Auto-Heal Feature Checks:

  • In the EasyLife 365 Mail App, select Shared Mailboxes on the main menu.
  • After the resources page has loaded, look for the shared mailbox we create in the Exchange Admin Center in Day One.
  • Navigate to the Team section on the left.
  • Select the Access tab and wait for the data to update.
  • The access table should now show two owners, as one of the users with permissions on the access page will have been made an owner.
  • Navigate to the Owner section using the left vertical tab.
  • Verify that there are two owners assigned to the shared mailbox.

Day Four

On Day Four, we focus on the escalation actions taken by the confirmation policy. The Confirmation policy marks the shared mailbox as non-compliant. On Day Three, we received a notification with a request to confirm the usage of the shared mailbox. However, we chose to ignore this notification and did not take action on it. Our policy is configured to delete shared mailboxes that are not confirmed according to the policy configuration.

info

The EasyLife 365 Mail engine removed the Shared Mailbox Learning Shared Mailbox.

  • In the EasyLife 365 Mail App, go to Shared Mailboxes on the main menu.
  • Verify that the shared mailbox is no longer available in the shared mailboxes collection.

Cleanup

Congratulations! You have completed the EasyLife 365 Mail Shared Mailbox learning path. Please go back to the EasyLife 365 Admin and delete the Template Learning Shared Mailbox Template and the policy Learning Policy.