Add a Shared Mailbox to Boxer

mkoss · ‎06-01-2018

Hello, we are utilizing the Secure Email Gateway in our AirWatch environment with Exchange, and we have our employees using the VMware Boxer application to access corporate email. By default the Boxer application loads the employee's corporate mailbox and calendar. Is it possible to add shared mailboxes that employees have access to in Boxer? If so, is there an easy way to accomplish this?

LukeDC · ‎06-01-2018

It's not possible to assign a second, managed mailbox via AW. You could add it manually as another account. But if it is a true shared mailbox, then it won't work either way because it doesn't have an ID and password assigned. ActiveSync doesn't support shared mailboxes.

anonymousmigrat · ‎06-11-2018

Has anyone tested this with Azure CBA? (https://docs.microsoft.com/en-us/azure/active-directory/active-directory-certificate-based-authentic...) This doesn't require the user ID / PW.
regards,
Wannes

anonymousmigrat · ‎06-11-2018

I successfully added a shared o365 mailbox using certificate authentication, without modifying the mailbox itself.
I added a SCEP profile with subject = shared mailbox.
Then I created a mail profile for the shared mailbox (using native mailclient) with the new SCEP profile for authentication.

LukeDC · ‎06-11-2018

Wannes, you added a regular mailbox. A shared mailbox by definition has no userID attached to it, no authentication, no way to load it on its own. It is just shared by other licensed users.

anonymousmigrat · ‎06-11-2018

Hi Luke,
The mailbox I used is located in Exchange admin center > recipients > shared. On the right side of the mailbox details, there is a button saying ' convert to regular mailbox' . Let me know if you want some screenshots.
with CBA, you don't need a userID to authenticate. You need a certificate with the email address in the subject.
regards,
Wannes

LukeDC · ‎06-11-2018

I trust what you saying. But according to Microsoft this isn’t a shared mailbox as described here: https://support.office.com/en-us/article/create-a-shared-mailbox-871a246d-3acd-4bba-948e-5de8be0544c...

LukeDC · ‎06-12-2018

I’ve read a few articles and from what I can tell you may not be classified as a shared mailbox at this point. It may show as it is Shared, but according to the terms of use it is not at this point. I’d verify with Microsoft at this point. A true shared box has no credentials available. Once you assign a credential to it, it is no
Longer shared. This discussion talks specifically about what you are experiencing:

https://social.technet.microsoft.com/Forums/lync/en-US/087da0fb-a556-4476-a080-747deb8f4a4e/adding-s...

anonymousmigrat · ‎06-12-2018

Hi Luke,

I created some screenshots to show what i did. not to prove i'm right, but to have another opinion.
Once again, I never entered a password on my device, nor in the profile.
check the screenshots here: https://docs.google.com/document/d/1a_ZycFO4AkNVu3XJqx-mKLXu9yPPVzHw9nCzGTnXY08/edit?usp=sharing
regards,
Wannes

LukeDC · ‎06-12-2018

I understand what you did. Yep. But it is still authenticating. A true shared mailbox has no authenitcation. CBA has an A for authentication. It’s not a userid/pw, but is authenticating. I’m sure it works and kudos for getting there! I’d be weary Microsoft will “fix” it someday because of licensing.

anonymousmigrat · ‎06-12-2018

I agree that authentication is taking place, but CBA never checks if the account is disabled or not, it just checks whether the certificate is valid and trusted. as described earlier, a shared mailbox has an AD account linked to it, which is enough to make CBA work.

here's an extract from Technet regarding CBA for Lync:
The certificate allows a Lync client to authenticate and interact regardless of the state of their Active Directory account, provided the account still exists. To say this a different way, if you disable a user account with the intent blocking access to all resources, just disabling the account does not affect the ability of this user account to continue to authenticate with an already provisioned Lync certificate. The user account will continue to have full access for the duration of the Lync client certificate.
https://blogs.technet.microsoft.com/nexthop/2012/08/20/certificate-authentication-in-lync-server-201...

some additional content about CBA:
https://www.networkworld.com/article/2226498/infrastructure/infrastructure-management-simply-put-how...

So if MSFT wants to block this, they'll have to reinvent CBA 🙂

regards,
Wannes

LukeDC · ‎06-12-2018

I don't think they'll block it. They just might find a way to weasel a license out of you over it. 🙂

DavidFink · ‎11-09-2018

Sorry to resurrect such an old thread. For those involved, has this been working all this time? I have dozens of shared calender's that I haven't been able to support on mobile in any meaningful way. The have been swapped to, not shared but individual, apologies if I have the terminology wrong, in that they have a user pass but its a mess to manage with people running around updating domain creds all the time. We are moving to AE and Boxer so I have an opportunity to try something new.

DavidFink · ‎01-21-2019

Bump for 2019. Still looking for an Android Enterprise friendly way to do secondary mailboxes with Boxer.

bilderg · ‎05-27-2019

Additional Bump for 2019.... did I hear Boxer is coming out with the ability to manage additional shared mailboxes?

GeorgeFrancis · ‎01-09-2020

Any further news on Boxer support for shared mailboxes? This would be for EOL/O365.

admin · ‎01-31-2020

We are running Android Enterprise, with Outlook app in our Work Profile. We have multiple shared mailboxes running on the Outlook app, I think they released this in sept 2019.

Ray_handels · ‎01-13-2021

Late to the party but this functionality has been added to Boxer, testing it out right now.

All

Add a Shared Mailbox to Boxer

Email Management