Shared mailboxes
A shared mailbox is a good example of Full Access
permission in action. These mailboxes are used by teams of people who
share a need to access common information such as a calendar, email, or
tasks. Examples include a team of receptionists for a building,
security staff, help desk staff, or generic email addresses that
receive inbound customer queries for the company. (For instance, a
shared mailbox with the [email protected] address might be used to receive sales queries.)
Shared
mailboxes have Active Directory accounts, but these accounts cannot be
logged on to by users, mostly because the password for the account
isn’t shared. Instead, the users who need access to the information
held in a shared mailbox are granted permission when the mailbox is
created or by setting mailbox delegation properties for a shared
mailbox afterward.
Exchange
regards shared mailboxes as a slightly modified version of regular user
mailboxes. They share the same UserMailbox recipient type but are
assigned a recipient type detail of SharedMailbox. Thus, you can scan
for all shared mailboxes in an organization with the following command:
Get-Mailbox –Filter {RecipientTypeDetails –eq "SharedMailbox"}
To
create a new shared mailbox, open the recipients section of EAC, select
Shared, and then click New (+). You will notice that a major difference
in creating a shared mailbox is the immediate focus on assigning Full
Access to the new object. Even though users cannot log on to the
account used for the shared mailbox, they are automatically granted
access to the shared mailbox through auto-mapping . Remember that Send On Behalf Of
permission is also required if it is intended for people to send
messages from the shared mailbox. This permission is granted separately
from Full Access.
You might have regular user mailboxes created
prior to Exchange 2007 that are accessed by multiple users in much the
same way as a shared mailbox is intended to be used. These mailboxes
can be converted into shared mailboxes by running the Set-Mailbox
command. For example:
Set-Mailbox –Identity "EMEA Help Desk" –Type Shared
After
you run this command, the mailbox is removed from the set of user
mailboxes and shown by EAC as a shared mailbox. Existing permissions
are maintained and continue to function.
Recalling messages
Exchange clients have offered users the ability to recall a
sent message for many years. Unfortunately, this feature seldom works.
It used to, just like it used to be a very useful feature, but the
speed of modern servers and the capacity of modern networks have
conspired to render the Recall Message feature unproductive in all but
the most favorable situations. It’s not really a problem for Exchange,
but it can be a problem in terms of setting user expectations by
explaining why message recall might not be possible after a user has
looked for help in retrieving a potentially embarrassing message that
he has just sent.
When
a user issues a Recall Message command, the client sends the request to
Exchange. The server knows the unique identifier of the message and can
use that information to track its progress. If the message is within
the control of Exchange (in other words, within the boundary of the
same organization from which the message was sent, and it has not been
read by the recipient, it is possible for Exchange then to recall the
message. However, many factors make the recall impossible, including:
The
recipient is not using a Microsoft client, specifically Outlook. In
these instances, a request to remove the offending message from the
recipient’s mailbox is met by blank amusement on the part of the
client, which probably does not understand the request Exchange issues.
The message therefore remains in place. Given the pervasive use of
mobile devices today, a very high probability exists that the message
was delivered to a mobile device and is thus completely out of reach.
In fact, even if Exchange manages to recall a message, a copy of that
message might already have been pushed to a mobile device to render the
exercise null and void. Of course, the recipient might then receive an
informational message telling her that you attempted to recall the
original message, which only heightens the desire to read its content.
The
message has been delivered outside the organization. This is a case of
“out of sight, out of reach.” After the message has been transmitted
across a connector to an external system, it is gone. The speed of the
Exchange SMTP-based transport system means that it does not take long
for a message to be processed and dispatched through a send connector.
The
recipient is using Outlook but working in cached Exchange mode and has
gone offline. When this happens, all bets are off because the server
cannot influence what happens when Outlook is disconnected. If the
message has been synchronized into the Outlook cache before the client
disconnected, it will in all likelihood be read before the client
reconnects to Exchange.
A
rule or some other process has moved the message from the Inbox. The
message might have been moved into an archive mailbox or even into a
PST. (Some clients still use rules that move incoming messages into a
PST to reduce disk usage on the server, no longer possible with Outlook
2013.) If Exchange cannot find the message in the recipient’s Inbox,
its attempt to recall the message will fail because it cannot force a
search for the message across all available message stores.
The
message has been read. There is no point in attempting to recall a
message if it has already been accessed and read by the recipient. All
modern clients have a reading pane that opens the currently selected
message. Usually, the act of opening the message in this manner marks
it as read after a certain period, perhaps 15 seconds. Thus, a high
probability exists that the message has been read.
From this list, it should be apparent that message recall can be expected to work only in very limited circumstances:
The user and the recipient are part of the same Exchange organization.
The user executes the recall message request very soon after he sends the original message.
The recipient does not use a mobile device that synchronizes email with her Exchange mailbox.
When these conditions occur, and the sun, moon, and stars align properly, message recall works.