I have a few mailboxes I created way back in Exchange 2003 that are shared between several people, so after migrating to Exchange 2013 I decided to reconfigure those shared mailboxes “correctly” as actual “Shared” mailboxes. That was easy.
Then I discovered a small problem. Shared mailboxes only work when using the full Outlook client or through OWA. Up to now, Activesync was the primary method of accessing these mailboxes, and you can’t access a Shared mailbox using Activesync!
The reason is pretty simple. Shared mailboxes are created based on a disabled Active Directory user account. This is great for security, and also great because you don’t need a license for that mailbox. By disabling the AD account however, you have no way to authenticate using Activesync.
Setting the Shared mailbox back to a Regular mailbox should be simple. In the Exchange Management Shell just run the following command
set-mailbox [mailbox name] -type Regular
If that works without errors then you’re all done.
For me though I then got an error
Active Directory operation failed on [domain controller]. The password is invalid. Unable to update the password. The
value provided for the new password does not meet the length, complexity, or history requirements of the domain.
+ CategoryInfo : NotSpecified: (:) [Set-Mailbox], ADInvalidPasswordException
+ FullyQualifiedErrorId : 3413C810,Microsoft.Exchange.Management.RecipientTasks.SetMailbox
+ PSComputerName : [exchange hostname]
So something extra is needed
I’m sure there is a way to do it using the powershell command, but nothing I tried worked. I just kept errors saying the password didn’t meet complexity requirements or that I didn’t have permissions (logged in as the Domain Admin!)
In the end, I just used AD Users and Computers to set a password directly on the disabled user account and then ran the command again and that time it worked.