Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Approval driven cloud O365 group membership

Microsoft

By default, any cloud O365 group created at AAD is Public and anyone in company can join it. I want to restrict that either one of the appraoch

  1. member sends a request which should be approved by the Owner of that group
  2. only owner can add other members.
4 Replies

You cant. Public means public, anyone can join and/or be invited.

 

The default type is actually changing to Private now. And you can also toggle it on the org level:

 

Set-OrganizationConfig -DefaultGroupAccessType Private

Would it possible to create a new cloud O365 group as private without updating the OrganizationConfig as I don't have access on it?

Yes, it's possible. It's actually one of the options you need to specify when creating a Group. I'd strongly recommend you at least review the documentation first: https://support.office.com/en-us/article/create-a-group-in-outlook-04d0c9cf-6864-423c-a380-4fa858f27...

I'm creating these groups from Azure Portal (portal.azure.com) -> AD -> Groups screen which does not provide an options to create a group with private setting. Will check the options mentioned by you.

 

I will also validate that the group created using suggested links is type of cloud O365 group (not a master on-premise group sync to AAD) as the Microsoft Graph API can not add a member into on-premise sync group.

 

Thanks