print friendly version

How to...

Using Role-based Accounts or other shared accounts


Quick guide

We have a separate quick guide to add a role-based account to Outlook.

Outlook logo

If you need more detailed information, please see the rest of this page...




This Guide primarily discusses role-based accounts, how to get one set up, how to use one, and gives other general guidance on the use of these accounts.

This Guide can also be used to set up access to a personal account for which access authorisation has been obtained: the method is the same. 

The Guide is primarily for the use of role-based accounts with Outlook, but information on their use with Thunderbird is also provided - see the relevant entries in the Contents list.

For the sake of simplicity, we'll refer to role-based accounts simply as "role accounts" in the remainder of this Guide.


  1. What is a role account?
  2. The registered keeper of a role account
  3. Who can use a role account
  4. How to apply for a role account
  5. Changing the registered keeper of a role account
  6. Getting ready to use a role account

    Using role or shared accounts with Outlook or OWA
  7. Accessing a role account or other shared account with Outlook
    Direct Access
    How to delegate access to a role or shared account
    Adding a shared account to Outlook
    Removing a shared account from Outlook
    Configuring Outlook Web App (OWA)
    What to do if it doesn't work
    How to remove delegated access from a role or shared account

           Other useful information
       8. Making use of mail folders in a role account
       9. Password guidelines

1. What is a role account?

A role account is an account that acts as a contact point or as shared working space for use by a group of staff, whether this be for administration, research or any other group purpose. It differs from a personal account because it is associated with a role and is not tied to or associated with any particular person. However, the account must have a current member of staff as its registered "keeper" who holds responsibility for the account and its use. A role account is essentially future-proof in that it remains as it is, even if the people using it change as they leave the university or change roles.

Functionally, a role account is no different from a personal email account. The only real difference is that it is provided by IT Services for use to support a role or function rather than acting as a personal account, and - unlike personal email accounts - may be shared by authorised members of staff.

2. The registered keeper of a role account

A new role account is set up under the account management record of a member of staff.  That person is deemed to be the registered keeper of the role account, and is the person responsible for delegating access to the account, and for any issues that may arise from the use of the account.

3. Who can use a role account

Role accounts are normally available only to staff. They are not available to student groups, and students may only use them if they are doing paid work for the University or as part of a project being run by a member of staff. Any member of staff authorised by the registered keeper of the role account may access it on behalf of their staff group. How this is actually organised is the responsibility of each group.

[back to top]

4. How to apply for a role account

We recommend that you first discuss your requirements with IT Services, to determine whether or not a role account is the most appropriate solution for you. The best way to do this is to contact us at Online Support. Once this has been decided, make sure you have discussed and agreed all the necessary details of the new role account with your colleagues. Then visit the IT Services website and click the red Help button, then either (depending on the web browser you're using):

  • Enter your username and password where shown and click login, then click on the icon for a 'new role-based account', then complete the online form that appears.


  • Under How can we help?, in the Please choose... list, select Set up a role-based account.   Then enter your username and password where shown and click login, then complete the online form.

It is vital that you complete and submit the online form, because this not only records your request formally but also gives you the means to provide us with all the information we need to set up the new account.

When a role account is created, it is normally given a username (login name) beginning with grp- and ending with a number, for example grp-123 (the grp- prefix stands for 'group', as these used to be called group accounts, though their remit has now widened).  The number is allocated sequentially but has no other significance. The account will normally also be given a friendly email address, as requested by you, though some role accounts are not used for email and are not given friendly addresses. If the requested email address is already in use, we will notify you and ask you to provide an alternative. This address would normally be used for all communication with that role account, and its username would only be used by staff for logging in (signing in) to the account.

When we have created the role account, we will contact you by email to let you know the account details are ready for collection. We do not normally send account details by email, so you would normally need to call in at our Service Desk in the Shawcross Building to collect them.

[back to top]

5. Changing the registered keeper of a role account

A role account always has a registered keeper; that is, the person who is formally responsible for it. If you are leaving the University or changing role so that you will no longer have responsibility for a particular role account, it is vital that you arrange with IT Services for the account to have a new 'keeper', or refer us to someone who can arrange this. If you do not do this, we will not know who is responsible for the account, and if any mishap or misuse occurs then you may be held responsible. If you leave the University without arranging for a new keeper for the account, it will close automatically along with your personal account after you have left, and this could cause serious disruption for your former colleagues. ITS does not monitor staff changes and cannot automatically reassign ownership of role accounts when staff leave or change role.

If the registered keeper of a role account is not known, please contact IT Services to find out.

[back to top]

6. Getting ready to use a role account

It's normally necessary to make some changes in your preferred email application (Outlook etc) to allow you to access a role account or other shared account alongside your own.  It is however possible (if you have the password for a role account or shared account) to login to the account on its own, directly using Webmail (normally Outlook Web App), and no special configuration changes are needed.   The sections below describe how to prepare your preferred email application to access a given account.

7. Accessing a role account or other shared account with Outlook

There are two methods of accessing a role account's email with Outlook or Outlook Web App (OWA):

IMPORTANT NOTE:  If you wish to access another person's account, whether it be with their permission or for other operational reasons, you must first obtain formal authorisation from the Director of IT Services.  This is required by the University's Institutional Access Policy (in particular, see Appendix 1).  See also FAQ 2640 which gives Governance Office guidelines regarding delegation of email management by senior staff to assistants.

OPERATIONAL DIFFERENCES between direct and delegated access to shared accounts

The table below shows the operational differences between using a role-based or other shared account in Outlook, by means of direct access and by means of delegated access:

  Direct access
Delegated access
How access is obtained Username and password required Delegated by the account owner (no password needed)
Where sent emails are saved In the role account's Sent Items folder In your own Sent Items folder
Can be set separately for each account used Uses your own signature
Changes to folders in the role account Seen by all those accessing the role account Seen by you only
Sender information From the role account From you 'on behalf of' the role account



For direct access, you will need the username and password of the required account.   This must be obtained from the registered keeper ('owner') of the account and the direct access method must be agreed with them beforehand.

To add a role-based account to Outlook, please follow these instructions.

[back to top]

8. Making use of mail folders in a role account

Mail folders should be used to store related email in its own dedicated space, rather than all mixed together in the Inbox, and will make it much easier to handle the various types of business associated with a role account.

Name the folders according to particular tasks, activities or business in the group, so that email related to those tasks can be stored appropriately and be easier to find later.

[back to top]

9. Password guidelines

The nature of a role account, and the way it is used, emphasises the need for extra security for the account's password.

  • Keep the password secure: with the use of delegation to control access to an account using Outlook, it should not be necessary for anyone except the account's registered keeper to know its password.  If sharing the password is unavoidable, only the members of staff authorised to use the account must be given its password.
  • Only the account's registered keeper should change the account password.
  • In the absence of the registered keeper, other members of the group may change the password if it is considered necessary, but they should inform the account's keeper of this as soon as is practical.   If it's not known who the account's keeper is, contact IT Services for help.
  • If the password is forgotten the registered owner should call in at the IT Services Enquiries Desk to request a new one. They must provide proof of their identity and staff group affiliation.  In the absence of the registered keeper, another member of the group can make the request, but they must provide ITS with evidence that they are a member of the group, and the account's keeper will be notified.

[back to top]

created on 2010-01-01 by Andy Clews
last updated on 2021-09-18 by Alexander Butler