Hello from the Office 365 Groups Engineering Team

Microsoft

Hi everyone!  I am the Group Engineering Manager for O365 groups.  I will be encouraging more of my engineers to participate in this forum  to help answer questions and share solutions.  

 

Let the fun begin!

60 Replies

Hi, we'd like a way to hide, by default, all O365 groups from our GAL. We want users to be able to create groups (both directly and/or via Planner), so controling/locking down that aspect doesn't solve the problem. Currently, we're having to run a Powershell script at regular, daily intervals to hide O365 groups.

 

Any advice welcomed!

 

Thanks,

Mike.

I am curious to know if there will be a possibility to have a group admin create events that members can´t delete. Today are these events possible to be deleted by members. I have schools that see a benefit for class schedules with groups.

 

Or do you have any better solution?

 

Best regards, Ove

We have disabled group creation by end users due to group creation getting out of hand and not following our governance model for sharepoint sites. This also enatialed disabling planner. Now I hear Yammer groups are going to create an office 365 group and a teamsite which I dont govern... WHY...When will we be able to see and manage the site collections created by office 365 groups?

@Jim Van Eaton

Robert, I am not in control of our groups or decisions, but the governance is something I worry about. We do have the Planner enabled which does give a back door to create a group. We are on a University campus and if every student creates a Planner for each of their courses that could be as many as 8 planner/groups/file storage/calendars/OneNote's created. That is assuming they don't also create one for other activities they are involved in. If you conservatively say 500 students create just 4 planners, that is 2000 planners inthe first year alone.

Hi Jim,

 

Glad to have your team on board and working to demystify some of issues with Office365 Groups.

 

My question specifically is when can we expect soft delete functions from SPO to come into Groups? The ability for an accidental deletion to have serious repercussions is holding back some of my clients from adopting groups as readily as they were.

Antony, "soft delete" is on our public roadmap and expected to arrive to a tenant near you in the fall timeframe: http://fasttrack.microsoft.com/roadmap?filters=#I-31837

Hi @Gregory Frick.  You are correct that Planner bypasses the naming policy because they currently use the msgraph api's that talk directly to AAD.  AAD team is currently working on implementing the naming policy.

 

We implemented from our side (Exchange Online) as a way to give customers DL naming policy parity in a more expedient fashion.  AAD must now implement this feature from their side so all workloads will create groups using the same naming policy.

Guest Access. Bring it on! 🙂

@Jeremy Mazner will you give @Robert Woods some commentary on this?  Thanks

I would love to see your students use Planner to that extent! How can we help make that happen. 🙂

To use group calendars we need to have the teacher set events that students can´t delete. If that is solved then we can switch from Exchange calendars and team sites to Groups.

 

This school is a vocational school for higher ed, one of the tracks is SharePoint developers.

 

Ove Bristrand

NetIntegrate

Hi

 

In order to prevent students deleting, you can set the calendar permissioings to readonly for members(aka students) . Please use the set-unifiedgroup cmdlet for all the class groups and set CalendarMemberReadOnly 

 

https://technet.microsoft.com/en-us/library/mt238274(v=exchg.160).aspx

 

FYI here is a recent article on how to manage group creation using the newly released Azure AD policy: Manage Office 365 Group creation for Microsoft Planner (note we made more announcements around governance last June in this post: What’s new in Office 365 Groups administration—June 2016 update & we'll have lots of content at Microsoft Ignite around Groups governance next month in Atlanta, yes all the recordings will be made publically available shortly after the event)

Lots of great energy here. If we could move subsequent q/a to separate threads, that'd be better. Don't worry - @Jim Van Eaton and the engineers reposnd to the other threads, too :-). 

Hello Team,

 

I am in the process of evaluating O365 Groups and Planner and in the process of creating documentation for my Staff. I have few queries regarding O365 groups and Planner. 

 

1. We dont have/use Azure AD subscription. One of the article which i came across asks to use Azure AD admin portal to create Security groups etc? how can i block users creating O365groups in simple way? I want to create 2 policies. One for IT Staff (create groups) other one for users (deny creating groups)

 

2. Can office365 groups contains other o365 groups,legacy DL's or legacy Security Groups as members?

 

3. If i allow Manager to create O365 Group/Plan and he creates plan, add all his direct reports as members of this group. Can these members work on Planner with full permissions even though they dont have rights to create Groups?

 

4. How do i apply a Storage quota policy only for O365 groups? I dont want all my new groups to be created with default Storage Quota of 1TB etc.

 

 

 

Antony - We are working on adding Soft Delete capability for Office365 Groups and this should be available soon. Ove - You can set "-CalendarMemberReadOnly" property on the group that will give only read access to members and they cannot delete any events. Please see the details on how you can do this at https://technet.microsoft.com/library/mt238274(v=exchg.160).aspx . Gregory - The naming policy feature is currently available only for groups created from Exchange endpoints (i.e. OWA & Outlook). We are working on adding this capability across all workloads like Planner etc.

+ 1 on setting a default to hide group email addresses from the gal by default. we are in the exact same boat.

Although you can't set a default to have Office 365 Groups hidden from the GAL, it's easy to do in PowerShell:

 

[PS] Get-UnifiedGroup | Set-UnifiedGroup -HiddenFromAddressListsEnabled $True

 

Voila!  All groups will now be hidden. They can still be used, buit they will be hidden.

 

Not that I would want this to happen...

Thanks @Jim Van Eaton. Do you know if the AAD Team has an ETA. @Brian Arkills

Hi Allan,

 

I would love to hear more once you have implemented the tool and used it more.

 

Many thanks