Time after time, Microsoft decided to change their company presentation to “mobile first – cloud first”. There are currently many Office 365 features, which are reserved for cloud-only users, such as Delve (Office Graph), Groups, Sway, Yammer, etc. and there are no plans to make them for on-premises users available. This depends, among other things, on the complex configuration and the customer needs; not all on-premises users will have Exchange, SharePoint, and Lync installed.

In this topic, I will discuss the possibility to connect an Exchange Hybrid deployment with Office 365 to use site mailboxes.

Some customers asked me what’s the reason to configure site mailboxes and will it be used in future? Definitely YES!

Site mailboxes are used to gather relevant team or project email conversations or collaborate together; either with communication and collaboration. This means, you will be able to send email messages to that site mailbox and share documents. Everyone who has Contribute permissions to your site will be able to open the site mailbox and view the messages and shared documents.

In this article, I will not further discuss about the features of site mailboxes or the architectural design. If you would be interested to learn more about site mailboxes, I prefer the following blog article from Alfons Staerk and Andrew Friedman: http://blogs.technet.com/b/exchange/archive/2012/08/22/site-mailboxes-in-the-new-office.aspx (Site Mailboxes in the new Office).

My main goal is to show you how to connect your Exchange 2013 Hybrid deployment with an Office 365 site mailbox in SharePoint Online.

As far as you know, SharePoint and Exchange servers for a site mailbox have to be on the same premise (users can be on cross-premise). With one difference: Microsoft published a long time ago (2013/9/4) the “Microsoft Exchange 2013 Site Mailbox Directory Sync Support Scripts”. This enables synchronizing site mailbox objects from Office 365 cloud into on-premises Active Directory to support access for on-premises users.

Note: This is a temporally solution to enable on-premises users access site mailbox created in Office 365. When DirSync with user object creation feature enabled in future release, this script will be abandoned.

Before we start, let’s take a look at my testlab:

I installed a Domain Controller “DC01”, AD FS and DirSync on “SRV01”, and an Exchange Hybrid server “EX01”.

Note: this configuration is only for lab environments and not suitable for production!

Download the “Microsoft Exchange 2013 Site Mailbox Directory Sync Support Scripts” here: http://www.microsoft.com/en-us/download/details.aspx?id=38406

The following scripts will be used:

–    SyncSiteMailbox.ps1: Running the script daily as part of a scheduled task to ensure seamless experience with site mailboxes when they are created in Office 365.
–    Export-SyncSiteMailbox.ps1: This script will export sync site mailboxes in cached file into local on-premises Active Directory. It will use Exchange local PowerShell to commit the changes.
–    Import-SyncSiteMailbox.ps1: This script is used to support hybrid scenario that site mailbox is created in Office 365 directly. It pulls delta changes from Office 365 and merge into a local cache file in the working folder.
–    SyncSiteMailboxLibrary.ps1: This script provides methods for import and export sync site mailbox script.

Prerequisites:

–    An Exchange 2013 server on-premises
–    An account with read-write permission to on-premises Active Directory
–    Microsoft Azure Active Directory Module for Windows PowerShell
–    An account with organization and recipient read-only permissions to Exchange Online and read-only permissions to Microsoft Online Service

1.    Create a Site Mailbox in Office 365

Login into your Office 365 Tenant and on the home screen, click the “Sites” tile:

On the “Sites” screen, click on the “Team Site” tile:

Next, click on “Keep email in context” tile:

The next and last step is to create the site mailbox (fully automatically):

The site mailbox is created and you can access it via the Site menu directly:

In this lab, I created a site mailbox “exchange-lab” with the automatically assigned email address SMO-exchange-lab@exchange-lab.de.

2.    Prepare the Exchange Hybrid Environment

Prepare the Exchange Hybrid environment for accessing site mailboxes for Office 365 and on-premises user mailboxes.

First, let’s check which user can access the site mailbox in Office 365:

Andreas (Office 365 user mailbox) can successfully access the site mailbox:

Dennis (on-prem user mailbox):

As you can see, Dennis and his on-prem user mailbox locally on Exchange 2013 Hybrid can’t see or access the Office 365 Site Mailbox.

To make site mailboxes, which were created in Office 365, available to on-premises users, follow these steps on your local Hybrid Exchange 2013 server:
1.    Create a folder on your on-premises Hybrid Exchange 2013 server to host the log files and cached site mailbox csv file. In my case I use the path “C:local_files”.
2.    Go to control panel and open the Credential Manager. You have to add a generic credential for your Exchange Online account; use your tenant name as key, like “sharepointeurope”.

3.    Create a scheduled task (run whether user is logged on or not) to run the script daily once a day to automatically update your created site mailboxes in Office 365.
–    Start a program/script: C:WindowsSystem32WindowsPowerShellv1.0powershell.exe
–    Add arguments: .SyncSiteMailbox.ps1 -WorkingFolder “C:local_files” -TenantCredentialKey sharepointeurope
–    Start in: C:ScriptsSyncSiteMailbox.ps1

4.    The script SyncSiteMailbox.ps1 triggers the following actions:
–    Runs the Import-SyncSiteMailbox.ps1 script to pull changes from Office 365 to a local cache csv file in your working directory. In our case C:local_files.
–    Runs the Export-SyncSiteMailbox.ps1 script to export site mailbox changes to on-premises active directory.
–    Runs the SyncSiteMailboxLibrary.ps1 script to provide methods for import and export sync site mailbox script.

Of course you would be able to run the script manually with the Azure Active Directory PowerShell Module for Windows PowerShell:

The scripts creates the following files in your working directory:

5.    Check if Dennis (on-premises) can now access the site mailbox which was created in Office 365:

Dennis is able to access and manage the Office 365 site mailbox! 

Because we checked the radio button “show in Outlook” Dennis can access the site mailbox in Outlook, too:

Site mailboxes will be auto-mapped via Autodiscover service.

Hopefully Microsoft improves or simplify this process in future via DirSync / AAD Sync.

About the author: My name is Dominik Hoefling, I’m a Consultant in Microsoft technologies, especially in Microsoft Exchange, Exchage Online and Office 365. I work for a german company calledAllgeier Productivity Solutions GmbH, a member of Allgeier SE group, which is one of the top 5 german consultant companies. We’re involved in the “Technology Adoption Program (TAP)” for Exchange and SharePoint, which is a great chance to learn so much from the product and help Microsoft to improve features.
I’ve worked in IT for about 8 years, primarily Exchange Server, but also Windows Server, Active Directory, SCOM, Office 365, Unified Messaging, and lots of third party products. My job at Allgeier consist of designing and building message infrastructures and troubleshooting Microsoft technologies.
I hold several Microsoft certifications including MCITP for Exchange Server 2010, MCSE Messaging (Exchange Server 2013), and MCITP Enterprise Administrator for Windows Server 2008 / 2008 R2. During my spare time I hang around with friends, go to concerts, catch a movie, ride bikes (mountainbike, motorcycle, motocross), and help community members at TechNet, MSDN, or Yammer.

Check out last years European SharePoint Conference video:

European SharePoint Conference 2015 takes places in Stockholm Sweeden from 9-12 November 2015. View Programme>>