Shared mailboxes are one of the most widely used features in Microsoft 365, letting teams manage common email addresses like support@company.com or hr@company.com without assigning individual licenses. But when it comes to backing up, archiving, or migrating that data offline, exporting a shared mailbox to PST is far more technically involved than most administrators expect.
This guide covers how shared mailboxes actually work under the hood, why manual export methods fail at scale, and how to reliably export a Microsoft 365 shared mailbox to PST, both manually and automatically using the Macsonik Tenant to Tenant Migration Tool, a Graph API-based solution built to handle this conversion without the throttling failures, mapping dependencies, and scale limitations that manual methods run into.
A shared mailbox is a mailbox object in Exchange Online that allows multiple users to read and send emails from a common address. Unlike standard user mailboxes, shared mailboxes generally do not require a license unless their storage exceeds Microsoft’s default limits or advanced compliance features are needed.
Understanding this architecture matters, because it explains exactly where manual PST export methods break down.
|
Backup and Disaster Recovery Maintaining offline PST copies protects valuable business communication from accidental deletion, ransomware incidents, or tenant-level failures. |
Tenant Migration & Offboarding Before migrating between Microsoft 365 tenants or moving to another email platform, administrators often export mailbox data into PST format. |
|
Compliance and Legal Requirements Many organizations archive mailboxes to satisfy legal retention policies and eDiscovery requirements. |
Storage and License Optimization Archiving older shared mailbox content locally frees up cloud storage without permanent data loss. |
The built-in Export to PST feature in Outlook is often the first choice for administrators, but it has several limitations when handling large-scale mailbox exports.
Microsoft Purview’s Content Search and eDiscovery tools can export mailbox content to PST as well.
As EWS is being phased out and manual or Outlook-dependent methods are not scalable, the most reliable modern solution is a Microsoft Graph API-based export engine. This is the technology our Macsonik Tenant to Tenant Migration Tool uses to perform conversions.
|
Authentication The application authenticates using OAuth 2.0 through Microsoft Entra ID (Azure AD). After an administrator grants the required permissions, the software securely obtains an access token to communicate with Microsoft Graph. |
PST Generation After retrieval, mailbox data is converted into a Unicode PST file that can be opened using Microsoft Outlook. |
|
Data Retrieval Messages are downloaded directly from Exchange Online while preserving:
|
Mailbox Discovery The software retrieves the mailbox folder structure, including:
|
|
Capability |
Manual Outlook Export |
eDiscovery Export |
Our Graph API Software |
|
Requires Outlook installed |
Yes |
No |
No |
|
Depends on auto-mapping |
Yes |
No |
No |
|
Protocol |
MAPI/legacy EWS |
Content Search/ EWS |
Microsoft Graph API |
|
Handles throttling (429) |
No |
Partial |
Yes, retry with backoff |
|
Resumable on failure |
No |
Partial |
Yes, delta query + pagination |
|
Bulk/batch conversion |
No |
Limited |
Yes |
|
Selective export (date/folder) |
Limited |
Query-based |
Yes |
|
Ease of use for non-compliance admins |
Moderate |
Low |
High |
|
Metadata preservation |
Inconsistent |
Yes |
Full (flags, categories, read state) |
Issue: A mid-sized IT services company with 600 employees was migrating from one Microsoft 365 tenant to another after a corporate merger. The organization managed 35 shared mailboxes, some exceeding 40 GB, used across departments like Support, HR, Finance, and Sales.
Initially, the IT team used Outlook’s Export to PST method, but the process became inefficient due to auto-mapping issues, slow performance, mailbox-by-mailbox handling, and frequent export interruptions.
Solution: To overcome these challenges, the team switched to a Microsoft Graph API-based export solution using Microsoft Entra ID app registration and admin consent. They exported all shared mailboxes in bulk, applied filters for older data, and preserved full mailbox structure and metadata.
The solution handled throttling, retries, and resumable exports automatically, generating PST files directly from Exchange Online without Outlook dependency.
Result:
Shared mailboxes are an essential collaboration feature within Microsoft 365, but exporting them manually can be complex and inefficient. Traditional Outlook-based methods struggle with scalability, reliability, and automation.
Microsoft Graph API provides a modern approach by securely accessing Exchange Online directly, eliminating Outlook dependencies while preserving mailbox integrity. Organizations that regularly back up, archive, or migrate shared mailboxes can significantly reduce administrative effort by using a Graph API-powered solution.
Whether your goal is compliance, disaster recovery, tenant migration, or long-term archival, a Graph API-based Shared Mailbox to PST Converter delivers a faster, more secure, and enterprise-ready solution.
Ans. Yes, Graph API-based tool connect directly to the mailbox via the cloud, with no dependency on a local Outlook client or MAPI profile.
Ans. This is usually caused by Autodiscover v2 resolution delays or caching issues. It can be worked around with PowerShell (AutoMapping $false plus manual profile addition), but this doesn’t affect Graph API-based exports since they bypass Outlook entirely.
Ans. Not for the long term. EWS is on Microsoft’s deprecation path for Exchange Online, and any tool still built on it will eventually stop working. Graph API is the supported, forward-compatible path.
Ans. Shared mailboxes have 50GB of storage by default. Larger mailboxes require an assigned Exchange Online Plan license to raise the limit
Ans. Any subsequent Graph API calls will return a 401 Unauthorized or InvalidAuthenticationToken error once the current bearer token expires (tokens are typically valid for about an hour). The tool’s pre-flight validation checks consent status before starting a job, but if consent is revoked during an active run, the job will fail on the next token refresh and should be restarted after consent is reinstated.
Ans. The full folder hierarchy is captured. The tool traverses childFolders navigation properties recursively from the mailbox root, reconstructing the complete IPM subtree, including custom user-created subfolders, rather than only exporting default folders.
About The Author:
I am Neeru Kuchhal, a Technical Content Writer who focuses on turning complex ideas into clear, engaging, and impactful content. I combine creativity with strategy to write blogs, web content, and technical articles that connect with the right audience and support brand goals. I believe great content is not just written. It is thoughtfully created to inform, build trust, and drive action.
Related Post