Naming policy for O365 groups

Copper Contributor

Hello,

 

We currently use a sub-domain for O365 Groups at our organization. However, we started to research how to enforce a naming policy for O365 Groups according to this article:

 

https://docs.microsoft.com/en-us/azure/active-directory/groups-naming-policy

 

The article states: "using the Office 365 Groups Naming Policy preview requires Azure Active Directory Premium P1 licenses or Azure AD Basic EDU licenses for each unique user that is a member of one or more Office 365 groups."

 

Since we currently have E3 licenses, we thought we were good to go, based on this information. I then noticed this morning in our tenant's message center, there's a new message: "Changes to blocked words configuration settings for Office 365 group names". It says that the ability to configure blocked words and group naming policies via New-AzureADDirectorySetting and Set-AzureADDirectorySetting will be disabled on 5/24/18 and can only be accomplished using the O365 Groups Naming Policy feature, which is restricted to AAD Premium.

The aforementioned groups naming policy article which said the functionality requires Azure AD Basic EDU licenses was only written on 3/29/18, so I was wondering if anyone can help clear this up. Thanks.

 

@cfiessinger

 

 

3 Replies

I will let Christophe address the licensing question, just wanted to mention that you should be testing with a regular user account, not any admin one, as admins are exempt from the naming policy across all endpoints.  

Adam,

- If you purchased Enterprise Mobility + Security E3 then it does include Azure AD P1 https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security-pricing

- You can still define a list of blocked words using this paraemeter CustomBlockedWordsList, we are deprecating this particular one: EnableMSStandardBlockedWords see this https://docs.microsoft.com/en-us/azure/active-directory/active-directory-accessmanagement-groups-set...

- As Drew mentioned to test this feature, you'll need to be logged in as a non-admin, from the documentation: "Selective administrators are exempted from these policies, across all group workloads and endpoints, so that they can create groups with these blocked words and with their desired naming conventions. https://support.office.com/en-us/article/office-365-groups-naming-policy-6ceca4d3-cad1-4532-9f0f-d46...

@cfiessinger I think we need some clarification here. We have read in multiple places that blocked words and naming policies are only available with AAD P1 licensing, except for this one link which also happens to be the most current. 

 

"Using the Office 365 Groups Naming Policy preview requires Azure Active Directory Premium P1 licenses or Azure AD Basic EDU licenses for each unique user that is a member of one or more Office 365 groups."

 

AAD Basic comes with any version of an EDU tenant. I know other EDUs have been discussing this as well, and I believe have this stuff in place. Since this now appears to be an option we want to make sure this isn't too good to be true since there is only one piece of documentation that proves it. 

 

https://docs.microsoft.com/en-us/azure/active-directory/groups-naming-policy

 

Can you confirm this is correct information in this doc?