Site Mailbox Setup, Management and Diagnostics

Understand the end user experience including some lesser known features
Help you understand the basic architecture and functional design
Site mailboxes are designed for project teams
They bring documents and emails together in Outlook and SharePoint
Admins have the tools they need to deploy and support site mailboxes
The simplest experience is in Office 365
• Working towards a
shared outcome/purpose
• Working together on
shared deliverables
• Need to get all the tools
we need to be successful
Working together
as a team
Site Mailboxes
• Team appears as virtual
identity (e.g.,
• Working on shared queue
of incoming requests
• Answering as the virtual
identity, not the individual
• History of public
• Accessible to everyone
• Discoverable/searchable
for everyone
• Not in the inbox
• Delivering information
into the inboxes of a
group of people
Working on
behalf of a virtual
with a group
Shared Mailboxes
Public Folders
Distribution Lists
Site Mailbox
IW Views
Shared Storage
Exchange Site Mailbox
SharePoint Site
Out of the box – from SharePoint
Site mailbox is deleted together with
SharePoint site
Customized self-service
provisioning from Outlook
Site deletion can be manual or
policy driven
Creating SMs with provisioning
Site mailboxes are only marked for
deletion in Exchange
• Dramatically
simple, shared
space creation
• Integrated with
SharePoint Sites
Active Use
• Team is working
on project
• Actively
• Accessible
through Outlook
and SharePoint
• Project is closed
• Content is kept
for referencing
(“archive” state)
• Accessible
SharePoint only
• Content is being
deleted from
Exchange and
SharePoint stores
• Lifecycle of a Site Mailbox is controlled through SharePoint policy
• The scope of the policy is the SharePoint site and Site Mailbox (=project), not the
individual item (email, doc)
• The closed state represents in-place archiving for the project
Restore the site connection
Be accessed by any users
Used by users in Office 365
Be created with an email address prefix
Enabling site mailboxes in
SharePoint and Exchange
SharePoint 2013 pre-reqs
 User profile synchronization configured for farm
 SSL-enabled web application
Exchange 2013 pre-reqs
 AutoDiscover setup
 Proper RBAC roles to access and manage site mailboxes
 A SharePoint farm points to exactly one Exchange forest where site mailboxes will be provisioned
 Multiple SharePoint farms can point to the same Exchange forest
 The SharePoint farm must point to a server that is on Exchange 2013
 Install Exchange Web Services API to Global Assembly Cache (GAC)
 Establish Oauth trust with Exchange
 Grant permissions to Exchange server app principal
 Enable Site Mailbox feature on SharePoint farm
 Set Exchange target domain (either AutoD for arbitration MBX or a specific MBX – needs to be on
Exchange 2013 server)
 Create partner app for SharePoint
 Establish Oauth trust with SharePoint
 Grant permissions to SharePoint server app principal
Diagnostics and
NDR on failed upload (sent for failed upload only to prevent data loss)
Using Outlook folder view to see sync issues between Exchange and SharePoint
Viewing “site mailbox properties” from their Outlook client
Test Oauth setup
Verifying Oauth setup and permissions for the service app principal
Verifying Oauth setup and permissions for the user principal
Test-SiteMailbox –sharepointurl “” –UseAppTokenOnly
Test-SiteMailbox –sharepointurl “” -RequestorIdentity
Check sync status
Getting sync status
Manually initiating sync
Get-SiteMailboxDiagnostics sitemailbox1 -BypassOwnerCheck | fl
Update-SiteMailbox sitemailbox1 – BypassOwnerCheck
 Unlink and relink with a new SharePoint site
Set-SiteMailbox sitemailbox1 -SharePointUrl $null
Set-SiteMailbox sitemalbox1 -SharePointUrl “”
Site mailboxes are shown in Outlook if each of the following is true:
 The user’s personal mailbox is on Exchange 2013 and he/she is using Outlook 2013 Pro Plus
 User is in the SharePoint site’s default owner or member group as an individual user (not through a
security group) – this applies to sites with unique permissions and sites with inherited permissions
 The site mailbox is pinned for the user (A site mailbox is pinned automatically when a user is added to it
if that user’s personal MBX resides in the same premises as the site mailbox.)
 The user has not exceeded the limit of 10 site mailboxes pinned to Outlook
Site owners can control which libraries are synced to the site mailbox.
 Only lists of type ‘document library’ are synced
 Only document libraries that are pinned to the Quick Launch menu of the SharePoint site are synced
Be mindful of
Individuals can sync site documents to gain offline access to the documents
 Users need to click the Sync button on a document library in any SharePoint site if they want offline
access to the document content
Provisioning UI or Cmdlet (Doc+ Membership)
 Triggers initial doc and membership sync
 Will retry for 1 min
 Successful sync will add Site Mailbox to
MBX table
 Cmdlet also tries to logon to Site Mailbox
directly to get it into MBX table
Mailbox assistant (D+M)
 Syncs docs and members every six hours
 Scoped to active Site Mailboxes who are in
the MBX table
 Will retry on next sync if failed
Sync now button or Update-SM Cmdlet (D+M)
 User driven, triggers immediate sync
 Update-SiteMailbox project1 BypassOwnerCheck
Site Mailbox is open in Outlook/SM app (D+M)
 If one or more users has Site Mailbox open in Outlook
or the Site Mailbox app, sync will be triggered every 15
Publish doc via Outlook (Document only)
 Triggers sync after publish
 Also triggered on other OLK actions such as create or
delete new folder/message
SM App logon denied (Membership only)
 Access denied from Site Mailbox app will trigger
membership sync
 Subsequent retry should work if the user is on the site’s
default owners or default members group
Maintenance job (D)
 Triggers a sync if the site’s URL has been changed