cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Limit creation of Office 365 Groups

Emett Sluskonis
Copper Contributor

‎Jul 10 2018 07:12 AM - last edited on ‎Feb 01 2023 11:56 AM by

‎Jul 10 2018 07:12 AM - last edited on ‎Feb 01 2023 11:56 AM by

Limit creation of Office 365 Groups

Hello,

 

Is there any way to limit the creation of Office 365 Groups? I have found this article here by Microsoft, but requires Azure AD Premium. https://support.office.com/en-us/article/manage-who-can-create-office-365-groups-4c46c8cb-17d0-44b5-...

 

Is it possible without Azure AD Premium and just Basic Azure AD? Seems silly that this function would be limited to Azure AD Premium users as O365 Group creation gets out of hand very quickly.

Thanks,

 

-Emett

21.1K Views
0 Likes
7 Replies
Reply
7 Replies
best response confirmed by Emett Sluskonis (Copper Contributor)
Max Fritz

‎Jul 10 2018 08:17 AM

‎Jul 10 2018 08:17 AM

Solution

Re: Limit creation of Office 365 Groups

This is the only method currently available to limit group creation overall, and it does require Azure AD Premium. The PowerShell commands will work with any licensing level, but Microsoft could enforce the licensing for that at any time.
You're not alone in your feedback on this, and it's a common ask. Technically, only the administrator who performs this action (the PowerShell commands) needs an Azure AD Premium P1 license, so you could just get 1. Otherwise, be sure to share your feedback on UserVoice (https://office365.uservoice.com/forums/286611-office-365-groups).
The more feedback we can share the better!
0 Likes
Reply
John Peluso

‎Jul 10 2018 12:53 PM

‎Jul 10 2018 12:53 PM

Re: Limit creation of Office 365 Groups

Hey guys--- I think there are actually 2 different ways to limit group creation. One option is a binary "on/off" switch where the you disable all ability for all your users to create O365 Groups/Teams through the native O365 end user interfaces (admins can still create groups through the O365 admin interfaces and PowerShell. This SHOULD NOT require AAD Premium, except for the admin running the PowerShell- I've seen this setting as well in the new AAD admin portal but never used this method myself. If it works, it may bypass the AAD P1 requirement for the admin). The second option is like the first except that you define a specific AAD Security Group that has the ability to create Groups/Teams through the native O365 Interfaces, but all other users are blocked from doing so. This option does require AAD Premium. The full licensing implications are hard to track down officially, but they are listed here: https://support.office.com/en-us/article/Learn-about-Office-365-Groups-b565caa1-5c40-40ef-9915-60fdb...

 

The PowerShell is essentially the same for both option 1 and 2 above, but option 2 has the additional step of creating the Security Group and adding it to the AAD Directory Settings Template. The process is described here: https://support.office.com/en-us/article/manage-who-can-create-office-365-groups-4c46c8cb-17d0-44b5-...

1 Like
Reply
Nestori Syynimaa

‎Jul 11 2018 02:20 AM

‎Jul 11 2018 02:20 AM

Re: Limit creation of Office 365 Groups

Sure, you can limit the creation of Office 365 Groups, Teams and Planner without AAD premium. Take a look at my blog post, there also other tips for managing Office 365 Groups.

1 Like
Reply
Max Fritz

‎Jul 11 2018 07:45 AM

‎Jul 11 2018 07:45 AM

Re: Limit creation of Office 365 Groups

According to the Microsoft documentation, the administrator has to be licensed for Azure AD Premium in order to run the Set-AzureADDirectorySetting commandlet in Azure AD PowerShell. I agree that this is not enforced right now, but that doesn't change what they're saying.

1 Like
Reply
FRDev Microsoft

‎Sep 07 2018 04:08 AM

‎Sep 07 2018 04:08 AM

Re: Limit creation of Office 365 Groups

Referring to the documentation from Microsoft: https://support.office.com/en-us/article/manage-who-can-create-office-365-groups-4c46c8cb-17d0-44b5-... - We find the licensing model a bit unclear :).

As @Max Fritz mention "someone need" Azure AD P1 Premium license. BUT what does it really mean, quote Microsoft

Doing the steps in this article requires a subscription to Azure Active Directory (Azure AD) Premium. The administrator who configures the settings, and the members of the affected groups, must have Azure AD Premium licenses assigned to them.

 

  1. Okei - admin who execute the script needs an Azure AD P1 license - that one is clear
  2. "and the members of the affected groups" we interpret this as the members of the Azure AD security group that still can create Office 365 Groups (and Teams etc.) - they all need an Azure AD P1 license  - Can anyone confirm this ? anyone from Microsoft ? 
  3. Because using the term groups might be interpret as all the affected members of all the created Office 365 Groups - in real life, meaning almost everybody needs an Azure AD P1 license  - Can anyone confirm that this is an incorrect understanding of the documentation = nr 2 is a correct understanding ?
  4. And finally if you are an global admin you don't need an Azure AD P1 license (unless you are in the mentioned security group, or executed the script) - Can anyone confirm this ? anyone from Microsoft ? 
     

Just trying to understand the licencing requirements from Microsoft  :)

 

 

 

 

2 Likes
Reply
mattboese390

‎Mar 14 2019 09:06 AM

‎Mar 14 2019 09:06 AM

Re: Limit creation of Office 365 Groups

Hi John,
I am quite new to the O365 scene and am still learning best practices as we roll out. You said there was a on/off switch to turn off group creation for users in the web ui? Where is that setting? All the documentation I can find says you can only do it in powershell and only with some form of azure license.
1 Like
Reply
adam deltinger

‎Mar 14 2019 09:29 AM

‎Mar 14 2019 09:29 AM

Re: Limit creation of Office 365 Groups

Hi! No simple on/off
Powershell is the way to go
1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by Emett Sluskonis (Copper Contributor)
Max Fritz

‎Jul 10 2018 08:17 AM

‎Jul 10 2018 08:17 AM

Solution

Re: Limit creation of Office 365 Groups

This is the only method currently available to limit group creation overall, and it does require Azure AD Premium. The PowerShell commands will work with any licensing level, but Microsoft could enforce the licensing for that at any time.
You're not alone in your feedback on this, and it's a common ask. Technically, only the administrator who performs this action (the PowerShell commands) needs an Azure AD Premium P1 license, so you could just get 1. Otherwise, be sure to share your feedback on UserVoice (https://office365.uservoice.com/forums/286611-office-365-groups).
The more feedback we can share the better!

View solution in original post

0 Likes
Reply