17 apr 2019

Office 365, Exchange Online: Read Only permission on Shared Mailbox folders



A shared mailbox is a mailbox that multiple users can use to read and send email messages. Shared mailboxes can also be used to provide a common calendar, allowing multiple users to schedule and view vacation time or work shifts, a shared mailbox is a type of user mailbox that doesn't have its own user name and password. As a result, users can't log into them directly.

To access a shared mailbox, users must first be granted Send As or Full Access permissions to the mailbox. In this case automapping connect the shared mailbox with the related users.

If you want share the mailbox in read only, or better with "reviewer" permissions, you have to remove the user from Full Access permissions and then use PowerShell to set the correct permissions.

Note: In this case the automapping will do not work

As a first step, check it out the default permission

Add-MailboxPermission -Identity SharedMailbox -User 'Username' -AccessRights ReadPermission


and then is time to set the "Reviewer" permissions for any folder you want to share in read only

Add-MailboxFolderPermission -Identity TSM:\ -User upn@domain.com -AccessRights Reviewer
Add-MailboxFolderPermission -Identity TSM:\Inbox -User upn@domain.com  -AccessRights Reviewer
Add-MailboxFolderPermission -Identity TSM:\Outbox -User upn@domain.com  -AccessRights Reviewer

Be careful: You have to apply the permission to each mailbox folder. This configuration requires Outlook App 


In which TSM is the shared folder name



To remove permission, i.e.

Remove-MailboxFolderPermission -Identity TSM:\Outbox -User upn@domain.com

and the last but not the least, if you need it, you can setup the shared mailbox to copy sent items in your "sent items" folder

Set-Mailbox TSM MessageCopyForSentAsEnabled $True  -MessageCopyForSendOnBehalfEnabled $True