This Guide primarily discusses role-based accounts, how to get one set up, how to use one, and gives other general guidance on the use of these accounts.
This Guide can also be used to set up access to a personal account for which access authorisation has been obtained: the method is the same.
The Guide focusses on the use of Outlook for role-based accounts, but information on their use with Mulberry or Thunderbird is also provided - see the relevant entries in the Contents list.
For the sake of simplicity, we'll refer to role-based accounts simply as "role accounts" in the remainder of this Guide.
A role account is an account that acts as a contact point or as shared working space for use by a group of staff, whether this be for administration, research or any other group purpose. It differs from a personal account because it is associated with a role and is not tied to or associated with any particular person. However, the account must have a current member of staff as its registered "keeper" who holds responsibility for the account and its use. A role account is essentially future-proof in that it remains as it is, even if the people using it change as they leave the university or change roles.
Functionally, a role account is no different from a personal email account. The only real difference is that it is provided by IT Services for use to support a role rather than as a personal account, and - unlike personal email accounts - may be shared by authorised members of staff.
Role accounts are normally available only to staff. They are not available to student groups, and students may only use them if they are doing paid work for the University or as part of a project being run by a member of staff. All role accounts must have a member of staff as their registered keeper, and that person must also take full responsibility for the use of the account and any issues arising from this. Any member of staff authorised by the registered keeper of the account may access the role account on behalf of their staff group. How this is actually organised is the responsibility of each group.
We recommend that you first discuss your requirements with IT Services, to determine whether or not a role account is the most appropriate solution for you. The best way to do this is to contact us at Online Support. Once this has been decided, make sure you have discussed and agreed all the necessary details of the new role account with your colleagues. Then visit the IT Services website and click the red Help button, then either (depending on the web browser you're using):
It is vital that you complete and submit the online form, because this not only records your request formally but also gives you the means to provide us with all the information we need to set up the new account.
When a role account is created, it is normally given a username (login name) beginning with grp- and ending with a number, for example grp-123 (the grp- prefix stands for 'group', as these used to be called group accounts, though their remit has now widened). The number is allocated sequentially but has no other significance. The account will normally also be given a friendly email address, as requested by you, though some role accounts are not used for email and are not given friendly addresses. If the requested email address is already in use, we will notify you and ask you to provide an alternative. This address would normally be used for all communication with that role account, and its username would only be used by staff for logging in (signing in) to the account.
When we have created the role account, we will contact you by email to let you know the account details are ready for collection. We do not normally send account details by email, so you would normally need to call in at our Service Desk in the Shawcross Building to collect them.
A role account always has a registered keeper; that is, the person who is formally responsible for it. If you are leaving the University or changing role so that you will no longer have responsibility for a particular role account, it is vital that you arrange with IT Services for the account to have a new 'keeper', or refer us to someone who can arrange this. If you do not do this, we will not know who is responsible for the account, and if any mishap or misuse occurs then you may be held responsible. If you leave the University without arranging for a new keeper for the account, it will close automatically along with your personal account after you have left, and this could cause serious disruption for your former colleagues. ITS does not monitor staff changes and cannot automatically reassign ownership of role accounts when staff leave or change role.
If the registered keeper of a role account is not known, please contact IT Services to find out.
It's normally necessary to make some configuration changes in your preferred email application (Outlook etc) to allow you to access a role account alongside your own. It is however possible to login to a role account on its own, directly using Webmail (normally Outlook Web App), and no special configuration changes are needed. The sections below (for Outlook, Mulberry and Thunderbird) describe how to prepare your preferred email application to access a given role account.
There are two methods of accessing a role account's email with Outlook or Outlook Web App (OWA):
If you wish to access another person's account, whether it be with their permission or for another operational reason, you must first obtain formal authorisation from the Director of IT Services. This is required by the University's Institutional Access Policy (see Appendix 1).
Direct access with a password
You will need to create a profile for Outlook to allow you to login to the role account directly, using the account's own username and password. See the Email for Staff and PhD Students guide to Outlook, for details. You do not need to create a profile to access the account with OWA. Direct access to the account like this will allow you to use the account in exactly the same way as if using your own personal account. However, this method only allows access to one account at any one time.
Delegated access
Delegation is a means of providing named people with access to specified email accounts from their own personal email accounts. The advantage of this method is that passwords do not need to be disclosed, so delegation makes the accounts more secure against unauthorised use and is why IT Services recommends this method of access. Delegation is possible only for accounts hosted on the Exchange email and calendaring system. You may only freely set up delegated access to a role-based account. You must not set up delegated access to a personal account without first obtaining authorisation from the Director of IT Services.
How to delegate access to a role or shared account
For someone to be able to read and send emails in a role-based account or other shared account, they need to be given delegated access to the account. That means the account's registered keeper (normally the only person who knows the account's password) must first provide the delegated access. If you are the registered keeper of a role account, you may still need to run through the delegation procedure described below before you can send emails on behalf of the account (although it's possible that you will already be able to view its folders and items in Outlook):
After delegation has completed, if you are not already able to see the role account's mailbox in your Outlook account (in some cases this will happen automatically for account keepers), then you need to add it as described below (the instructions apply to Outlook 2010 or Outlook 2007). We recommend closing Outlook and then restarting it before making these changes.
Adding a shared account to Outlook
First, login to your own account in Outlook.
Start with step 1 or step 2, according to whether you're using Outlook 2010 or Outlook 2007.



Please read the Important things to remember section for information about sending email from a role account using delegated access.
Removing a shared account from Outlook
If you no longer require access to a shared account (for example if you change role and no longer need to use the account), you should remove the account from Outlook as follows:
Configuring Outlook Web App (OWA)
Outlook Web App is limited in its ability to handle additional accounts. You can view the Inbox for a role account and send email on its behalf, but you can't view any other folders. You may find it easier to login directly to the role account in OWA, then the steps below will not be necessary.
To view the Inbox, first delegate the appropriate permissions (see above) and then:
A reference to the other account, and its Inbox, should now appear below the list of your own folders. Click the Inbox to open it, just as with your own folders.
If the account access permissions are not correctly set then you may see a message saying that "An object could not be found". If you believe that you have the correct access permissions but cannot open the folders, try closing and then restarting Outlook. Try also closing down your computer and restarting it. Contact IT Services for assistance if you are still unable to view or send messages.
IMPORTANT THINGS TO REMEMBER when sending email from a role account using delegated access
How to remove delegated access from a role or shared account
You can remove individuals from an account's list of delegates in Outlook 2010 or Outlook 2007 as follows:
Information on setting up Mulberry for use with a role account can be found in FAQ 2470.
Instructions for adding an extra account to Thunderbird can be found in the Guide to Thunderbird - see the section on installing extra Thunderbird accounts.
Mail folders should be used to store related email in its own dedicated space, rather than all mixed together in the Inbox, and will make it much easier to handle the various types of business associated with a role account.
Name the folders according to particular tasks, activities or business in the group, so that email related to those tasks can be stored appropriately and be easier to find later.
The nature of a role account, and the way it is used, emphasises the need for extra security for the account's password.
created on 2010-01-01 by Andy Clews
last updated on 2013-07-25 by Chris Limb