Resetting Security Groups for Exchange 2013
Exchange 2007 let me add normal Active Directory Security Groups to Shared Mailboxes, so that's how I created them all in the past, but this is not quite the correct way - In order to assign access through the Exchange Admin Center the Group needs to be Universal and Mail-enabled.
Fortunately there is a few PowerShell commands that can be run to get our Groups up to spec, this works well if your Access Groups are tidily stored in a single Active Directory OU, otherwise this will be more difficult, mine live in Groups > Shared Email Accounts.
-
On the Exchange Server open the Exchange Management Shell
-
Use Powershell to make all the Groups in the OU Universal:
Get-Group -OrganisationalUnit "OU=Shared Email Accounts,OU=Groups,DC=Contoso,DC=com" | Set-Group -Universal
-
Next Mail-Enable the groups:
Get-Group -OrganisationalUnit "OU=Shared Email Accounts,OU=Groups,DC=Contoso,DC=com" | Enable-DistributionGroup
-
Finally, you probably don't want all of these groups to appear in your Global Address List, so run this to hide them:
Get-Group -OrganisationalUnit "OU=Shared Email Accounts,OU=Groups,DC=Contoso,DC=com" | Set-DistributionGroup -HiddenFromAddressListsEnabled:$True
You will now be able to assign groups to mailboxes from within the "Exchange admin center"