Create mailbox but restrict account to email only
How do I create a mailbox associated with an Active Directory account and ensure that account only has privileges to send and receive email. I do not want this account to be used for domain login. We are trying to provide a "general" mailbox for a department so multiple people in the department can access the mail with the shared credentials. We want to make sure the shared credentials cannot be used for any other domain purposes.
October 12th, 2009 10:04pm

Maybe this would work: You can create the mailbox and then in ADUC, go to the Account tab. Click the "Log On To" button. On the "Logon Workstations" select "The following computers" and then don't put any computers in the list. Andrea
Free Windows Admin Tool Kit Click here and download it now
October 12th, 2009 11:56pm

Agree with Andrea. That’s a good option. Users can’t login domain with the account. And, for mail, they can only access via OWA
October 13th, 2009 5:45am

In Exchange 2007, you can achieve this with a shared mailbox. Defining a mailbox as 'shared' creates a disabled Active Directory account to which the mailbox is connected. There is no password associated with this account, and you cannot use it for domain login. The mailbox is shared by one or more user accounts who will use their own domain credentials for access.The Exchange Management Console does not give the option for creating a shared mailbox in the new mailbox wizard. To create shared mailboxes you must use PowerShellExchange 2007 and Shared Mailboxeshttp://knicksmith.blogspot.com/2007/03/exchange-2007-and-shared-mailboxes.html Jon-Alfred Smith MCTS: Messaging MCSE: S+M
Free Windows Admin Tool Kit Click here and download it now
October 13th, 2009 6:03am

On Mon, 12-Oct-09 19:04:55 GMT, kpexchangeadmin wrote:>How do I create a mailbox associated with an Active Directory account and ensure that account only has privileges to send and receive email. I do not want this account to be used for domain login. We are trying to provide a "general" mailbox for a department so multiple people in the department can access the mail with the shared credentials. We want to make sure the shared credentials cannot be used for any other domain purposes. Disable the account. :-)---Rich Matheisene MVP--- Rich Matheisen MCSE+I, Exchange MVP
October 13th, 2009 6:29am

Well, if these users have their own account
Free Windows Admin Tool Kit Click here and download it now
October 13th, 2009 7:31am

The option you describe sounds like a perfect fit. I'm going to give that a shot. :-)
October 13th, 2009 6:53pm

On Tue, 13-Oct-09 04:31:47 GMT, James-Luo wrote:>Well, if these users have their own account Of course they would -- how else would they have a mailbox???---Rich MatheisenMCSE+I, Exchange MVP--- Rich Matheisen MCSE+I, Exchange MVP
Free Windows Admin Tool Kit Click here and download it now
October 14th, 2009 6:41am

The shared mailbox setup works perfectly. We are able to create a separate mailbox and control access and send-as permissions via group membership without the worry and hassle of an additional "generic" account. Since the shared mailbox account is disabled in AD we do not have to worry about it being used and we don't have to worry about passing out a shared password. Each person who is granted access to the mailbox uses their own credentials.Thanks to all.
November 23rd, 2009 6:30pm

Maybe this would work: You can create the mailbox and then in ADUC, go to the Account tab. Click the "Log On To" button. On the "Logon Workstations" select "The following computers" and then don't put any computers in the list. Andrea This doesn't work if you don't put any computers in the list. Satya
Free Windows Admin Tool Kit Click here and download it now
April 8th, 2010 12:55am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics