Popular searches:GDPR, ESG 5 migration guide, "How to configure Libraesva ESG for Microsoft 365"

Automatic mapping of Shared Mailbox in M365

11 views 0 July 30, 2025 victor-popescu

Print to PDF

Introduction

ESG offers a native Graph API integration with M365 which is used to automatically sync valid users / addresses and for SSO authentication.

One of the elements synced via API are Shared Mailboxes, in ESG they are created as “Functional User” in the User Management. In M365 Shared Mailboxes can be accessed by users which were given permission to manage this mailbox, so like Groups and Distribution Lists they have a list of “members”.

Unlike for Groups and Distributions lists for which Graph API provides the list of members associated to each of them, the members of a Shared Mailbox cannot be retrieved via Graph API, this means ESG cannot automatically map the address of these Shared Mailboxes as secondary to the corresponding ESG Users which in M365 can manage them.

 

Prerequisites

In order to automate the mapping of shared to their corresponding members in ESG some prerequisites must be in place:

  •  ESG integration with Microsoft 365 must be configured and working
  • At least 1 import in ESG must be done from with M365 integration
  • Shared Mailboxes are present in ESG in the User Management

 

This will restrict the activity to only mapping the shared mailbox to existing ESG users according to the member list extracted via Powershell.

Automatic mapping via Powershell & ESG APIs

Powershell can be used to connect to your M365 tenant with the “Exchange Online” module, you can find the details on how to install and use this module here.

Once Powershell and the needed module are installed you can use it to retrieve the list of Shared Mailboxes currently present in your M365 tenant and the corresponding members which can manage them

An example of workflow to retrive the list of members for Shared Mailboxes is the following:

  • get list of all Shared Mailboxes
  • for each Shared search all users which have permissions to manage it
  • check if the members retrieved in the previous step are normal users or groups
  • if they are groups extract the members of the group to have the final list of users

Once you have extracted the list of all Shared Mailboxes with the corresponding members you can use ESG’s APIs to automatically map the address of the shared to the corresponding ESG users which are members.

An example of workflow to map shared to ESG users which are members is the following:

  • retrieve the list of all ESG users with the /user endpoint
  • filter out all users which are not members of any Shared Mailbox
  • Loop through each user by ID (/user/{id}) and verify if the Shared Mailbox he is a member of is already present as alias
  • If the Shared is not present as alias patch the corresponding user to update the list of aliases including the Shared he is a member of

 

The combination of these two workflows will allow you to automatically map Shared Mailboxes in ESG to their corresponding members, these can be combined in a Powershell script that you manually run periodically or schedule for automatic execution.

Was this helpful?

 
Related Articles

Didn't find your answer? Contact Us

  

  

Popular searches:GDPR, ESG 5 migration guide, "How to configure Libraesva ESG for Microsoft 365"