Hybrid Management - Part 02 - Creating local Exchange Shared Mailboxes

Welcome to my tutorials on Hybrid Exchange - Office 365 Administration -

All Hybrid Administration Tutorials
- How to configure your desktop PC for Hybrid Exchange - Office 365 - Azure Administration - Link
- How to connect to Hybrid Exchange - Office 365 - Azure AD and Local AD via PowerShell - Link
- Hybrid Management - Part 01 - Creating local User mailboxes - Link
- Hybrid Management - Part 02 - Creating local Exchange Shared Mailboxes - Link
- Hybrid Management - Part 03 - Creating local Exchange Room and Equipment Mailboxes - Link
- Hybrid Management - Part 04 - Configure the Hybrid Connection Wizard - Link
- Hybrid Management - Part 05 - Individual mailbox moves via the EAC - Link
- Hybrid Management - Part 06 - Bulk mailbox moves via the EAC - Link
- Hybrid Management - Part 07 - Moving bulk mailboxes with PowerShell - Link
- Hybrid Management - Part 08 - Creating Office 365 User Mailboxes via PowerShell - Link
- Hybrid Management - Part 09 - Creating Office 365 Shared Mailboxes via PowerShell - Link
- Hybrid Management - Part 10 - Creating Office 365 Room and Equipment Mailboxes via PowerShell - Link

----------------------------------------------------------------------------------------------------

Pre-requisites

Preparation Guides
- Follow the guides below to ensure your PC should is configured for Hybrid Administration - 
How to configure your desktop PC for Hybrid Exchange - Office 365 - Azure Administration - Link
How to connect to Hybrid Exchange - Office 365 - Azure AD and Local AD via PowerShell - Link

Downloads -
My Hybrid Office 365 Administration Pack - Download Link
My Hybrid Connection Script - Download Link

Tutorials in this series -
As this is Part 02 of my series of tutorials on Hybrid Management, it is highly recommended that you are familiar with the process of creating Local Exchange User Mailboxes which is discussed in the previous tutorial -
Hybrid Management - Part 01 - Creating local User mailboxes - Link

-----------------------------------------------------------------------------------------------------

Introduction -
As you are already familiar creating Local Exchange User Mailboxes, we will jump straight into the process for creating Local Exchange Shared mailboxes.

The basic process for creating all local Exchange mailboxes is very similar, apart from a few small differences. In fact, if you compare the the csv files used in the creation of these objects, you will see there are only a few changes. Of course there is no Password column as Shared, Room and Equipment mailboxes are disabled by default.

All spreadsheets for all local Exchange mailbox creations have three permissions columns -
- Full Access
- Send As
- Send on Behalf.




It is highly recommended to assign an existing user the Full Access permission to all shared mailboxes for management of those emails.

-------------------------------------------------------------------------------------------------------

Local Shared Mailbox Creation -

Editing the csv file with your Shared Mailbox details

To start creating local Exchange Mailboxes, ensure you have already downloaded the following scripts and csv folders mentioned earlier in the pre-requisites section.
--- Hybrid Connection Script - Download Link
--- Hybrid Office 365 Administration Pack - Download Link

Extract the folders in the Hybrid Office 365 Administration Pack zip file to the folder c:\scripts. Move each of the csv files to the root of c:\scripts.


Edit the LocalSharedMailboxes.csv with your data.
See the example below for guidance -



*** Notes for editing the LocalSharedMailboxes.csv file ***
The following fields MUST contain data to create a valid mailbox -
- Name                         ( This becomes the Display Name )
- UPN                           ( This becomes the login ID which matches the email address )
- Alias                          ( This must match the start of the email address / UPN)
- OU                             ( This is the Organizational Unit of where you are creating the user)



Although that is the minimum that is needed to actually create a mailbox, you would in normal practice use FirstName and LastName for ease of management.

Things to be aware of when updating the spreadsheet for Shared mailboxes.
Name
- This becomes the Display Name of the user's mailbox

UPN
- This becomes the login ID which needs to match the Primary SMTP address

Alias
- Ensure this matches the start for the email address / UPN

OU
- Ensure the Organisational Unit is correct

CustomAttribute1
- This can be used to simplify Enterprise Management - Link

SendAs
- Enter the UPN of the user (or email address of group) that needs Send As permission to the mailbox
- Ensure this user exists before running the script

FullAccess
*** Note - If no user or group is assigned Full Access, no-one can access this Shared mailbox.
- Enter the UPN of the user (or email address of group) that needs Full Access permission to the mailbox
- Ensure this user or group exists before running the script

SendOnBehalf
- Enter the UPN of the user (or email address of group) that needs SendOnBehalf permission to the mailbox
- Ensure this user or group exists before running the script

Manager
- Enter the Alias of the Manager (this is usually the UPN without the domain name).
- - Example
- UPN / Email address of the Manager - user.101@teamterry365.com
- Alias of the Manager - user.101
- Ensure this user or group exists before running the script

Country
- Note that you must use the two character code for the Country - Link
- - Example -
- AU - Australia
- US - United States

The other fields are plain text fields which are self explanatory
- City
- Company
- Department
- HomePhone
- MobilePhone
- Office
- OfficePhone
- StreetAddress
- State
- PostalCode
- Country
- HomePage
- Fax

Once you have finished creating your csv file, save as C:\Scripts\LocalSharedMailboxes.csv

---------------------------------------------------------------------------------------------------

Running the scripts for Local Exchange Shared Mailbox creation

Connect to your local Exchange, AD and Azure AD Connect server using this tutorial -
- How to connect to Hybrid Exchange - Office 365 - Azure AD and Local AD via PowerShell - Link

Run the script -
Open PowerShell ISE and connect using my Hybrid Connection script - (see above).
Open the folder - New-LocalSharedMailbox - Drag the PowerShell file to ISE ready to run after you have updated the csv file.

Once you have updated your csv, you can simply run the script by clicking the Play arrow.

When the script runs, you will see that it has created the mailboxes.
There will be a two minute delay while it sets delegate permissions if specified.

After the delay, the script will continue and apply the delegate permissions.
The screen will display the delegate permission changes.

Once the permission changes are performed, the script will run a delta update on your Azure AD Connect server.
The script will then advise that the local Shared Mailboxes have been created and synched to Office 365.






-----------------------------------------------------------------------------------------------------

Confirming creation of Shared mailboxes
Log into the Local Exchange EAC and confirm the creation of the Shared mailboxes.









You can also confirm the successful setting of delegated permissions by checking the mailboxes.
















Now log in to the Office 365 EAC and confirm that Contacts have been created that correspond to the Local Exchange Mailboxes.













----------------------------------------------------------------------------------------------------------


Troubleshooting -
Error -
Set-ADUser : Identity info provided in the extended attribute: 'Manager' could not be resolved. Reason: 'Cannot find an object with identity: username@domain.com

Resolution -
Edit the csv file with alias of the Manager (Usually the start of the email address / UPN without the domain suffix)

Details -
Manager field in the csv file
- Enter the Alias of the Manager (this is usually the UPN without the domain name.)
- - Example
- UPN / Email address of the Manager - user.101@teamterry365.com
- Alias of the Manager - user.101

*** Note - A similar error will appear if you try to add a Manager or Delegate that does not exist ***

-----------------------------------------------------------------------------------------------------------

Troubleshooting -
Error -
Organizational unit "internal.domain.com/Company/Users" was not found. Please make sure you have typed it correctly.

Resolution - 
Edit the csv to have the correct path of the OU (Organizational Unit) that you need the User mailboxes to be created in.

No comments:

Post a Comment