Converting an Exchange Shared mailbox back to a normal mailbox

Posted: March 28, 2013 in Exchange, Powershell, Solved
Tags: ,

I have a few mailboxes I created way back in Exchange 2003 that are shared between several people, so after migrating to Exchange 2013 I decided to reconfigure those shared mailboxes “correctly” as actual “Shared” mailboxes. That was easy.

Then I discovered a small problem. Shared mailboxes only work when using the full Outlook client or through OWA. Up to now, Activesync was the primary method of accessing these mailboxes, and you can’t access a Shared mailbox using Activesync!

The reason is pretty simple. Shared mailboxes are created based on a disabled Active Directory user account. This is great for security, and also great because you don’t need a license for that mailbox. By disabling the AD account however, you have no way to authenticate using Activesync.


Setting the Shared mailbox back to a Regular mailbox should be simple. In the Exchange Management Shell just run the following command

set-mailbox [mailbox name] -type Regular

If that works without errors then you’re all done.

For me though I then got an error

Active Directory operation failed on [domain controller]. The password is invalid. Unable to update the password. The
value provided for the new password does not meet the length, complexity, or history requirements of the domain.
+ CategoryInfo          : NotSpecified: (:) [Set-Mailbox], ADInvalidPasswordException
+ FullyQualifiedErrorId : 3413C810,Microsoft.Exchange.Management.RecipientTasks.SetMailbox
+ PSComputerName        : [exchange hostname]

So something extra is needed

I’m sure there is a way to do it using the powershell command, but nothing I tried worked. I just kept errors saying the password didn’t meet complexity requirements or that I didn’t have permissions (logged in as the Domain Admin!)

In the end, I just used AD Users and Computers to set a password directly on the disabled user account and then ran the command again and that time it worked.

  1. Michael says:

    First article that i read here. Why not change title to “Create Shared Mailbox (NOT)” so that people like me who want to make a sharde mailbox, dont do it because they find out it is useless (based on above info)

  2. paulusdymaconDominik says:

    The thing is to enable the mailbox user at first and to make sure there is a password set that meets the password policy 😉

  3. Vijay says:

    I am unable to get my mails after changed from shared mailbox to normal mailbox

  4. ara says:

    you made my day! thanks a lot

  5. Ronny Kaufmann says:

    Just for your Reference:

    Import-Module ActiveDirectory;
    Set-ADAccountPassword -identity SamAccountNameOfMailbox -Server youraddomainhere.loc -NewPassword (ConvertTo-SecureString -Force -AsPlainText “YourComplexPasswordHere”)

    But to be fair, this Cmdlet is newer than your blogpost.

    Greetings, Ronny

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s