EWS Fundamentals Accessing and utilizing Shared mailboxes

EWS Fundamentals Accessing and utilizing Shared mailboxes One of the crucial generally requested and misunderstood issues that individuals beginning out utilizing Change Net Companies get mistaken is accessing a Shared Mailbox or a Delegated Mailbox different then that of safety principal (one other approach of claiming credentials) you’re authenticating with.


One of many first confusion factors is with Autodiscover, for individuals who aren’t that conversant in Change its vital to know that each one Autodisover does is provides you the endpoint to hook up with for Change Net Companies. Some folks confuse utilizing the next line


To imply all future EWS requests will go the mailbox you utilize right here which is not the case all it will do is return probably the most optimized endpoint for EWS request for that individual person.


By default no person has entry to a Mailbox different then the proprietor of that mailbox, a standard drawback that individuals have is to imagine they’ll use the admin account to entry any customers Mailbox content material .  Entry to a Mailbox must be granted by way of

  • Including the person as a Delegate in Outlook or by way of the EWS Delegate operations
  • Giving the person full entry utilizing Add-MailboxPermission within the Change Administration Shell
  • Grant EWS Impersonations rights on the Mailbox by way of the Software Impersonation RBAC function
  • Give Entry to explicit mailbox folder in Outlook or by way of Add-MailboxFolderPermssion
Accessing a Shared Mailboxes folder

To Entry a Mailbox folder in EWS you have to know the EWSId of the folder, the one exception to this rule are the WellKnownFolders just like the Inbox,Contacts,Calendar and so on. With these WellKnowFolders you’ll be able to inform EWS which folder you need during which mailbox with out realizing the EWSId of that folder.
Eg to Entry the Inbox in a Shared Mailbox you utilize the FolderId overload to outline the folderId you wish to entry after which bind to that folder

$folderid= new-object Microsoft.Change.WebServices.Information.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::Inbox,$MailboxName) 
$Inbox = [Microsoft.Exchange.WebServices.Data.Folder]::Bind($service,$folderid)
If its a person created folder you wish to entry then that is the place some complexity is available in, to entry the folder you have to get the EWSId of that folder. The best approach to do that can be to seek for that folder inside the goal mailbox, nonetheless relying on what rights you’ve got that this will likely or might not be an issue. However in the event you do have Full entry or Impersonation rights to a Mailbox then to entry a usercreated folder flip the folder you wish to entry right into a path like Inboxfolder1folder2 and you’ll then use a perform like this

perform Get-FolderFromPath{
param (
[Parameter(Place=0, Necessary=$true)] [string]$FolderPath,
[Parameter(Place=1, Necessary=$true)] [string]$MailboxName,
[Parameter(Place=2, Necessary=$true)] [Microsoft.Exchange.WebServices.Data.ExchangeService]$service,
[Parameter(Place=3, Necessary=$false)] [Microsoft.Exchange.WebServices.Data.PropertySet]$PropertySet
course of{
## Discover and Bind to Folder primarily based on Path
#Outline the trail to look ought to be seperated with
#Bind to the MSGFolder Root
$folderid = new-object Microsoft.Change.WebServices.Information.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::MsgFolderRoot,$MailboxName)
$tfTargetFolder = [Microsoft.Exchange.WebServices.Data.Folder]::Bind($service,$folderid)
#Cut up the Search path into an array
$fldArray = $FolderPath.Cut up("")
#Loop by way of the Cut up Array and do a Seek for every stage of folder
for ($lint = 1; $lint -lt $fldArray.Size; $lint++) {
#Carry out search primarily based on the displayname of every folder stage
$fvFolderView = new-object Microsoft.Change.WebServices.Information.FolderView(1)
$fvFolderView.PropertySet = $PropertySet
$SfSearchFilter = new-object Microsoft.Change.WebServices.Information.SearchFilter+IsEqualTo([Microsoft.Exchange.WebServices.Data.FolderSchema]::DisplayName,$fldArray[$lint])
$findFolderResults = $service.FindFolders($tfTargetFolder.Id,$SfSearchFilter,$fvFolderView)
if ($findFolderResults.TotalCount -gt 0){
foreach($folder in $findFolderResults.Folders){
$tfTargetFolder = $folder
Write-host ("Error Folder Not Found check path and try again")
$tfTargetFolder = $null
if($tfTargetFolder -ne $null){
return [Microsoft.Exchange.WebServices.Data.Folder]$tfTargetFolder
throw ("Folder Not found")

After getting the EWSId of the Folder you should utilize that in FindItems Operation or one other different EWS operation that takes a FolderId to do what you need. For Instance

Sending E mail As a Shared Mailbox
To ship a message as one other person you have to first have both SendAS permissions to that Mailbox or Ship on Behalf off (the latter will imply the message might be marked as Despatched On Behalf)

The very first thing in you code you wish to do is bind to the SentItems folder of the Mailbox you wish to ship as eg

$folderid= new-object Microsoft.Change.WebServices.Information.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::SentItems,$MailboxName)   
$SentItems = [Microsoft.Exchange.WebServices.Data.Folder]::Bind($service,$folderid)

Then if you create a message to Ship set the From deal with to the Mailbox you wish to SendAs and set the SentItems FolderId to the Goal mailbox so a replica of what you’ll be sending might be saved to the SentItems folder of that mailbox eg

perform Ship-EWSMessage  {
[Parameter(Place=0, Necessary=$true)] [string]$MailboxName,
[Parameter(Necessary=$true)] [System.Management.Automation.PSCredential]$Credentials,
[Parameter(Place=2, Necessary=$false)] [switch]$useImpersonation,
[Parameter(Place=3, Necessary=$false)] [string]$url,
[Parameter(Place=6, Necessary=$true)] [String]$To,
[Parameter(Place=7, Necessary=$true)] [String]$Topic,
[Parameter(Place=8, Necessary=$true)] [String]$Physique,
[Parameter(Place=9, Necessary=$false)] [String]$Attachment
$service = Join-Change -MailboxName $MailboxName -Credentials $Credentials -url $url
$service = Join-Change -MailboxName $MailboxName -Credentials $Credentials
$service.ImpersonatedUserId = new-object Microsoft.Change.WebServices.Information.ImpersonatedUserId([Microsoft.Exchange.WebServices.Data.ConnectingIdType]::SmtpAddress, $MailboxName)
$folderid= new-object Microsoft.Change.WebServices.Information.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::SentItems,$MailboxName)
$SentItems = [Microsoft.Exchange.WebServices.Data.Folder]::Bind($service,$folderid)
$EmailMessage = New-Object Microsoft.Change.WebServices.Information.EmailMessage -ArgumentList $service
$EmailMessage.Topic = $Topic
#Add Recipients
$EmailMessage.Physique = New-Object Microsoft.Change.WebServices.Information.MessageBody
$EmailMessage.Physique.BodyType = [Microsoft.Exchange.WebServices.Data.BodyType]::HTML
$EmailMessage.Physique.Textual content = "Body"
$EmailMessage.From = $MailboxName


Leave a Reply