since Microsoft forced to use oauth2 to access M365 Mailboxes, it isn’t possible to access shared mailboxes anymore. Previously this was possible with a combination of “/< shared mailboxe>” as IMAP Username.
If you currently try to add a shared mailbox you get a duplicate mailbox error from Zammad, because you can only use the “” to authenticate against M365.
The possibility to select with a dropdown (by reading the api of available mailboxes) or at least specific with a text filed would be good to add this shared mailboxes to zammad.
It should be possible to configure this shared mailbox to a separated zammad group so that it is still possible to configure seperated workflows for each mail mailbox.
I think I missed something during writing my feature request.
Yes, you can currently add shared mailboxes, is you assign a license to it and enable IMAP and SMPT-Auth both with modern authentication (oauth2). So you have to pay an extra fee for that license of each shared mailbox.
My request was, that you have one licensed “tech account” for zammad with IMAP and SMTP-Auth enabled and use this account to access multiple shared mailboxes which aren’t licensed. Because normal shared mailboxes are free. You need this license just for enabling IMAP & SMTP-Auth.
With this possibility you can safe up some license fees if you have to use separated mailboxes for regulation topics (don’t mix mail traffics for different topics)
I have the same problem, and have failed to get it working. We have one licensed ‘Master’ account, helpdesk@mydomain.com. We then have a number of shared inboxes (support@shop1.com, support@shop2.com etc). The master account has full access to these accounts.
Now that IMAP is not working anymore, we’d like to use that one licensed master account to receive emails over the various shared accounts over Oauth, as it was possible with IMAP. The outgoing emails are sent via Amazon SES (SMTP).
We use multiple shared mailboxes with oauth and the Microsoft 365 channel, but it’s a little bit different.
We use helpdesk@example.ca, monitoring@example.ca, projectrequests@example.ca, etc. Each incoming email is sent to a different group. All of these email addresses are configured as shared mailboxes with no M365 license cost.
If using different domains is not a hard requirement, this might be a possible path forward.
I was able to set a password for the shared inbox in the Exchange Online admin, and am able to import incoming emails now. The problem is that the shared inboxes cannot send out emails on their own, without a licensed user that is.
So my problem would actually be solved if I could just set an SMTP profile to send out emails for tickets that came in over an MS365 channel, which unfortunately does not seem to be possible either - or am I maybe missing something here?
Sorry for spamming, but I actually got it working now. I’ve added the O365 connection with our “master” account, helpdesk@mydomain.com.
Next I created a password for all the accounts that I want to use with Zammad (support@shop1.com etc) via the Microsoft admin, using “reset password”. The master account has “Full Access” set for all those shared inboxes.
Then I added each of these shared inboxes via Settings → Channels → Microsoft 365, and logged in with the username and password of that shared inbox. It was my understanding is that this should not be possible, but alas, it worked. I am able to receive and send emails.
I do not see that as a valid solution because this solution is outside of defined usage parameters.
“A shared mailbox is not designed for direct logon. The user account for the shared mailbox itself should stay in a Disabled (or “disconnected”) state.”
For Fredrik’s solution to work, you have to set the user account to enabled.
The proper solution is having a logon name for authentication and a seperate mailbox name.
Technically there’s no reason to run a mailbox of Zammad in shared mailbox mode.
The only reason why people would do this is to save licensing fees.
One could argue with “yes but our agents to have licensed mailboxes” - while that’s true and not really mandatory to have with Zammad, I wouldn’t be too sure if the “we have an agent with active license” would actually meet the licensing terms of Microsoft. Just as 50 cents of my end.
A shared mailbox feeding into Zammad is pretty much the poster boy of the use case when all users are licensed.
Shared mailboxes are used when multiple people need access to the same mailbox, such as a company information or support email address, reception desk, or other function that might be shared by multiple people.
To be honest, I don’t see major issues even when reading Microsoft’s policies. Its use is as suggested by Martin, and in any case, shared folders without access are guaranteed by a Microsoft 365 business license. In my case, my company is considering Zammad among others, and for now, the sticking point is precisely the inability to manage a shared email by authenticating users who have access to it. This is for security reasons that our policies consider necessary. Of course, these are my opinions on the matter.