tech_documents:zimbra:zimbra_shared_mailboxes

Shared Mailbox in Zimbra

This is for sharing full mailboxes, not just one or two folders; this will share at the root of the account (this includes all contacts, calendars, briefcases, etc). Our main purpose here is to create a shared mailbox and have it show up in the same Zimbra web UI of the user that has been granted the share (note, this method also allows it to show up in Outlook using Activesync via zpush and the Blackberry mail app using Activesync via zpush).

Setup Account for Shared Mailbox

https://forums.zimbra.org/viewtopic.php?t=30328

In this setup we are going to create an “Inbox Archive” and restricted “Sent” folder so that any incoming or outgoing E-Mail from this account will always be available. The reason for this is that the shared nature of the mailbox leaves the opportunity for things to become lost without others knowing about it.

  • Create your accounts that are to be shared
  • Create an “Inbox Archive” folder to store an additional copy of all inbound E-mail 
    zmmailbox -z -m shared.mailbox01@domainname.com cf -V message "/Inbox Archive"
  • Create a rule to make a copy of any inbound E-Mail to both the “Inbox” and “Inbox Archive”, this rule will apply to anything sent after Dec 31st 1940… 
    zmmailbox -z -m shared.mailbox01@domainname.com afrl -f "Inbox Archive: create 2nd copy of inbound E-mail with limited permissions for shared users" active any date after 19401231 fileinto "/Inbox" fileinto "/Inbox Archive" stop

Add Shared Mailbox to Sharee's Mailbox

Here the account shared.mailbox01@domainname.com represents the sharer and person_receiving_share@domainname.com represents the sharee.

  • Give full permissions (except creating shares) at root of mailbox. 
    zmmailbox -z -m shared.mailbox01@domainname.com mfg / account person_receiving_share@domainname.com rwixd
  • Give read only permissions for the “Inbox Archive” folder 
    zmmailbox -z -m shared.mailbox01@domainname.com mfg "Inbox Archive" account person_receiving_share@domainname.com r
  • Give all permissions except delete or share on “Sent” folder 
    zmmailbox -z -m shared.mailbox01@domainname.com mfg /Sent account person_receiving_share@domainname.com rwix
  • Mount the shared mailbox in the sharee's mailbox under the name of the shared account primary E-Mail address
    zmmailbox -z -m person_receiving_share@domainname.com createMountpoint /shared.mailbox01@domainname.com shared.mailbox01@domainname.com /
  • Grant the sharee Send As permissions to send as the shared mailbox 
    zmprov grr account shared.mailbox01@domainname.com usr person_receiving_share@domainname.com sendAs

Remove Access

  • Remove sendAs permission, this will cause the option to disappear from the “from” account list 
    zmprov rvr account shared.mailbox01@domainname.com usr person_receiving_share@domainname.com sendAs
  • Remove mailbox permissions by setting permissions to none 
    zmmailbox -z -m shared.mailbox01@domainname.com mfg / account person_receiving_share@domainname.com none
  • Remove other added permissions. This is still necessary even if root permissions are set to none since you added explicit permissions to other folders.
    zmmailbox -z -m shared.mailbox01@domainname.com mfg "Inbox Archive" account person_recieving_share@domainname.com none
zmmailbox -z -m shared.mailbox01@domainname.com mfg /Sent account person_recieving_share@domainname.com none
  • Remove mount in sharee's mailbox 
    zmmailbox -z -m person_recieving_share@domainname.com deleteFolder /shared.mailbox01@domainname.com

Check Permissions

  • First list all folders of the mailbox that might have shares 
    zmmailbox -z -m shared.mailbox01@domainname.com gaf
  • Then check specific folders… 
    zmmailbox -z -m shared.mailbox01@domainname.com gfg "/"
zmmailbox -z -m shared.mailbox01@domainname.com gfg "/Inbox Archive"
zmmailbox -z -m shared.mailbox01@domainname.com gfg "/Sent"
zmmailbox -z -m shared.mailbox01@domainname.com gfg "/Inbox"
  • Finally check sendAs permissions 
    zmprov ckr account shared.mailbox01@domainname.com person_recieving_share@domainname.com sendAs

Note: Available permissions details: r, rw, rwix, rwixd, rwixda, none. 

(r)ead - search, view overviews and items
(w)rite - edit drafts/contacts/notes, set flags
(i)nsert - copy/add to directory, create subfolders action
(x) - workflow actions, like accepting appointments
(d)elete - delete items and subfolders, set \Deleted flag
(a)dminister - delegate admin and change permissions

For later, a possible script to check all shares on all accounts: https://www.linuxquestions.org/questions/programming-9/hoping-for-help-with-a-shell-script-that-will-allow-me-to-display-all-shared-folders-4175521575/

Add Shared Mailbox Quick List

This is to copy and paste into a text document and replace with your own addresses 

zmmailbox -z -m shared.mailbox01@domainname.com cf -V message "/Inbox Archive"
zmmailbox -z -m shared.mailbox01@domainname.com afrl -f "Inbox Archive: create 2nd copy of inbound E-mail with limited permissions for shared users" active any date after 19401231 fileinto "/Inbox" fileinto "/Inbox Archive" stop
zmmailbox -z -m shared.mailbox01@domainname.com mfg / account person_recieving_share@domainname.com rwixd
zmmailbox -z -m shared.mailbox01@domainname.com mfg "Inbox Archive" account person_recieving_share@domainname.com r
zmmailbox -z -m shared.mailbox01@domainname.com mfg /Sent account person_recieving_share@domainname.com rwix
zmmailbox -z -m person_recieving_share@domainname.com createMountpoint /shared.mailbox01@domainname.com shared.mailbox01@domainname.com /
zmprov grr account shared.mailbox01@domainname.com usr person_recieving_share@domainname.com sendAs
  • tech_documents/zimbra/zimbra_shared_mailboxes.txt
  • Last modified: 2020/09/28 17:47
  • by dwadmin