Delegated mailbox

Ivanti Email+ supports delegated access for Mailbox. Currently, we support delegation of up to four mailboxes. In case of multiple mailboxes, each mailbox is independent and has its own Delegated Mailbox account settings.

When configuring the mailbox delegation, the owner delegates mailbox to another user (Delegate) to manage it as per delegation level set on Outlook.

The delegated user can add upto four delegated mailboxes from multiple owners. .When multiple accounts are available then only mailboxes delegated to primary account can be added to Email+.

To configure Delegated Mailbox on Android AppConnect or Android Enterprise, configure the following key-value pairs or restrictions:

Add delegated_shared_mailbox value to enabled_features key-value pair or to Optional Features restriction to add the Add Mailbox option in the Email+ app.

When you select the Add a Mailbox option, Email+ searches email address in GAL and provides list of contacts to add mailbox. If the search result is successful, the 'Mailbox added' pop-up is displayed and Delegated Mailbox is added. Once Delegated Mailbox is added, the Add Mailbox option appears in the navigation drawer and Settings.

Email+ supports delegated mailbox permissions similar to Microsoft Exchange server such as Reviewer, Editor, and Author level permissions. Ivanti Email+ 4.7.0 supports only 'Reviewer' level permission. All other permissions levels are represented as 'Reviewer' in Email+.

Delegated Mailbox with Reviewer permission can perform the following actions:

Mark as Unread or Read
Download and view attachments from mail or invite mails.

Search of the delegated mails is out of scope for Email+ 4.7.0 release.

All the folders are auto synced when the user clicks on each folder to start and stop the sync. The delegated user can manually delete the delegated mailbox added from the Email+ app.

Microsoft server does not provide any permissions to load sub folders and doesn't return in requests for the sub folders synchronization so sub folder in the Inbox is not displayed for added delegated mailbox of such accounts in Email+ as well as on Outlook.

The delegate receives a notification when a new mail is received in the delegated mailbox. Also, the delegated user receives following notification when the owner removes the access to the delegated mailbox:

Mailbox access has been denied

You cannot delegate a particular sub folder in a mailbox, you can only delegate only the mailbox

Ivanti Email+ configurations supported for Delegated Mailbox

The following table lists the supported Email+ and EWS configurations.

If EWS server is not accessible publicly (located in private network), then VPN should be configured.

Update the host name in the email_ews_host key-value pair.

Email+ Configuations	Additional Configurations for EWS	Supported
Android AppConnect: Ivanti EPMM and Ivanti Neurons for MDM with sentry, Modern auth with or without email_password KVP, Microsoft Office 365	Add email_ews_host KVP with EWS server value Add ews_min_allowed_auth_mode = modern_auth KVP	Yes
Android AppConnect and Android Enterprise: Ivanti EPMM or Ivanti Neurons for MDM, without sentry, Modern auth with or without email_password KVP, Microsoft Office 365	Add ews_min_allowed_auth_mode = modern_auth KVP	Yes
Android Enterprise: Ivanti EPMM or Ivanti Neurons for MDM, with sentry, Modern auth with or without email_password KVP, Microsoft Office 365	Exchange host for EWS should have value of the EWS server EWS Authentication Mode should have Modern Authentication value	Yes
Android AppConnect and Android Enterprise: Ivanti EPMM or Ivanti Neurons for MDM, with sentry + Local certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365	Android AppConnect: add email_ews_host with EWS server value Android Enterprise: Exchange host for EWS should have value of the EWS server	Yes
Android AppConnect and Android Enterprise: Ivanti EPMM, with sentry + group certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365	Android AppConnect: Add email_ews_host with EWS server value Android Enterprise: Exchange host for EWS should have value of the EWS server	Yes
Android AppConnect and Android Enterprise: Ivanti EPMM, with Sentry + MS scep certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365	Android AppConnect: add email_ews_host with EWS server value Android Enterprise: Exchange host for EWS should have value of the EWS server	Yes
Android AppConnect and Android Enterprise: Ivanti EPMM or Ivanti Neurons for MDM, with Sentry, Kerberos with prompt_email_password=true and enter password on Email+ login screen, Microsoft Exchange versions 2016 and 2019	Android AppConnect: add email_ews_host with EWS server value Android Enterprise: Exchange host for EWS should have value of the EWS server	Yes
Android AppConnect and Android Enterprise: Ivanti EPMM or Ivanti Neurons for MDM, with Sentry, Kerberos with email_password KVP with hard coded value (which is not probably a use case), Microsoft Exchange versions 2016 and 2019	Android AppConnect: add email_ews_host with EWS server value. Android Enterprise: Exchange host for EWS should have value of the EWS server	Yes
Android AppConnect and Android Enterprise: Ivanti EPMM or Ivanti Neurons for MDM, without sentry, Basic auth (with or without 'email_password' KVP), Microsoft Exchange versions 2016 and 2019, Microsoft Office 365		Yes
Android AppConnect and Android Enterprise: Ivanti EPMM or Ivanti Neurons for MDM, with or without sentry, Certificate based auth, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365	Android AppConnect: add 'ews_min_allowed_auth_mode' = cert_base KVP Android Enterprise: add 'EWS Authentication Mode' should have 'Certificate-Based Authentication' value	Yes
Android AppConnect and Android Enterprise: Ivanti EPMM or Ivanti Neurons for MDM, with sentry, Kerberos (without 'email_password' KVP), Microsoft Exchange versions 2016 and 2019		No

Email+ Configuations

Additional Configurations for EWS

Supported

Android AppConnect:

Ivanti EPMM and Ivanti Neurons for MDM with sentry, Modern auth with or without email_password KVP, Microsoft Office 365

Add email_ews_host KVP with EWS server value

Add ews_min_allowed_auth_mode = modern_auth KVP

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM or Ivanti Neurons for MDM, without sentry, Modern auth with or without email_password KVP, Microsoft Office 365

Add ews_min_allowed_auth_mode = modern_auth KVP

Yes

Android Enterprise:

Ivanti EPMM or Ivanti Neurons for MDM, with sentry, Modern auth with or without email_password KVP, Microsoft Office 365

Exchange host for EWS should have value of the EWS server

EWS Authentication Mode should have Modern Authentication value

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM or Ivanti Neurons for MDM, with sentry + Local certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365

Android AppConnect: add email_ews_host with EWS server value

Android Enterprise: Exchange host for EWS should have value of the EWS server

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM, with sentry + group certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365

Android AppConnect: Add email_ews_host with EWS server value

Android Enterprise: Exchange host for EWS should have value of the EWS server

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM, with Sentry + MS scep certificate, Basic auth with or without email_password KVP, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365

Android AppConnect: add email_ews_host with EWS server value

Android Enterprise: Exchange host for EWS should have value of the EWS server

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM or Ivanti Neurons for MDM, with Sentry, Kerberos with prompt_email_password=true and enter password on Email+ login screen, Microsoft Exchange versions 2016 and 2019

Android AppConnect: add email_ews_host with EWS server value

Android Enterprise: Exchange host for EWS should have value of the EWS server

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM or Ivanti Neurons for MDM, with Sentry, Kerberos with email_password KVP with hard coded value (which is not probably a use case), Microsoft Exchange versions 2016 and 2019

Android AppConnect: add email_ews_host with EWS server value.

Android Enterprise: Exchange host for EWS should have value of the EWS server

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM or Ivanti Neurons for MDM, without sentry, Basic auth (with or without 'email_password' KVP), Microsoft Exchange versions 2016 and 2019, Microsoft Office 365

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM or Ivanti Neurons for MDM, with or without sentry, Certificate based auth, Microsoft Exchange versions 2016 and 2019, Microsoft Office 365

Android AppConnect: add 'ews_min_allowed_auth_mode' = cert_base KVP

Android Enterprise: add 'EWS Authentication Mode' should have 'Certificate-Based Authentication' value

Yes

Android AppConnect and Android Enterprise:

Ivanti EPMM or Ivanti Neurons for MDM, with sentry, Kerberos (without 'email_password' KVP), Microsoft Exchange versions 2016 and 2019