none
Split a shared mailbox - permission's maybe?

    Question

  • Hi peeps,

    I'm kind of looking for a solution for this issue:

    Terminated user’s needs a specific auto reply put on automatically, and their mailbox to be disabled if possible afterwards to free a license.

    First idea on how to solve the issue:
    Create a shared mailbox with a specific auto reply where the terminated users are added as mail alias's. This works fine, until the next issue comes up.

    Next issue:

    What if a new person in charge or a collage is going to need to have a look at the new mails that might still come to a mailbox of a terminated user, which is now going to end up in the shared mailbox.

    Are there any options to delegate permissions on the shared mailbox, so a user only has access to see parts of it, like a sub folder or such or only mails sent to a specific mail alias?

    As this was the first thought that went into my mind, i'm more then welcoming other suggestions to solve this issue as well.

     

    Looking forward to hear from anyone :)


    • Edited by WinkDk Thursday, August 24, 2017 12:16 PM
    Thursday, August 24, 2017 12:16 PM

All replies

  • Hi peeps,

    I'm kind of looking for a solution for this issue:

    Terminated user’s needs a specific auto reply put on automatically, and their mailbox to be disabled if possible afterwards to free a license.

    First idea on how to solve the issue:
    Create a shared mailbox with a specific auto reply where the terminated users are added as mail alias's. This works fine, until the next issue comes up.

    Next issue:

    What if a new person in charge or a collage is going to need to have a look at the new mails that might still come to a mailbox of a terminated user, which is now going to end up in the shared mailbox.

    Are there any options to delegate permissions on the shared mailbox, so a user only has access to see parts of it, like a sub folder or such or only mails sent to a specific mail alias?

    As this was the first thought that went into my mind, i'm more then welcoming other suggestions to solve this issue as well.

     

    Looking forward to hear from anyone :)


    I think you are over engineering this :)

    Auto replies are generally a bad idea. If you want to do this, I would leave the mailbox intact with the AD account disabled. - even if it requires a license. Is this on-prem? THe license thing is not really needed if so...


    If this is Exchange Online, convert to a shared mailbox and remove the license.
    Thursday, August 24, 2017 12:45 PM
  • Hi,

    we have similar requirements for our disabled AD accounts with intact mailboxes. Our solution:

    - create a dynamic distribution list which includes all disabled Mailbox Accounts
    (Recipient Filter could be an OU with all disabled Accounts)

    - create a custom NDR
    https://technet.microsoft.com/en-us/library/aa996803.aspx

    - Associate the custom DSN Message with a Transport Rule
    https://technet.microsoft.com/en-us/library/bb123506.aspx

    For the license thing, what about converting disabled Accounts to Mail-Enabled Users?


    Georg

    Thursday, August 24, 2017 2:09 PM
  • I Agree with Andy if the Exchange in On-prem. but if you really want to achieve what you want then try this,

    1. Create Shared mailbox.
    2. Add the email address of the terminated employee.
    3. Login to shared mailbox and create folder for terminated emp.
    4. create a mail rule to move emails send to Terminated emp.
    5. Apply folder level permissions if someone need to access to Terminated Emp.

    You have to do this for each terminated Emp.  A lot of administrative work.

    the solution provide by Andy if your easiest route with less admin work.

    thanks,

    Zak


    ZakBhai

    Thursday, August 24, 2017 7:36 PM
  • Probberly, i wouldn't discard that :)

    We are running a on-prem, and i would agree that auto reply's aren't really the best idea, but for now that will be the case aleast.


    Wednesday, October 4, 2017 12:40 PM
  • Hi Georg,

    First of all, thanks for your reply.

    I will look into your solution on this. But how will the process be if a manager want's to lookup into a disabled users mailbox, without being able to see mails comming to orther disabled users mailboxes. Will i just be by enabling the user again and granting full access rights or how so?

    Wednesday, October 4, 2017 12:47 PM
  • Hi ZakBhai,

    I was looking into this as well before comming on here and i discarded this solution pretty quick as it will just add more administrative work, rather the makeing the process more smooth.

    But I appriciate your reply :)

    Wednesday, October 4, 2017 12:49 PM