Section 2 - Create the Exchange Online Shared Mailbox (NPE mailbox)

SPARK utilizes a shared mailbox (NPE mailbox) from which notifications are sent. Full Access to this mailbox must be granted to the members of the SPARK Management Admins security group.

Requirements

An Exchange Administrator will be required for this step. At minimum the installer must have:

  • Access to the Microsoft Exchange admin center
  • Exchange Administrator M365 RBAC role 1

PowerShell Scripts

  1. Review the script and install the required modules if needed
  2. Review the mailbox information and set the alias, displayName and emailAddress values, replacing org with your organization’s prefix
  3. Comment out the appropriate Connect-ExchangeOnline line for your environment
  4. Run the script and validate that the shared mailbox was created and configured
  5. Update the SPARK deployment workbook variables from the script output
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

########################################## Required Modules ##########################################
#Install-Module ExchangeOnlineManagement

# Connection Troubleshooting
#Uninstall-Module -Name ExchangeOnlineManagement -AllVersions -Force
#Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.5.1 -Force

########################################## Exchange Mailbox ##########################################
# Get the tenant info
Connect-AzAccount | Out-Null;
$tenant = (Get-AzContext).Tenant;

# Set the mailbox information
$info = @{
    alias = "org-spark-mail"
    displayName = "ORG-SPARK-MAIL"
    domain = $tenant.DefaultDomain
    emailAddress = "org-spark-mail"
    users = @("user@domain.com")
}

########################################## Connect to Exchange ##########################################
# Connect to Exchange
Import-Module ExchangeOnlineManagement

# Commercia/GCC
#Connect-ExchangeOnline

# GCC High
#Connect-ExchangeOnline -UserPrincipalName <Tenant_Admin_Account@tenant.us> -ExchangeEnvironmentName O365USGovGCCHigh

# DoD
#Connect-ExchangeOnline -UserPrincipalName <Tenant_Admin_Account@tenant.us> -ExchangeEnvironmentName O365USGovDoD

########################################## Create Shared Mailbox ##########################################
# Get the mailbox
$mailbox = Get-EXOMailbox -Identity $info.displayName -ErrorAction SilentlyContinue
if($mailbox -eq $null) {
    # Create the mailbox
    $mailbox = New-Mailbox -Shared `
        -Alias $info.alias `
        -Name $info.displayName `
        -PrimarySmtpAddress "$($info.emailAddress)@$($info.domain)"

    # Log
    Write-Host "Mailbox Created: $($info.displayName)"
} else {
    # Log
    Write-Host "Mailbox Exists: $($mailbox.DisplayName)"
}

# Hide the mailbox
Set-Mailbox -Identity $mailbox.Identity -HiddenFromAddressListsEnabled:$true

# Log
Write-Host "Mailbox is now hidden"

# Parse the users to manage the mailbox
$info.users | foreach-object {
    # Add the users to manage the mailbox
    Add-MailboxPermission -Identity $mailbox.Identity -User $_ -AccessRights FullAccess -InheritanceType All | Out-Null

    # Log
    Write-Host "User Added: $_"
}

########################################## Variables ##########################################
# Output the variables for the spreadsheet
Write-Host "Spreadsheet value v_catchAllAccount: $($mailbox.PrimarySmtpAddress)"

########################################## Disconnect ##########################################
Disconnect-ExchangeOnline

Manual Steps:

Video Walkthrough

Step 1: Create the Shared Mailbox

  1. Browse and log into the Exchange Admin Center

Use the correct URL for your environment:

Worldwide (Commercial) & GCC https://admin.exchange.microsoft.com
GCC-High and DoD https://admin.exchange.office365.us
  1. In the Exchange Admin Center, in the left menu, navigate to Recipients
  2. Expand Recipients from the left navigation
  3. Select Mailboxes under the Recipients navigation
  4. In the Manage Mailboxes window, Click on Add a shared mailbox
Add Shared Mailbox
  1. Fill in the fields using the values from the table below:
Property Value
Display Name (*Your Org Name*)-SPARK-Mail
Email Address org-spark-mail
Email Domain Select from the dropdown
Alias org-spark-mail
  1. Click on Create to create the shared mailbox
Create Shared Mailbox

Step 2: Assign Mailbox Permissions

  1. Select the new shared mailbox from the list
  2. Click on Mailbox delegation from the top navigation
  3. In the right flyout, select Edit under the Read and manage (Full Access) configuration
Mailbox Delegation
  1. Add each member from the SPARK Management Admins group that was populated in the previous step

😒 Unfortunately, you can’t add a group for delegation, so you will need to add each the user accounts here.

  1. Click on Save and then Confirm to add the members
Add Mailbox Delegation Members

Step 3: Hide Mailbox

  1. Click on the (Your Org Name)-SPARK Mail mailbox to open the editing flyout.
  2. Click on Hide Mailbox
Hide Mailbox
  1. Select the switch to enable the setting
  2. Click on Save to hide the mailbox
Confirm Hide Mailbox

Continue to creating Exchange Distribution Groups

References

  1. Microsoft Learn: Create a Shared Mailbox in Exchange Online