I have a few mailboxes I created way back in Exchange 2003 that are shared between several people, so after migrating to Exchange 2013 I decided to reconfigure those shared mailboxes “correctly” as actual “Shared” mailboxes. That was easy.
Then I discovered a small problem. Shared mailboxes only work when using the full Outlook client or through OWA. Up to now, Activesync was the primary method of accessing these mailboxes, and you can’t access a Shared mailbox using Activesync!
The reason is pretty simple. Shared mailboxes are created based on a disabled Active Directory user account. This is great for security, and also great because you don’t need a license for that mailbox. By disabling the AD account however, you have no way to authenticate using Activesync.
SOLUTION
Setting the Shared mailbox back to a Regular mailbox should be simple. In the Exchange Management Shell just run the following command
set-mailbox [mailbox name] -type Regular
If that works without errors then you’re all done.
For me though I then got an error
Active Directory operation failed on [domain controller]. The password is invalid. Unable to update the password. The
value provided for the new password does not meet the length, complexity, or history requirements of the domain.
+ CategoryInfo : NotSpecified: (:) [Set-Mailbox], ADInvalidPasswordException
+ FullyQualifiedErrorId : 3413C810,Microsoft.Exchange.Management.RecipientTasks.SetMailbox
+ PSComputerName : [exchange hostname]
So something extra is needed
I’m sure there is a way to do it using the powershell command, but nothing I tried worked. I just kept errors saying the password didn’t meet complexity requirements or that I didn’t have permissions (logged in as the Domain Admin!)
In the end, I just used AD Users and Computers to set a password directly on the disabled user account and then ran the command again and that time it worked.
First article that i read here. Why not change title to “Create Shared Mailbox (NOT)” so that people like me who want to make a sharde mailbox, dont do it because they find out it is useless (based on above info)
Well, shared mailboxes can be useful, but yes, I didn’t realise the limitations myself either until after I had created it… Hence the post
The thing is to enable the mailbox user at first and to make sure there is a password set that meets the password policy 😉
It doesn’t really matter if you enable the account first, but yes, as I mentioned you just need to set the password manually.
I am unable to get my mails after changed from shared mailbox to normal mailbox
Ok. If that was a question then there’s not much info there to work with.
you made my day! thanks a lot
Just for your Reference:
Import-Module ActiveDirectory;
Set-ADAccountPassword -identity SamAccountNameOfMailbox -Server youraddomainhere.loc -NewPassword (ConvertTo-SecureString -Force -AsPlainText “YourComplexPasswordHere”)
But to be fair, this Cmdlet is newer than your blogpost.
Greetings, Ronny