cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Enable Office 365 Group creation for All Users

Denise Child
Iron Contributor

‎Apr 20 2017 09:35 AM

‎Apr 20 2017 09:35 AM

Enable Office 365 Group creation for All Users

How do we allow All Users to create Office 365 Groups after changing it to just our Global Admins?

 

Unable to find information on how to reverse this setting.

I am using an MFA account with AzureADPreview Powershell latest version.

 

Unintended consequences after making this change. One is that Users are unable to set a Favorite on an O365 Group after the change and another is unable to use Planner. This will also affect Yammer going forward.

 

So we want to reverse back to default to where everyone can create an O365 Group.

 

Thanks,

Denise

Labels:
12.5K Views
0 Likes
7 Replies
Reply
7 Replies
Juan Carlos González Martín

‎Apr 20 2017 10:19 AM

‎Apr 20 2017 10:19 AM

Re: Enable Office 365 Group creation for All Users

Ok, I'm following you on this question...well, Planner integration in Teams is not fully functional today so you will find some gaps like this one. Microsoft has promised to reduces these gaps, but not ETA defined yet
0 Likes
Reply
Vasil Michev

‎Apr 20 2017 11:18 AM

‎Apr 20 2017 11:18 AM

Re: Enable Office 365 Group creation for All Users

To revert the changed settings, you will have to either remove the entire Settings Object or change the Group. The first one is done via:

 

Get-MsolAllSettings | ? {$_.TemplateId -eq "62375ab9-6b52-47ed-826b-58e47e0e304b"} | % { Remove-MsolSettings -SettingId $_.ObjectId }

 

however, it will affect any other changes you have made to the Groups settings object, for example Guest access.

 

To simply update the settings object to allow Group creation and preserve all other settings:

 

$temp  = Get-MsolAllSettings | ? {$_.TemplateId -eq "62375ab9-6b52-47ed-826b-58e47e0e304b"}

$temp["EnableGroupCreation"] = $True

Set-MsolSettings -SettingId $temp.ObjectId -SettingsValue $temp.GetSettingsValue()

 

The cmdlets above are generic, the objectId should apply to all tenants.

 

1 Like
Reply
Denise Child

‎Apr 21 2017 08:12 AM

‎Apr 21 2017 08:12 AM

Re: Enable Office 365 Group creation for All Users

Hi Vasil,

 

I am using AzureADPreview 2.0

 

Not sure what commands to substitute for the last line or if this is written differently.

I do want to keep the existing settings but open it up to everyone again.

 

If I substitute the commands that you wrote with the below, the first two lines work.

I'm stuck on what the third line should be or if it should be written differently.

 

$temp  = Get-AzureADDirectorySetting | ? {$_.TemplateId -eq "62375ab9-6b52-47ed-826b-58e47e0e304b"}
$temp["EnableGroupCreation"] = $True

 

I thought it would be: New-AzureADSetting...

but with the $temp commands I'm missing a $setting variable or something else.

 

I found some help from the below link, but what I have tried is not working.

http://drewmadelung.com/managing-office-365-group-using-azure-ad-powershell-v2/

 

Thanks,

Denise

 

1 Like
Reply
Vasil Michev

‎Apr 21 2017 10:45 AM

‎Apr 21 2017 10:45 AM

Re: Enable Office 365 Group creation for All Users

If using AzureAD cmdlets, you need Set-AzureADDirectorySetting for the last part. There's a detailed guide here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-accessmanagement-groups-set...

1 Like
Reply
Denise Child

‎Apr 21 2017 11:13 AM

‎Apr 21 2017 11:13 AM

Re: Enable Office 365 Group creation for All Users

These commands appear to work but do not do anything.

EnableGroupCreation Value still shows False

 

#Check for settings
Get-AzureADDirectorySetting -All $True | Format-Table Id, DisplayName
Get-AzureADDirectorySetting -All $True | where-object {$_.DisplayName -eq "Group.Unified"} | ForEach-Object Values

 

#Enable again and preserve the current settings

$temp  = Get-AzureADDirectorySetting | ? {$_.TemplateId -eq "62375ab9-6b52-47ed-826b-58e47e0e304b"}
$temp["EnableGroupCreation"] = $True
$setting = Get-AzureADDirectorySetting –Id []

Set-AzureADDirectorySetting -Id [] -DirectorySetting $setting

 

#left ID blank in this post []

 

Am I still missing something?

0 Likes
Reply
Vasil Michev

‎Apr 21 2017 11:20 AM

‎Apr 21 2017 11:20 AM

Re: Enable Office 365 Group creation for All Users

You seem to be using differnt variables. You're setting the EnableGroupCreation to True on the $temp one, then using the $setting. Just copy/paste the example from that article, should work fine. My example was for the MSOL module after all :)

0 Likes
Reply
Denise Child

‎Apr 21 2017 11:46 AM

‎Apr 21 2017 11:46 AM

Re: Enable Office 365 Group creation for All Users

Got it. Thank you so much!

 

#Enable again and preserve the current settings
$template  = Get-AzureADDirectorySetting | ? {$_.TemplateId -eq "62375ab9-6b52-47ed-826b-58e47e0e304b"}
$setting = Get-AzureADDirectorySetting –Id []
$setting["EnableGroupCreation"] = "true"
Set-AzureADDirectorySetting -Id [] -DirectorySetting $setting

 

#Check settings again
Get-AzureADDirectorySetting -All $True | where-object {$_.DisplayName -eq "Group.Unified"} | ForEach-Object Values

 

Denise

0 Likes
Reply