The majority of people in the University will have a Nexus mailbox and Active Directory (AD) record (status UserMailbox) created at the same time that their SSO account is created. The exceptions are non-University members with 'cardholder' or 'virtual' status cards who are not entitled to a Nexus mailbox (see service entitlements). They will have an AD record with status MailUser.
Although a Nexus mailbox is associated with an SSO account, it doesn't use the Single Sign-On system directly for authentication. Instead the SSO password is synchronised with the Nexus AD so the SSO and Nexus passwords should always be the same.
Access to a personal mailbox can be delegated to others personally for 'Send on behalf of' rights or giving access to individual folders. Alternatively, the Service Desk can set either 'Send As' or 'Send on behalf' rights, as well as 'Full Access' to the whole Inbox and all subfolders, calendars, address books etc. at the personal request of the owner. This is typically used for a Personal Assistant accessing their employer's mailbox. To make a request, use the self-service form for Email Account Delegation.
A personal mailbox will normally be visible in the Nexus Global Address List (GAL). This is so that mailboxes can be found, and Outlook autodiscover will work. It is possible to for a mailbox to be hidden in the GAL (this requires Head of House approval).
If a mailbox belonging to a Retiree isn't used within six months of it being set up, it will be removed.
These are often role-based accounts which can be passed on to a different person if the original role-holder leaves. They are essentially identical in functionality to a primary mailbox.
A Project mailbox will be created on request from an IT Support officer.
Generally these accounts are deprecated, as password sharing is a security risk. Shared mailbox access can be achieved using delegation via Outlook or OWA. Also 'Send As' or 'Send on behalf' rights, as well as 'Full Access' to the entire mailbox can be requested via the self-service form for Email Account Delegation.
A password is needed when a mailbox is to be used with IMAP or a mobile phone mail client, or when non-Nexus facilities are needed as well eg mail list ownership, Linux, web space.
A project mailbox without an SSO account can only be accessed using delegation via Outlook or OWA. 'Send As' or 'Send on behalf' rights, as well as 'Full Access' to the entire mailbox can be requested via the appropriate self-service form for Email Account Delegation. These mailboxes are not suitable if access from an IMAP client or mobile device is required.
A Resource mailbox is a specialised mailbox used for calendaring or room booking. In AD it has a status of RoomMailbox or EquipmentMailbox. It cannot be associated with an SSO account.
Non-University members with 'cardholder' or 'virtual' status have a record in AD (Active Directory) but have no mailbox (AD status MailUser). Such people can access SharePoint, and can have an external email address associated with the account so they can participate in SharePoint activities.