After installing the Hybrid Configuration Wizard (HCW), you like to move a mailbox to Exchange…
Convert user mailbox to shared mailbox in Exchange Hybrid
Do you have an Exchange Hybrid environment, and do you want to convert user mailbox to shared mailbox? That’s possible! But before you do that, check if the mailbox location is in Exchange Online (Microsoft 365/Office 365). If the answer is yes, you have to convert the user mailbox to shared mailbox from on-premises.
Table of contents
Convert user mailbox to shared mailbox
We already wrote an article about how to convert user mailbox to shared mailbox. Follow the steps in that article if you have an Exchange on-premises environment or an Exchange Hybrid environment with mailboxes located on-premises.
Let’s go through the steps to convert user mailbox to shared mailbox in an Exchange Hybrid configuration.
1. Identify Exchange Online mailbox
Run Exchange Management Shell as administrator. Identify that the user mailbox is an Exchange Online mailbox with the Get-RemoteMailbox cmdlet.
[PS] C:\>Get-RemoteMailbox "Test.Mailbox1@exoip.com" | ft -AutoSize
Name RecipientTypeDetails RemoteRecipientType
---- -------------------- -------------------
Test Mailbox1 RemoteUserMailbox ProvisionMailboxTry to run the Get-Mailbox cmdlet, and you will see that the mailbox cannot be found on-premises. This is correct because the mailbox is hosted in Exchange Online.
[PS] C:\>Get-Mailbox "Test.Mailbox1@exoip.com"
The operation couldn't be performed because object 'Test.Mailbox1@exoip.com' couldn't be found on
'DC01-2016.exoip.local'.
+ CategoryInfo : NotSpecified: (:) [Get-Mailbox], ManagementObjectNotFoundException
+ FullyQualifiedErrorId : [Server=EX01-2016,RequestId=6bc6e4f0-8aa5-4a80-a7f4-8755e4af0ac8,TimeStamp=5/16/2021 9:1
0:02 PM] [FailureCategory=Cmdlet-ManagementObjectNotFoundException] E674A159,Microsoft.Exchange.Management.Recipie
ntTasks.GetMailbox
+ PSComputerName : ex01-2016.exoip.localLet’s look at how it looks in on-premises Exchange admin center.
Go to recipients > mailboxes and click on the mailbox. Check that it appears as Remote user mailbox.
Note: It’s not possible to convert the Office 365 user mailbox to shared mailbox in on-premises Exchange admin center.
Let’s look at how it looks in Microsoft 365 Echange admin center.
Sign in to the Microsoft 365 Exchange admin center with your Microsoft 365 admin credentials.
Go to Recipients > Mailboxes and click on the mailbox. Check that the Recipient type appears as UserMailbox.
Important: Do not convert mailboxes in Microsoft 365 Exchange admin center when you have an Exchange Hybrid environment without converting it from Exchange on-premises too. Otherwise, you will get a mailbox type difference.
The problem is that the on-premises object will still be a user mailbox because it will not write the changes back to the on-premises AD with Azure AD Connect. The on-premises Exchange admin center will show as user mailbox, while in Microsoft 365 Exchange admin center it will show as shared mailbox.
2. Run Set-RemoteMailbox cmdlet
Start Exchange Management Shell, run the Set-RemoteMailbox cmdlet, and specify the user mailbox. Make use of the -Type parameter and the Shared value. You can fill in the display name or email address of the mailbox. You will not get an output showing that it’s succeeded after running the cmdlet.
[PS] C:\>Set-RemoteMailbox "Test Mailbox1" -Type Shared
[PS] C:\>Set-RemoteMailbox "Test.Mailbox1@exoip.com" -Type SharedThe Shared value is available only in Exchange 2013 CU21 or later, Exchange 2016 CU10 or later, and Exchange 2019. In Exchange 2013 and Exchange 2016, you also need to run setup.exe /PrepareAD. For more information, see KB4133605.
Important: Keep the Exchange Servers up to date with the latest Cumulative Update / Security Update. That’s also the case when you have an Exchange Hybrid Server for management purposes.
3. Block sign-in from shared mailbox
Now that it’s a shared mailbox, you should disable the account in Active Directory.
4. Force sync Azure AD
Sign in to Azure AD Connect server and force sync Azure AD Connect to have the changes apply to the cloud (Azure AD).
PS C:\> Start-ADSyncSyncCycle -PolicyType Delta5. Verify converted mailbox type
It’s always good to verify your work and check the shared mailbox in Exchange on-premises and Exchange Online environment.
Note: It can take up to 15 minutes before the change is visible in Exchange Online.
Check in Exchange Management Shell that the shared mailbox RecipientTypeDetails object shows the value RemoteSharedMailbox.
[PS] C:\>Get-RemoteMailbox "Test.Mailbox1@exoip.com" | ft -AutoSize
Name RecipientTypeDetails RemoteRecipientType
---- -------------------- -------------------
Test Mailbox1 RemoteSharedMailbox ProvisionMailbox, SharedMailboxCheck in on-premises Exchange admin center that the mailbox shows up in the shared mailboxes list. Verify that the details pane shows it’s a Remote shared mailbox.
Check in Exchange Online PowerShell that the shared mailbox RecipientTypeDetails object shows the value SharedMailbox.
PS C:\> Get-Mailbox "Test.Mailbox1@exoip.com" | ft Name,Alias,UserPrincipalName,RecipientTypeDetails
Name Alias UserPrincipalName RecipientTypeDetails
---- ----- ----------------- --------------------
3a6efafe-dbdb-4d3c-b8a3-d9f5d21e5c1d Test.Mailbox1 Test.Mailbox1@exoip.com SharedMailboxCheck in Microsoft 365 Exchange admin center that the mailbox shows the Recipient type as Shared mailbox.
6. Run Set-Mailbox cmdlet
If the mailbox is not showing as a shared mailbox in Exchange Online after 15 minutes, you can safely convert the mailbox in Exchange Online with PowerShell or Microsoft 365 Exchange admin center.
Note: The Set-RemoteMailbox cmdlet will only update the Exchange on-premises mailbox value, and it will not sync to Exchange Online if it’s a migrated mailbox. It only works for newly created mailboxes. So you have to go through the below step and change the mailbox value in Exchange Online too.
Start PowerShell and Connect to Exchange Online PowerShell. Run the Set-Mailbox cmdlet and specify the user mailbox. Make use of the -Type parameter and the Shared value. You can fill in the display name or email address of the mailbox. You will not get an output showing that it’s succeeded after running the cmdlet.
PS C:\> Set-Mailbox "Test.Mailbox1@exoip.com" -Type SharedGo to Microsoft 365 Exchange admin center and click on the mailbox. Click on Others and select Convert to shared mailbox.
7. Remove Exchange Online license
The user mailbox most likely has a license because the user did sign in. You can remove the Exchange Online license from the shared mailbox. But before you do that, check if the mailbox size is greater than 50 GB. If the mailbox size is greater than 50 GB, you need to keep the Exchange Online license. Otherwise, you can’t send and receive mail from the shared mailbox.
Note: A user must have an Exchange Online license to access a shared mailbox, but the shared mailbox doesn’t require a separate license. Without a license, shared mailboxes are limited to 50 GB. To increase the shared mailbox size limit to 100 GB, you must assign an Exchange Online Plan 2 license or an Exchange Online Plan 1 license with an Exchange Online Archiving add-on license.
Sign in to Microsoft 365 admin center. Go to Users > Active users and click on the shared mailbox. Verify that the sign-in is blocked. Next, click on License and apps and remove or change the license.
Convert to different mailbox type
Do you want to set the mailbox to a different type? The Type parameter specifies the type of the mailbox. Choose one of the valid values:
- Regular
- Room
- Equipment
- Shared (this article)
Keep reading: Get shared mailbox size in Office 365 with PowerShell »
Conclusion
You learned how to convert user mailbox to shared mailbox in Exchange Hybrid. Start Exchange Management Shell and run the Set-RemoteMailbox cmdlet to convert the mailbox. After that, block the sign-in for the shared mailbox account and run a sync to Azure AD. As of last, verify that the recipient type details appears as remote shared mailbox.
Did you enjoy this article? You may also like Create Office 365 shared mailbox in Exchange Hybrid. Don’t forget to follow us and share this article.
What Others Are Reading
What Happens when mailbox bigger than 50 gb is converted?
It will prevent mailbox from receiving new emails since mailbox is full but keep original size, or it will cause data loss (ie Mailbox before conversion was 70gb and 20gb will be removed to fit 50gb quota)?
Hello Dear Ali,
Have you ever thought about create post about “desynchro” between o365 and on-prem exchange? I have a sittuation where I have on-prem user, that has enabled mailbox (usermailbox), sadly in the O365 his mailbox is displayed as sharedmailbox. I know that I have to check attributes on both sides, but do not know what attrib. Could you help?
Hi ALI,
We recently upgraded from 2013 to 2016 exchange with coex of O365. Earlier, team was creating a user mailbox in on prem and then once migrated to cloud, they were converting it to shared mailbox. The recipienttypedetail value which was stamped there is for Usermailbox, but on cloud it was still working fine as shared mailbox. Now since we upgraded to 2016 exchange and decommisioned the 2013 server, all those shared mailbox on cloud and changing to user mailbox, bcz they have wrong values in on premise recipienttype.
My question is, is there any way to change all those users attributes in bulk from local AD, so that it will remain as a shared mailbox on cloud and not converted to regular mailbox.
RecipientDisplayType = ‘-2147483642’
RecipientTypeDetails = ‘34359738368’
RemoteRecipientType = ‘100’
Thats what we want to set in bulk
Hi Ali,
In my hybrid scenario, have a Shared Mailbox migrated to O365 and now need to convert it to User Generic, the process completes successfully in OnPremise but in ExchangeOnline it never changes and remains as Shared Mailbox. Looking through the documentation I found this:
A migrated shared mailbox cannot be converted to a regular mailbox and a migrated regular mailbox cannot be converted to a shared mailbox. https://learn.microsoft.com/en-us/powershell/module/exchange/set-remotemailbox?view=exchange-ps.
Do you know any alternative for these request?
Thanks.
I can confirm that it’s not converting the mailbox in Exchange Online. This happens with migrated mailboxes. I updated the article.
These are the steps that you have to do:
1. Connect to Exchange Management Shell on-premises (already done by you)
2. Convert shared mailbox to user mailbox (already done by you)
3. Connect to Exchange Online PowerShell
4. Run the command to convert from shared mailbox to user mailbox:
Thanks for the feedback and recommendation.
I applied it manually now in ExchangeOnline it takes the new condition (UserMailbox) and therefore it is classified like this in Office 365/Exchange Online, I’m monitoring to see any details.
Any update to this?
This is the recommended way. See the updated article.
I had the same issue and also found this snippet buried in the documentation.
Setting the mailbox type on both Exchanges works, as does Erik’s solution below to update ‘msExchRemoteRecipientType=97’ and re-sync AD.
However, I’m hesitant to use either in production – if it were that simple, then it would be supported by MS.
Hi,
Is there any attributes or attribute values from which we can check whether the shared mailbox is converted user mailbox.
Is there any way to check and find out whether a particular shared mailbox is a converted one.
Is there any attribute or any value we can check from AD or from EAC please…
We have this requirement to identify in a new environment.So any help on this will be much appreciated!
Thanks in advance!
Doesn’t change in Exchange Online in 2022, if you do it only in local exchange.
You have to convert them in both sides.
I just did a test, and it still works.
You have to run a delta sync and wait for 15 minutes before you see the change apply in Exchange Online.
It doesn’t change in Exchange Online if it’s a migrated mailbox. It only works for newly created mailboxes. See the updated article.
If you did change it on both sides (Exchange on-premises + Exchange Online), there is nothing to worry about, and everything is correctly set.
Great articles Ali. What happens in a hybrid environment if you convert a mailbox in O365 to shared type and you delete the mailbox and user on-prem? I want to delete the user account on prem and preserve the mailbox on O365 by converting it to shared mailbox. Basically disassociate the mailbox in O365 from our AD. Thank you.
Hello,
I want to ask, what is the best practices for user mailbox convert to shared mailbox
before migration to office 365 or
after migration to office 365
Thanks a lot
Both ways are okay.
I recommend doing it before the migration and checking the on-premises shared mailbox size because you need to know if there is enough space for the shared mailbox.
Let’s say you convert the user mailbox to a shared mailbox before migrating:
– The shared mailbox is UNDER 50 GB. Don’t add an Exchange Online license and proceed with migrating to Office 365
– The shared mailbox is ABOVE 50 GB. Add an Exchange Online Plan 2 license and proceed with migrating to Office 365.
More information:
– Get mailbox size of all users in Exchange with PowerShell
– Get shared mailbox size in Office 365 with PowerShell
– How to get mailbox size greater than in Microsoft 365
Another great article Ali. Many thanks.
When get-remoteMailbox report RemoteRecipientType as Migrated (anything but ProvisionMailbox) the Set-remoteMailbox -Type Shared will fail with “remoteMailbox.RemoteRecipientType must include ProvisionMailbox”. To fix this, have a look at msExchRemoteRecipientType attribute:
1 ProvisionMailbox
2 ProvisionArchive (On-Prem Mailbox)
3 ProvisionMailbox, ProvisionArchive
4 Migrated (UserMailbox)
6 ProvisionArchive, Migrated
8 DeprovisionMailbox
10 ProvisionArchive, DeprovisionMailbox
16 DeprovisionArchive (On-Prem Mailbox)
17 ProvisionMailbox, DeprovisionArchive
20 Migrated, DeprovisionArchive
24 DeprovisionMailbox, DeprovisionArchive
33 ProvisionMailbox, RoomMailbox
35 ProvisionMailbox, ProvisionArchive, RoomMailbox
36 Migrated, RoomMailbox
38 ProvisionArchive, Migrated, RoomMailbox
49 ProvisionMailbox, DeprovisionArchive, RoomMailbox
52 Migrated, DeprovisionArchive, RoomMailbox
65 ProvisionMailbox, EquipmentMailbox
67 ProvisionMailbox, ProvisionArchive, EquipmentMailbox
68 Migrated, EquipmentMailbox
70 ProvisionArchive, Migrated, EquipmentMailbox
81 ProvisionMailbox, DeprovisionArchive, EquipmentMailbox
84 Migrated, DeprovisionArchive, EquipmentMailbox
97 ProvisionMailbox, SharedMailbox [created in EX2013 shell, hybrid]
100 Migrated, SharedMailbox
102 ProvisionArchive, Migrated, SharedMailbox
116 Migrated, DeprovisionArchive, SharedMailbox
(list not complete)
While we’re at it, msExchRecipientDisplayType:
-2147483642 MailUser (RemoteUserMailbox)
-2147481850 MailUser (RemoteRoomMailbox)
-2147481594 MailUser (RemoteEquipmentMailbox)
-1073741818 MailUser (RemoteSharedMailbox)
0 UserMailbox (shared)
1 MailUniversalDistributionGroup
6 MailContact
7 UserMailbox (room)
8 UserMailbox (equipment)
1073741824 UserMailbox
1073741833 MailUniversalSecurityGroup
(list not complete)
msExchRecipientTypeDetails:
1 UserMailbox
2 LinkedMailbox
4 SharedMailbox
16 RoomMailbox
32 EquipmentMailbox
128 MailUser
2147483648 RemoteUserMailbox
8589934592 RemoteRoomMailbox
17179869184 RemoteEquipmentMailbox
34359738368 RemoteSharedMailbox
(list not complete)
Note – you may also want to compare and change userAccountControl attribute if making changes to the above attributes to change a mailbox to shared. Value 66050 will disable the AD account for the shared mailbox, which is correct. After sync to O365, this may change to 0 (null) which is correct.
Great article!
One comment which may be helpful for others. I have migrated many mailboxes to shared in a Hybrid config, but many of my mailboxes are shown as “Shared” on-prem, but still as regular in Exchange Online.
I have found out that this can be resolved many times by changing the msExchRemoteRecipientType to 97 (is at 100 most of the times). So basically converting a mailbox from Migrated, SharedMailbox to ProvisionMailbox, SharedMailbox. After doing that and kicking of the Azure AD Sync, the mailbox is shown as “Shared” in Exchange Online
Thanks for letting us know, Erik.
Thanks so much for this comment. This is exactly what happens to mailboxes converted in my organization. Your solution works like a charm.
Hey Ali,
after i triggered the cmdlet “set-remotemailbox -type shared” the mailbox shows me correctly as shared mailbox on premise. (Gui & get-remotemailbox showes me remotedsharedmailbox)
But in exchange online it is still displayed as usermailbox.
I triggered the aad sync a view times – no result.
Is there any delay?
Best!
I have seen that it takes 15 minutes before the change is visible in Exchange Online.
Note that if it’s a migrated mailbox, you have to set the value in Exchange Online too. See the updated article.
if i convert the mailbox to shared. is it normal case that the user object in AD is not disable?
because when i create an onprem shareed mailbox the user is disabled
After you convert the mailbox to a shared mailbox, the AD user account will not be disabled. This is the correct behavior and by design.
You can disable the AD user account when you verify that it’s set as a shared mailbox.
The shared mailbox accounts are disabled to prevent misuse and reduce your attack surface.
Hi,
I have a question: How to switch from a shared mailbox to a user mailbox?
Will running the following command work?
Set-RemoteMailbox “Test.Mailbox1@exoip.com” -Type Regular
Is there anything else to think about besides re-issuing the license?
Thank you very much for this site. I have solved many issues with my hybrid infrastructure.
Hi Odo,
I am glad that you find my site helpful.
That command is correct. It will change the mailbox to a regular user mailbox. Nothing else to think about besides licensing the mailbox.
Your article is very informative and useful. I do have a question for you. We do have a hybrid environment and we have never use “Shared” mailbox on prem. We always create a user mailbox and use it as “Shared” mailbox instead. Now, we are migrating all the user mailbox to Exchange Online and will need to change some of the on-premises user mailbox to “Shared” mailbox so that it won’t takes up an Office 365 license. I have two options here. 1. Change the on-premises user mailbox to on-premises shared mailbox and then migrate it over the Exchange online and end up with Office 365 shared mailbox. 2. Migrate the user mailbox to Exchange online and then covert the user mailbox to shared mailbox on Microsoft 365 Exchange admin center. What do we loose or real issues if we go with option 2 when the on-premises object is still be a user mailbox? We did a test, and the test mailbox is shown as “Shared” mailbox under Microsoft 365 Exchange admin center while it shown as “Remote User” mailbox under on-premises Exchange admin center. The test mailbox is operational and can send/receive emails without any issues. What are the real issues there?
Thank you!
Both the options you explained are correct. In your case, there are no mail flow issues. Everything will work as expected.
There is only a mailbox type difference in the Exchange Hybrid environment. Follow the steps in that article on setting the remote mailbox value if it’s not showing the same between on-premises and the cloud.
The next time, convert the Office 365 mailbox from Exchange Management Shell on-premises. That way, the mailbox type will show the same in Exchange Admin Center on-premises and Exchange Admin Center in Exchange Online.
What if this was done in the O365 admin center by mistake? Do we just run the command on premise to fix it? Right now user shows shared online by usermailbox on prem.
Run the Set-RemoteMailbox cmdlet in Exchange Management Shell on-premises. Use the -Type parameter with the Shared value.
You can read more in the article Mailbox type difference in Exchange Hybrid.
In Brent´s case. When you’ve set the remote mailbox as type shared. There shouldn’t be a problem removing the local user account right?
Hi
I have followed your article and everything has worked as expected up to the point of verifying that mailbox is classed as a Shared mailbox in M365. I have performed the delta sync and its been nearly 24hrs but the mailbox is still showing as a UserMailbox in M365. Exchange on prem sees it as a remote shared mailbox.
Name RecipientTypeDetails RemoteRecipientType
—- ——————– ——————-
Services RemoteSharedMailbox Migrated, SharedMailbox
Hi Steve,
Something is going wrong. Try to do it with a test account and verify that it works.
If it’s a migrated mailbox and not a newly created mailbox in Exchange Online, you have to change the value in Exchange Online too, and make the mailbox type similar.