Generate JIRA Service Desk ticket from Exchange/Office365 "Shared Mailbox"

Shane Clarke January 27, 2016

Hi there. New to JIRA and starting the process of setup and putting it through its paces. I'll describe a few variables first to help fill in the context:

  • We're a college library environment.
  • We've dabbled with JIRA, Freshdesk, Zendesk, and Happy Fox. We're leaning towards JIRA (service desk, confluence, and software) for our needs. 
  • I want a "ticketing system" that will mostly be used behind the scenes for all our IT/Software development folk. JIRA more than meets these needs. So no worries there.
  • A HUGE requirement I need is the ability for any user to be able to submit a "ticket" to us via email. I don't want them to necessarily have to log in and establish some form of account in order to submit anything. Example: I have a student that has an issue. The email our support email address and that generates a ticket in JIRA. I'm running into trouble with this one.
  • I'm skimming: https://confluence.atlassian.com/servicedeskcloud/receiving-requests-by-email-747602718.html and also https://confluence.atlassian.com/servicedeskcloud/quickstart-guide-for-service-desk-email-support-732528953.html for slow guidance. I'm also aware of the Request Security settings, but not sure how much this part plays a role.

 

So here is my biggest challenge I'm running into. When I'm under | Administration | System | Incoming Email | attempting to test JIRA Service Desk to connect to my Exchange/Office365 data: our email account is a  Shared Mailbox in Exchange. This can be tricky for those that don't work in Exchange. This isn't a single user account mailbox and multiple people all access it with the same username/password. It is basically an account that can be accessed by multiple people and does not have a password associated with it. It's accessed based on permissions.

To better understand (in case you need reference): https://technet.microsoft.com/en-us/library/jj150498(v=exchg.150).aspx

 

Sooooooooooooo, I'm wondering if my failing with JIRA to access this Shared Mailbox is because the variables I can manipulate in Incoming Mail are for standard (normal) type mailboxes. Meaning single user, single username/password type setups. I can't even chose to not have a password in these settings.

 

Sorry about the TL;DR post. Just trying to be thorough. I'm open to any guidance/reading/links to resolve my challenges.

I'm wondering if in order to make this work I will need to convert my Shared Mailbox back to a Single User style Exchange/Office365 account.

 

Thanks!

4 answers

0 votes
Deleted user September 23, 2021

I faced similar issue and did reverse engineering , To my shared mailbox settings to Email forwarding I added jira@[company].com mail id and it worked. 

Sent a test mail to my shared mailbox and it created a ticket in Jira

0 votes
pawhan February 11, 2021

Hi all,

Did you manage to use shared mailboxes with jira server correctly?

I tried authenticating as jira@[company].com\<Shared Mailbox Alias> but it refuses to work, so far no success..

James Pickard February 11, 2021

No, never got it to work.  In the end had to stump up for an additional O365 account.  Working well otherwise, but additional monthly cost

P_D_ Foerster
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
March 15, 2021

Same here.
I tested using OAuth 2.0 as authentication method. There, I wasn't able to enter jira@[company].com\<Shared Mailbox Alias> since it's validated and is no valid email address. Thus, you can't get to the password prompt. Doing this with the user mailbox itself works, though.

EDIT:

It somehow works with the following:

  1. Enter the email address of your shared mailbox as username
  2. During the OAuth authorize flow use your user with the license.
  3. Test Connection
  4. Send test mail to your shared mailbox
  5. Create test mail handler using the mail config from above and test.

 

Note: we don't use Jira Service Desk but only Jira Software Server with default mail handlers.

0 votes
Iain Andrews September 25, 2017

Realise this thread is over a year old but just in case anyone else finds themselves here whilst looking for a way to connect to shared mailboxes.

We used to do it the way that Nicholas did, multiple distributions groups to a single standard mailbox and then handlers to process each email address and route the ticket to the appropriate service desk project. We've now switched so we have a single licensed Office 365 account for outbound and individual shared mailboxes per project / service desk which allows us to use the service desk handler as recommended.

Set up is as follows

  1. Standard licensed mailbox with login and password that is used as the outbound mail server in the global mail settings (jira@[company].com)
  2. Each service desk has its own shared mailbox without a username and password. The jira@[company].com account is granted Full Access and Send As rights to each shared mailbox.
  3. When configuring the Email request section of the service desk settings set the email address to the address for the shared mailbox.
  4. In the username box set it as jira@[company].com\<Shared Mailbox Alias>
  5. Password is the password for the jira@[company].com mailbox.

That should allow you to download mail from your shared mailbox using the service desk handler. It also means that we only pay for one Office 365 account as the shared mailboxes are free so we can set up as may of these as we need without additional subscription costs.

Estevan Ceppi April 28, 2018

Good morning,

I try to follow your suggest but it doesn't work.

I can't set the user name in the way explained at a point 4.

 

Christian Radwanski June 11, 2018

Hi, what Ian is refering to is have a shared mailbox automatically forward an E-mail to an actual inbox that does have a password (full mailbox account).

And this full mail account should be integrated into Jira.
This way you can still have mail adresses specifically for the client (aliases / shared boxes)

Marcin Kubica May 10, 2019

Not sure how  point 4 worked for anyone :-)

In the username box set it as jira@[company].com\<Shared Mailbox Alias>

In my case I could authenticate to jira@[company].com but not with \<Shared Mailbox Alias>

What worked for me is resetting the shared mailbox password, and logging in via Shared Mailbox Alias@[company].com

Iain Andrews May 10, 2019

Hi Marcin,

Point 4 is actually pretty straight forward, you're authenticating with the account that's been granted access to the shared mailbox using that accounts details. 

MS actually recommend that you block direct sign in on shared mailboxes. To quote the guide on creating shared mailboxes (https://docs.microsoft.com/en-us/office365/admin/email/create-a-shared-mailbox?view=o365-worldwide) 

"Every shared mailbox has a corresponding user account. Notice how you weren't asked to provide a password when you created the shared mailbox? The account has a password, but it's system-generated (unknown). You aren't supposed to use the account to log in to the shared mailbox.

But what if an admin simply resets the password of the shared mailbox user account? Or what if an attacker gains access to the shared mailbox account credentials? This would allow the user account to log in to the shared mailbox and send email. To prevent this, you need to block sign-in for the account that's associated with the shared mailbox."

Whilst your method works it's not secure and you're increasing the foot print of accounts that a malicious user can utilise to send email from your organisation. What do you do when someone leaves? change any shared mailbox password they may have had access to and then go round updating anything and everyone that still needs access to that resource? Far better to turn off the ability to log in to it at all and use the access permissions for their intended purpose.

Just to make sure before replying to this I set up a new service desk following my original posts steps to configure the email settings and can confirm it still works, the shared mailbox that SD is pointed at has logon blocked as per MS recommendations. Service Desk wise we're on 4.0.2 some of the earlier version complain when you set this up that the mailbox is not empty (that wasn't the case when I first posted but became an issue with one of the updates) that seems to have been resolved now. (There's a work round for that issue as well but given that it's working now without fiddling and the work around invovles altering the database entries for the service desk it's not worth detailing)

Marcin Kubica May 10, 2019

Ian.

Authenticating as jira@[company].com\<Shared Mailbox Alias> simply doesn't work.

Iain Andrews May 10, 2019

Marcin,

Given that as of today I have 9 desks set up exactly this way I can confirm not only does it work but it's actually straight forward to set up, I've been doing this way since we added the second service desk several years ago. 

I'm wondering if we're talking at cross purposes this is purely the set up for the service desk inbound email configured from within the project settings under email requests. This is also a server install of Jira rather than the cloud offering, I have no idea if it applies to the cloud version. Outbound email in the global config is using a licensed O365 account that's been granted full access permissions to each of the specific projects shared mailboxes and the config for each service desks email email requests has been set up exactly as I described.

If it makes a difference we're using secure pop.

Iain.

Marcin Kubica May 10, 2019

Thanks for your pointers Ian. I'm using IMAPS and getting auth denied. Will try POP3S. Failing that will try latest Service Desk. 

Many thanks for your time with me here. Cheers!

Edmund Ng August 5, 2019

Thanks for this post Iain and is much appreciated.  Based on your last response, you mentioned you are working with a server installed version of Jira but am wondering if you've worked with configuring O365 with cloud-based Jira?

After reviewing my project's email setup and corresponding with a member of the Atlassian Cloud Team, I've found that Jira Cloud doesn't currently support the ability to utilize SMTP as a mail server protocol.   

I'm curious if you've migrated to Jira Cloud since your last post and if you've personally found a workaround to this.

Best regards to you!

Jun Tao August 7, 2019

Iain,

The way you mentioned worked before, and I was using shared mailbox in Jira Cloud successfully.

However, I changed the password of company email yesterday because of 90 days rule. When I tried to update the password in setting, I realized Jira Cloud upgraded the email setting page, and removed username box. So there is no way to set up shared mailbox in Jira Cloud now.

I submitted feedback to Jira Team, and hopefully they can help me.

Best,

Jack

Iain Andrews August 8, 2019

Edmund / Jun,

We're still using Jira Server rather than the cloud version and I've currently no intention of migrating so I'm afraid I can't suggest anything with regards to the changes that have been made to the cloud version.

Might be worth posting a feature request to the Jira team, it would seem not to be an unreasonable request for you to be able to specify the account details on incoming mailboxes.

Regards
Iain.

Jun Tao August 8, 2019

Hi Iain,

Just FYI.

I got the reply from Jira team, and Jira Cloud won't support shared mailboxes anymore. 

Also, the feature request to allow connecting shared mailboxes to service desk projects was closed by development teams with the resolution Won't do, as you can see below.

JRACLOUD-30688 - IMAP login to a shared mailbox

Thanks,

Jun

Like Cory Weaver likes this
James Pickard October 11, 2020

Hi all,

Is it still the case that you can't connect Jira SD to an Office 365 "Shared Mailbox" and I need to use a dedicated licensed O365 mailbox?

thanks

0 votes
Nicolas Bourdages
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 27, 2016

For your JIRA inbox, you shouldn't be using a shared mailbox. You should have a mailbox dedicated to JIRA.

This is what we do here (We use the JEMH plugin to handle our incoming emails because we have more specific needs, but that applies to a Service Desk mail handler too)

  1. We have a mailbox called jira@[company].com. It has a login/password.
  2. We set up a mail server from that mailbox in JIRA's Administration / System / Incoming Emails.
  3. We created a handler to map emails received in that mailbox to a specific JIRA project depending on a catched email destination (we use a different distribution list for each customer company, but the emails all end up in the same JIRA mailbox)

In your situation, maybe you would like a forward of these email tickets to your shared mailbox, but I rather think it's unnecessary. Better to rely on JIRA's notifications when the tickets are created to avoid duplicates.

 

Suggest an answer

Log in or Sign up to answer