How to Send As a Hidden Mailbox

Some end users in your Exchange Server environment may have a requirement to “send as” a mailbox that they also need to remain hidden from the global address list. This scenario presents a few challenges.

Unable to Resolve Hidden Mailbox Names

The first is that the mailbox the person is sending as can’t be resolved from the address list when it is hidden. For example, here Alan Reid is trying to send on behalf of Alannah Shaw to all head office staff. However, despite typing out Alannah’s full email address as the “from” address is still does not resolve.

exchange-send-as-hidden-mailbox-01

One way to work around that issue is to temporarily un-hide the mailbox, allow the person to “send as” at least once, and then in future they are able to select the mailbox name from a cached list in the “From” drop down menu.

exchange-send-as-hidden-mailbox-07

Send on Behalf Permissions Error When Sending as a Hidden Mailbox

Another problem is that even when the “send as” permissions are correctly configured, after the mailbox is hidden from the address list the sender begins receiving undeliverable notifications.

exchange-send-as-hidden-mailbox-02

You can’t send a message on behalf of this user unless you have permission to do so. Please make sure you’re sending on behalf of the correct sender, or request the necessary permission. If the problem continues, please contact your helpdesk.

A Solution for Sending As Hidden Mailboxes

This is one solution for these problems that I have tested and that appears to work. There may be other solutions as well, I’ve seen a few partial answers in forums and on other websites, but these specific steps are the ones that have worked for me. I can’t guarantee that some other factor in your environment won’t prevent this solution from working.

Thanks to Jeff Guillet for his tip that helped me with this.

To begin with the mailbox must be un-hidden and visible in the GAL. For cached-mode clients this also means that the change needs to makes its way through the normal chain of events before it is reflected in the offline address book on the client. If the person can see the mailbox in the Outlook address book then you can proceed to the next step.

exchange-send-as-hidden-mailbox-03

Next, have the end user (Alan Reid in this example) open a new email and type the mailbox name they wish to send as into the “To” field.¬†After a few seconds it should resolve, or you can CTRL+K to speed it along.

Have the end user right-click the resolved name and choose Add to Outlook Contacts. This will add the mailbox to their personal contacts in their mailbox.

exchange-send-as-hidden-mailbox-05

Click Save & Close when the contact card opens up.

Hide the mailbox from the address list again. As before, for cached-mode clients there will be some delay (24-48 hours is not uncommon) before the changes are reflected in the OAB copy on the client.

Now send another email, choosing the hidden mailbox to send as. It should resolve from the contact that was added earlier.

exchange-send-as-hidden-mailbox-06

If there are previously cached entries in the From drop down list ignore those, and make sure you choose Other E-Mail Address and resolve the mailbox from the contact that was added.

exchange-send-as-hidden-mailbox-10

The email should be delivered this time without any error.

exchange-send-as-hidden-mailbox-09

Note, the Other E-Mail Address option must be used each time. Choosing the cached entry from the drop down list will result in an undeliverable message.

exchange-send-as-hidden-mailbox-11

Comments

  1. Andres Canello [MSFT] says

    To avoid waiting OAB Gen/Distribution/Download you may point the user to grab the Send-As user from the “All Users” Address List, that will force Outlook to hit the AB service running on a CAS.

    • says

      Good point Andres, thanks. I think that tip comes with the caveat that it will work as long as the OAB only includes the GAL and not the “All Users” address list as well. Which is the default configuration for an OAB, but some people do mess around with that.

      • Andres Canello says

        Yeah, but Outlook only downloads only one AL included in the OAB, either the GAL or any additional one, it was like that last time I tried. There’s been some bugs around that…

  2. Rusty Shackleford says

    I have had success using LegacyExchangeDN then control+K to list the name. It might not work for the everyday user because they need either EMS or ADSIEdit to acquire the LegacyExchangeDN. The again, I cannot imagine this will be an everyday request either. Peace.

    • says

      Yeah, this has always been something I’ve needed to setup for them, and walk them through, and even provide a one page cheat sheet for when they inevitably forget the important step of not using the autocomplete entry.

  3. Rob Shinwell says

    For 2 days I’ve been working on this. I tried the “creating a contact” method but was getting inconsistent results until reading this. This article has been invaluable. Thanks Paul

Leave a Reply

Your email address will not be published. Required fields are marked *