Recommendations on Naming Conventions for O365 Groups

Silver Contributor

What are others out there doing for their naming conventions on O365 Groups?  Looking for recommendations, whats working well, what might not be necessary after you implemented it, etc.

19 Replies
Looking at data, not a lot of customers have implemented naming policies since it's not very natural to end users and might reduce engagement, so would not recommend any complex prefix_NAME_suffix. I know of one customer who has just added a "G" in front of the name to differentiate them in AD. Please note that we have not delivered yet naming policies in AzureAD (currently we only apply naming policies to groups created via Outlook endpoints)

We added a prefix for all O365 groups so they could be easily identified in the GAL. If I recall in EAC there's an option to create a group policy. The user can create the group name however they'd like and once the group finishes creation it adds the prefix to the front of it.

We are a company with a single tenant for about a handful of sub-companies. We are completely stuck in our Office 365 roll-out because everything nowadays relies of Groups and there is no way to enforce a naming policy. We prefix our DLs with a short prefix identifying the relevant company and we want to do this for Groups as well, since Groups are listed in the GAL. Currently we're getting spammed with all sorts of weird names because people create Groups via Power BI, Planner and all kinds of places that don't respect the policy we have set in Exchange.

For us it is a huge problem that Microsoft keeps changing everything to use Groups without giving us the necessary admin controls. I can see that the AAD naming policy is still in development, which probably means it will take at least six months before it is rolled out. Until then we are stuck with our users screaming at us to enable all the new features being announced. Of course, we can create the Groups for them manually, but we really don't have the staff for this. And I don't see that as the intention for Groups.

Any suggestions on how we can start using the features relying on Groups without ending in chaos would be greatly appreciated.

We are in the same boat.  We have disabled (as best we can) everything with O365 Groups.  We can't have someone creating a new one as "President@comanyx.com" or just something vulgar in our GAL.  User's also don't know a group they create in OWA it is listed in the GAL (such as "my sister's wedding" that someone created in ours).  All other similar institutions we talk to are doing the same.

 

Please give us admin controls on the naming conventions and the ability to remove them from the GAL.

We disabled group creation in AAD and made it so that our admin team can create groups on request (this is how our organization currently does all requests for SP sites, email groups, etc, so it made sense). This is to prevent the kind of chaos that you are referring to, ensure we dont have unnecessary duplication, and have some kind of structure. We are only on at the beginning of the process, but we did get out ahead of it before it could run rampid.

And I know, blah blah, empowering end users and shadow IT and all those buzz words, but my biggest complaint against Groups has always been provisioning so much garbage that isnt needed, it makes a massive mess of things for IT.

Someone else mentioned in another thread, it would be potentially a good practice to do some PowerShell scripting and to do something like this: get all groups, if it doesnt have GRP- on the front, add it, otherwise skip:

$O365Groups = Get-UnifiedGroup
foreach ($O365Group in $O365Groups){
Write-Host $O365Group.DisplayName
if($O365Group.DisplayName -like "GRP-*"){
Write-Host "OK" -ForegroundColor Green
} else {
Write-Host "Not OK" -ForegroundColor Red
Set-UnifiedGroup -Identity $O365Group.Name -DisplayName ("GRP-"+($O365Group.DisplayName))
}
}

As mentioned on our public roadmap and at Ignite in this session we are working on these three features around naming policies: https://www.youtube.com/watch?v=mfox9-L5Xt0

- naming policy

- banned words

- profanity checking

Directory management – what’s nextDirectory management – what’s next

I see on the Office blog that the Azure AD Naming Conventions will be available within the next 3 months. That is really great.

 

Unfortunately it requires Azure AD Premium...

 

It is really disappointing that every time Microsoft adds something to the cloud service portfolio, we have to pay more. They're continously adding extra layers of higher tier subscriptions and suites. I wonder when we will see the E7 plan...

 

 

https://blogs.office.com/2017/04/06/whats-new-in-office-365-groups-for-april-2017/

 

Will we be able to manage special characters as well?

Interesting this is the first I am seeing this being Premium required. I also see guidelines and classifications are marked as premium. These currently don't require premium so why the change? What about the tenants that are using classifications and guidelines that aren't using premium currently? 

 

@Christophe Fiessinger

Also I have started moving to a naming standard of "ogrp-" for O365 Groups vs other Groups.
@Brent Ellis, do you hide O365 Groups from your GAL?

With adding a prefix to all groups, what happens to SharePoint sites that are created as O365 Group Connected? Do the sites assume the prefix too?
We don't hide ours from the GAL (at least havent had a need to yet)

We are replacing old Distribution Lists in AD (most of which have been out of date) with each group that gets created if it existed

For the SharePoint site, we add "group_groupnamehere" as the alias, so it's site becomes https://mytenant.sharepoint.com/sites/group_groupnamehere, and the email address is group_groupnamehere@company.com. But the display name is "GROUP - Group Name Here"
Also, what happens when a Microsoft Team is created and creates an Office 365 group? Does it adhere to the groups naming policy?

That's good new but we have limited funding.  Looks like the requirement for this is "Group naming policy requires Azure active directory Premium P1 license for unique users that are members of Office 365 groups"

Hi All, thanks for starting this thread Brent and others for the helpful responses. I am looking for a solution that balances the needs of the teams that manage and look after AD as well as the end user.  My concern using the same pre-fix is both UX and UI related - and end user looking for a specific group in a list of groups that all start with "G" or "Group" etc. will have a hard time finding it - it's an extra "mental tax" to using the product. From a UI perspective, using pre-fixes also means that it's harder to read the full name of a group in the UI. On the flip side, I can completely understand the needs of the AD and Exchange teams.

 

Having watched both the MS session and Martina's session it seems to me it should be possible to balance these in one of two ways:

1 - use a only suffix instead of a pre-fix

2 - allow the users to create the groups as they wish and, as it is created, write it into the directory with the pre-fix/suffix of choice. Creation is easy, the display name makes sense and the needs in AD are met

 

In your experience are these feasible options (I do not come from a technical background)? Thanks for any input

We use dl_ for our distribution lists. r_ for our conference rooms and therefore grp_ for our groups when created through Outlook endpoints.

 

Would like to see Azure AD group name convention and group lifecyle management coming out of preview so we can start using it though.

The difficulty we are facing with this model for naming policies is that it exploits only attributes of the currently logged-in user, hence an automated procedure won't be able to rely on that (e.g. the "create on behalf of" could be a great feature here ).  

 

Add the variety of the business needs, e.g. create groups for projects/initiatives, or ad-hoc groups or departmental teams, etc. leads to making use of administrator's exceptions mostly at all times.

 

 

So we ended up every time into providing a form enabling collection of a various parameters, that get concatenated to fit the purpose of the customer, curated to escape spaces and other unwanted characters, and ultimately the prefix / suffix are merely used to add small things to match A-AD requirements set by admins.

 

A most appropriate solution should allow the definition of a formula, e.g. RegEx language, and injection of parameters via a pre-defined syntax to abide by, instead of exploiting user's attributes. 

Office 365 naming policy has been in place according this article. Group naming policy will have following features:

  • Prefix-Suffix naming policy You can use prefixes or suffixes to define the naming convention of groups (for example: “GRP_US_My Group_Engineering”). The prefixes/suffixes can either be fixed strings or user attributes like [Department] that will get substituted based on the user who is creating the group.

  • Custom Blocked Words You can upload a set of blocked words specific to their organization that would be blocked in groups created by users. (For example: “CEO, Payroll, HR”).

need execute powershell commands to set this up. please review above article