This website uses cookies to improve your experience. We'll assume you're ok with this. Know more.

How to Get the Report on Non-owner Mailbox Access in Exchange Online

Are you aware that user access to other Exchange Online mailboxes could pose significant data breaches due to their activities in Microsoft 365? Yes, it is! Take proactive measures by running a non-owner mailbox access report and implement the following strategies to mitigate the loss of highly confidential information associated with those Exchange Online mailbox activities.

Native Solution

Microsoft 365 Permission Required


Global Admin or Exchange Admin.

Option 1 Using Microsoft 365 Purview Portal

  • Navigate to Audit under 'Solutions' from the Microsoft 365 Purview portal.
  • If auditing is not turned on for your organization, click the Start recording user and admin activity option.
  • If the auditing is enabled, you can directly specify the start date and end date as per your requirement. To get the non-owner mailbox activities by a specific user, navigate to the "Users" section and select the desired user.
  • For more targeted results, you can also filter specific non-owner mailbox actions under the "Activities" section.
  • You can get all the details of who has access to other Exchange Online mailboxes, as shown below.
Using Microsoft 365 Purview Portal
  • You can also get the report from the Classic EAC by navigating to Run a non-owner mailbox access report from Compliance Management»Auditing. However, it is under deprecation.

Option 2 Using Windows PowerShell

  • Connect to Exchange Online PowerShell using the below cmdlet.
    Connect-ExchangeOnline -UserPrincipalName 
  • Turn mailbox auditing on by default for your organization by running the following cmdlet.
    Set-OrganizationConfig -AuditDisabled $false
  • Run the PowerShell cmdlet below to view the non-owner mailbox access report of a Microsoft 365 user.
    Search-MailboxAuditLog -Identity  -LogonTypes Delegate -ShowDetails -StartDate  -EndDate  | Select-Object Operation, LogonType, LastAccessed, LogonUserDisplayName 
Using Windows PowerShell
  • The above cmdlet displays various details like Operation, LogonType, LastAccessed, and LogonUserDisplayName pertaining to the Exchange Online mailbox.

Option 3 Using PowerShell Script

  • Do you feel that entering each user’s UPN and other properties takes the most time? Here is a PowerShell script to get the entire details of mailbox accessed by non-owners.
  • Download and run the following script in the Administrator PowerShell.
Using PowerShell Script
AdminDroid Solution
More than 150 reports are under free edition.

AdminDroid Permission Required

Any user with report access delegated by the Super Admin.

StepsUsing AdminDroid

  • Login to the AdminDroid Office 365 reporter.
  • Navigate to Audit»Exchange»Mailbox Access»Mailbox Non-Owner Access report.
Using AdminDroid

Visualize the complete list of users who has access to other mailboxes along with accessed time, performed operation, IP address, etc.

  • Leverage built-in graphical representation feature to visually depict the specific operations carried out on Exchange Online mailboxes by non-owners.

Simple yet the best! Isn't it?

Don't let the delegates rule your Exchange Online mailboxes - Safeguard your mailbox sensitive information by monitoring the non-owner mailbox access activities using AdminDroid.

Witness the report in action using the

Exchange OnlineMonitor users’ access to other mailboxes to detect any unauthorized actions in Microsoft 365

Showing 1 of 6

Do users' access to other mailboxes pose severe security risks?

When a user accesses another mailbox within an organization, several security concerns may arise, including the following:

  • Microsoft 365 external access If any external/guest users have access to other Exchange Online mailboxes, there is a possibility of accessing any sensitive information from the respective mailbox.
  • Using suspicious IPs If an Microsoft 365 user accesses other mailboxes from an unusual IP address, the possibility of data breaches is greater.
  • Multiple mailbox logins from the same user If a user sign-in to the delegated mailbox multiple times within a short period, it might indicate malicious mailbox access.
  • Prone to Microsoft 365 phishing attacks Unknowingly, non-owners may respond to phishing emails which results in the stealing of credentials by the hackers.

Access from suspicious IP addresses may cause serious threats to a Microsoft 365 organization!

Using AdminDroid, you can easily find the IP address of a specific Exchange Online mailbox non-owner access event.

To find the IP address of a particular Microsoft 365 non-owner access activity, you can check the Client IP property from the Mailbox Non-Owner Access report. Additionally, you can rearrange the available properties as per your need by clicking on the Customize Columns icon.


Why do admins grant user access to other mailboxes in Office 365?

Admins grant user access to other mailboxes for the following reasons,

  • Email management : Granting mailbox permissions to other users helps distribute the workload and streamline email management within an organization, particularly when a Microsoft 365 user receives a high volume of emails.
  • Accessing required folders : Mailbox folder permissions allow users to share specific folders with others, granting them varying levels of access such as reviewer, author, and auditor.
  • Troubleshooting issues : Admins may need access to user mailboxes to set up inbox rules, troubleshoot email delivery problems, etc.

How to check who has access to other mailboxes in Exchange Online?

To access other mailboxes, a Microsoft 365 user should have the necessary mailbox permissions assigned. Since these permissions can grant other users access to sensitive mailbox information, admins should review these permissions regularly to prevent data leakages.

Run the below PowerShell cmdlet to see various permissions assigned to a mailbox.

Get-MailboxPermission –Identity <User’s ID>
If you notice any unwanted permissions, remove them immediately by running the below PowerShell cmdlet. 

Remove-MailboxPermission -Identity <Mailbox Owner’s Display Name> -User <Delegate’s Display Name> -AccessRights<Permission> -InheritanceType All

Be proactive in getting the various permissions assigned to a mailbox using AdminDroid to ensure that the delegated users are legitimate ones for those mailboxes.


You can get the entire details of the mailbox, user with access, access status, etc.

How to grant permissions to other mailboxes in Microsoft 365?

To give access to other mailboxes, follow the steps below.

  • Login to the Microsoft 365 admin center. Navigate to Active users under the Users tab
  • Click the desired user. You can assign various permissions such as read & manage, send as, and send on behalf from the Mailbox permissions section located at the Mail tab.

Additionally, you can grant mailbox permissions when you delete a user from your Office 365 environment. The user mailbox will be converted into a shared mailbox.

While deleting a user, you will be prompted to grant another user access to their mailbox, OneDrive, and other associated resources.

  • Select the Give another user access to email option. Mention the user to whom the mailbox should be delegated.
  • You can set up a different display name for this mailbox.
  • You can also configure automatic replies and email aliases for the mailbox.

Revoke any unwanted Exchange Online mailbox permission changes immediately!

AdminDroid allows you to track the mailbox permission changes to the mailboxes. You can get the entire details of the authorized mailbox, authorized user, device used for authorization, and authorizing user’s type.

  • Using easy filters, you can view the permission changes of a specific mailbox that may contain sensitive Microsoft 365 information.

How to audit non-owner mailbox access in Exchange Online?

Admins should monitor the activities of the mailboxes accessed on behalf of the owners to ensure their organization's confidential information is safe. You can get the mailbox access details such as the user accessing the mailbox, the type of access, the date and time of access, and the operation performed. Follow the below ways to get the non-owner mailbox activities.

  • Using Microsoft 365 Purview Portal To know who accessed other mailboxes, search the Office 365 audit logs from the Audit log search.
  • Microsoft PowerShell Run the PowerShell script provided to get non-owner mailbox access report in Exchange Online.

Since the Office 365 audit logs contain a vast amount of data, filtering your exact requirement might be a challenging task.

With AdminDroid, you can create alerts for unusual number of non-owner mailbox access activities using the in-built alert policy template.

  • Click the Preview & Deploy option to create an alert policy.
  • Pro Tip: Make use of the different scopes available to set up alerts based on specific properties instead of organization-wide notifications.

How to manage non-owner mailbox access efficiently?

You can protect and manage the mailboxes accessed by non-owners by enforcing security measures such as strong passwords, multifactor authentication, and encryption to protect sensitive information. This helps prevent unauthorized access and potential data breaches. Follow the steps below to efficiently manage the mailboxes accessed by non-owners before they pose serious threats to your organization.

  • Multifactor Authentication : Set up MFA for both owners and non-owners for secured access to mailboxes that helps to prevent unauthorized access even if the credentials are stolen.
  • Conditional Access Policies : Set up conditional access policies to block owners and delegates who access mailboxes from unfamiliar locations.
  • Limited Access : Give Full Access permission only to trusted M365 users. For other users, just give Send on Behalf permission if needed.
  • Sharing Policies : Set up sharing policies for mailbox so that its contents cannot be shared with everyone.
  • Anti-Phishing Policies : Set up anti-phishing policies for all the mailboxes to prevent delegates from responding to phishing emails.

With AdminDroid, you can receive the report on non-owner mailbox access daily which reports on previous day activities alone using the Intelligent filtering option.

  • We recommend you use the Schedule this report now option to send the report periodically to your inbox.
  • You can also check whether the schedule has been created by navigating to the Schedule Reports page in your AdminDroid portal.

AdminDroid Exchange Online ReporterMaster the art of auditing Exchange Online non-owner mailbox access!

Proving to be a complete package for all the Microsoft 365 admins, the AdminDroid Exchange reporting and auditing tool lets you detect who accessed other mailboxes without any flaws.

Unique functionalities that AdminDroid provides you to audit non-owner mailbox access

By analyzing the results of the Mailbox Non-owner Access report, you can make informed decisions regarding whether to revoke access or assign additional mailbox permissions, thereby maintaining security within the organization. Also, it provides complete information about the IP address, accessed user, operation performed, accessed time, etc.

An Overview

Unified View of Non-owner Mailbox Access Activities

To enhance your non-owner mailbox access auditing, customize the columns to include or exclude specific properties to get a customized report.

Complete Overview of Mailbox Permissions

Know the various mailbox permissions assigned to a mailbox such as send as, send-on-behalf, and full access in separate reports.

Audit Permission Changes of a Specific Mailbox

Apply easy filters to audit the permission changes of a mailbox containing highly confidential information in your organization.

Alert on Unusual Non-owner Mailbox Access

Generate an alert to get notified of a greater number of non-owner mailbox access happening within a short time.

Automated Report Generation

Using advanced scheduling, you can receive the non-owner mailbox access report periodically in various formats such as HTML, PDF, CSV, XLS, XLSX, and RAW to your mailbox.

Be Updated on Non-owner Mailbox Access

The non-owner mailbox access activities are synced every 10 minutes, which keeps you instantly informed about the activities happening in your organization.

Overall, AdminDroid allows you to track the activities of mailboxes accessed by non-owners in a unified view. With the help of unique in-tool functionalities, you can easily customize the non-owner mailbox delegation report tailored to your Exchange Online requirement.

Kickstart Your Journey with AdminDroid

Your Microsoft 365 Companion with Enormous Reporting Capabilities!

Common Errors and Resolution Steps for Microsoft 365 non-owner mailbox access auditing

The following are possible errors and troubleshooting hints while dealing with Office 365 mailbox accessed by non-owners:

Error: Mailbox Audit Logging is not enabled.

This happens when auditing is not enabled for the particular mailbox.

Troubleshooting hint :Follow the below cmdlet to enable auditing for the particular mailbox.

Set-Mailbox <Display Name> -AuditEnabled $true

Error: The term 'Get-MailboxPermission' is not recognized as the name of a cmdlet, function, script file, or operable program.

This happens because the Exchange Online module may not be installed properly.

Troubleshooting hint : Install the Exchange Online PowerShell module. If it is already installed, updating it could resolve the issue. Run the below cmdlet for updating it.

Update-Module -Name ExchangeOnlineManagement

Error: There are no items to show in this view.

This happens because the user you’ve specified in the “Search for access by” drop-down box may not be an admin.

Troubleshooting hint :Choose All non-owners from the drop-down box.

Error: The extended property attribute combination is invalid. This cmdlet is obsolete. Please use Get-ComplianceSearch instead.

This occurs when you navigate to the Compliance Management section from the Classic Exchange admin center which is under deprecation.

Troubleshooting hint :Instead of using Classic EAC to run a non-owner mailbox access report, navigate to Auditing from the Microsoft 365 Purview portal.

Error: Your attempt to connect to this Exchange server was denied because your account isn’t enabled for Remote PowerShell.

This happens while connecting to the Exchange Online module because the Remote PowerShell functionality is disabled for you.

Troubleshooting hint :Ask another Global/Exchange administrator to enable it for you using the below cmdlet.

Set-User -Identity <UPN> -RemotePowerShellEnabled $true