Block sign-in for shared mailbox accounts in Microsoft 365 Lighthouse
Every shared mailbox has a corresponding user account. A shared mailbox isn't intended for direct sign-in by its associated user account. You should always block sign-in for the shared mailbox account and keep it blocked.
Microsoft 365 Lighthouse provides visibility into all the shared mailboxes across your managed tenants that are enabled for direct sign-in. You can track and block sign-in for all shared mailbox accounts from the Shared mailboxes tab on the Account management page.
Block sign-in for shared mailbox accounts
In the left navigation pane in Lighthouse, select Users > Account management, and then select the Shared mailboxes tab.
Select the shared mailbox account that you want to block, and then select Block sign-in.
In the Manage sign-in status pane, select Block users from signing in.
Select Save.
Notify users that access is blocked (optional)
In the left navigation pane in Lighthouse, select Users > Account management, and then select the Shared mailboxes tab.
Select the check box next to the shared mailbox accounts whose user you want to notify, and then select Create email.
Lighthouse opens your default email client and prepopulates the email message to notify the selected users that their login access has been blocked.
Related content
Block user sign-in (article)
About shared mailboxes - Microsoft 365 admin (article)
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for