1

we're trying to make a email-adress (support@domain.com) shared by two users (user1@domain.com, user2@domain.com)..

we created a shared mailbox (exhange 2010) and give user1-2 access to it.. it works great, they can access mail from the outlook.

however, that suppor@domain.com email address is NOT in proxyAddresses properties of Active Directory objects for user1 and user2.

-

We have a third party system that pull information from AD and it cannot detect that user1 and user2 has access to support@domain.com, since it parses proxyAddresses property of AD objects.

exchange UI does not allow adding that address as an alias.

is there a way to manually add that email to those users, from AD maybe?

Gokhan B.
  • 13
  • 3
  • Sharing mailboxes is a bad idea. Better set up an aliase delivering mail to both. – vonbrand Feb 27 '13 at 12:55
  • 1
    @vonbrand: I disagree. There's nothing wrong with shared mailboxes, provided you understand how it functions. The "collaborative" function of using a shared mailbox (or, like how we used to do it back in "the day" with a Public Folder) can really help some workflows. – Evan Anderson Feb 27 '13 at 14:43

1 Answers1

1

You can't assign the same proxyAddress to two objects in the Active Directory-- that's not a workable configuration. (Yes-- I've seen cases where people have managed to do it-- it doesn't work like you want it to because it's not supposed to ever happen.)

You have two choices-- either what you're already doing, or creating a mail-enabled group and making both users a member.

It sounds like your users like the shared mailbox (probably because they can see if items have been read / acted-upon, etc). Using a group to deliver to both users wouldn't give them that "collaboration" ability, which would probably not be desirable.

I'd think hard about why you care if the third-party system "knows" that these two users have access to that mailbox. Why does it need to "know" this? What does it change if the third-party system just sees the shared mailbox as a "user" and delivers email to it accordingly, since, in the end, the appropriate people will still have access to the shared mailbox?

Evan Anderson
  • 141,881
  • 20
  • 196
  • 331
  • "You can't assign the same proxyAddress to two objects.." thanks for clarifying that.. I wasted ridiculus amount of time on it :) Actually I'm one of the devs of 3rd party system. We need to know from AD that you're the intended recipient email, i.e the email is not forwarded to you. In non-shared mailbox cases, that's trivial if we just query ldap and parse proxyAddresses, then compare with the recipients. So I think we need to find a way to retreive user's shared mailboxes from AD or Exchange. – Gokhan B. Feb 28 '13 at 22:20
  • There's no attribute that really calls out who a shared mailbox is shared with, though. The mechanics of allowing the sharing are accomplished thru ACLs on the mailbox object in the Information Store. When you bring in the prospect of assignment of rights to a group and recursive group enumeration, though, I think it becomes a Hard Problem. – Evan Anderson Feb 28 '13 at 23:57