Office 365 groups expiration is now in public preview
Published Aug 09 2017 09:46 AM 15K Views
Microsoft

Today we're announcing the public preview of Office 365 groups expiration for Azure Active Directory Premium customers. You can now manage the lifecycle of Office 365 groups, by setting an expiration duration for any group you choose. Once this is set, owners will be asked to renew their group as they come close to expiry if they want to continue to use them. Any group that is not renewed will be deleted.

 

Office 365 group expiry in the Azure Active Directory dashboardOffice 365 group expiry in the Azure Active Directory dashboard

Office 365 groups expiration can be configured from the Azure Active Directory portal, as well as programmatically via Azure Active Directory PowerShell. You can also create a policy that applies to all the groups in your tenant.

 

30 days prior to the expiration of a group, renewal notifications are sent out by email to the owners of the group, from which they can renew their group with a single click. If the owners don't renew the group within the required timeframe, the group expires, and is deleted.

 

This is all made possible with two features we recently shipped: soft-delete and restore. This means you can restore your Office 365 group and all its content, including SharePoint, Planner, Outlook and so on, for a period of 30 days from when the group was deleted. Check out more details about how to restore deleted Office 365 groups here

 

The Office 365 groups expiration feature is available in public preview today for Azure AD Premium customers. We'll be contacting all Office 365 customers who subscribe to Azure AD Premium via the message center to let them know this is available. Check out Alex's blog post on the Enterprise Mobility and Security Blog.

19 Comments

Let me ask here too, any chance to support more than 1 policy per tenant?

Hi Vasil, Currently there can only be one policy applied for the entire tenant.

Steel Contributor

An FYI for anyone turning this on: If a Group is already older than the renewal time, they will receive an email from msonlineservicesteam@microsoftonline.com with a 'renew group' button within a few minutes.

 

Fortunately, we don't have very many groups, so when I enabled this for everyone I was able to send out a heads up to everyone pretty quickly, however if you have a large tenant, you'll probably want to communicate ahead of time why they're receiving these funny looking emails :)

 

group-renewal-email.jpg

 

 

 

 

Hey Stephan, correct...groups older than the expiration period defined by the admin will not be expired/deleted immediately. An email notification is generated to the group owner giving them a period of 30 days in which to renew their group. 

Deleted
Not applicable

Much awaited feature. thanks for the heads-up.

@Kairaz Contractor I know only one is supported currently, just wondering whether you have any plans of providing more than one. I can imagine it being useful in large organizations, multi-nationals, etc.

From a tenant admin, powershell or API perspective is there and easy way to enumerate all groups in soft delete status? Thinking about the scenario of ensuring no content is on legal hold and no records are on the site needing to be archived / retained via some external tooling before the 30 day restore period is over. So we would use this to have non renewed groups go into soft delete, archive anything needed for retention via some automated process, and then let it expire. Is that possible today or something the team is considering?
Bronze Contributor

Hi, I'm not sure if this feature currently works as inteneded or if I'm currently affected by a bug.

For trial purposes I've set the "Group Lifetime" to 31 days for 1 selected group.

Ever since I've activated the feature for this group, I have received the renew notification every day (every time with the expiration date one day later in the notification text), even though I've renewed the group and got a confirmation on the web page.

Iron Contributor

Can you confirm that this is only available for AAD Premium subscribers?

@Vasil Michev Hey Vasil, currently there are no plans to have multiple expiration policies on the same tenant. We are continuiing so scope out capability improvements for the feature, so keep the feedback coming! Thanks..

No worries, just looks like a good idea for me. Hopefully enough customers will request it :)

@Ivan Unger: Hi Ivan, renewal notifications are sent out 30 days, 15 days and 1 day prior to the expiration of the group. If you have set your group lifetime duration to 31 days, you will receive your 30-day notification within 24 hours. When you click renew, your group is being renewed for the next 31 days, so the day after, you will receive a new 30-day notification.

 

If you do not renew the group immediately, the next notification you will receive should be 15 days prior to the expiration date. Please let me know if you have been renewing the group each time you received the notification, or if you had renewed it only once, but are still receiving notifications daily. Thanks!

Bronze Contributor

Thanks. This makes more sense now. I have renewed it daily. 

Brass Contributor

@Tom Batcheler, great rundown, thanks.

 

I see in the settings for the Group expiration policy that you can 'Enable expiration of select Office 365 groups'. Is it planned that there will be a selection to 'Exclude' select groups from the policy?

 

I can see instances where there are teams within an organization where the group is definitly going to live for the life of the organization's tenant (think HR team or IT team).  From a maintenance standpoint, there would be the desire for having any self service groups or Team Sites (with a group) to be expired on 30-60 day cycle but it will be tedious for the site owners of long term groups to always have to renew their group every 30-60 days. For groups that you know are going to exist forever, it would be nice to Exclude them. Any plans for this in the roadmap?

Bronze Contributor

I like Jasons "Exclusion" approach. This fit our need better than the current manual inclusion approach that is implemented.

Copper Contributor

This is one of the features that we really need!

 

Can someone confirm the licencing?  Azure premium P1 or P2?

 

Cheers!

Hey Lou,

 

An AAD Premium P1 license is required for this feature.

 

Kairaz 

Copper Contributor

Is it covered with just the admin accounts having AADP P1 licens?

 
Brass Contributor

One thing I'd really like to see with this is something like "auto-delete after X days of inactivity".  So if there are no new files added, no new chats, etc then 30 days later the owner get's the renew notification.

 

It doesn't make sense to pester the owner of a large and very active group, (HR, Finance, etc) asking if they'd like to renew there group if that group is VERY heavily used.  It's bad for the IS department's brand image to pester users like that.  

 

Another thing I'd LOVE to see is the ability to customize these messages even just a little bit.  We've been training users for the last couple of years to not click on "Phishy" looking emails, and we already have users who don't click on these renewal notices because they look like a phishing attempt.  To make it worse is that it doesn't even come from our corporate email domain name.  That just screams phishing attempt to users so they don't click on the renewal, and then their group get's deleted.  

 

We NEED to have some ability to customize these emails so that it at least looks like it came from our corporate IS team.

 

Thanks.

Ted

Co-Authors
Version history
Last update:
‎Feb 10 2023 12:26 PM
Updated by: