First published on TECHNET on May 22, 2018
Hello All,
As O365 Groups become more important in managing SharePoint I thought I would provide you with some information about them
Who should be using O365 Groups?
Groups or people that work in the following manner:
Who can create groups?
By default all users can create O365 Groups, this was done because groups are used in so many different locations that requests for groups could be to much for Helpdesk to keep up with, however there are times when companies need to restrict the ability to create groups for governance or other reasons, in that case I recommend you follow this article .
The article walks you thru the following steps (With in-depth information):
$Template = Get-AzureADDirectorySettingTemplate | where {$_.DisplayName -eq 'Group.Unified'}
$Setting = $Template.CreateDirectorySetting()
New-AzureADDirectorySetting -DirectorySetting $Setting
$Setting = Get-AzureADDirectorySetting -Id (Get-AzureADDirectorySetting | where -Property DisplayName -Value "Group.Unified" -EQ).id
$Setting["EnableGroupCreation"] = $False
$Setting["GroupCreationAllowedGroupId"] = (Get-AzureADGroup -SearchString " <Name of your security group> ").objectid
Set-AzureADDirectorySetting -Id (Get-AzureADDirectorySetting | where -Property DisplayName -Value "Group.Unified" -EQ).id -DirectorySetting $Setting
NOTE: You must use AzureADPreview to achieve these results, and require AAD Premuim.
How to create O365 Groups?
Once you open your environment to being Self-Hosted end-users or if not self-hosted then anybody who has permission to create groups will have several ways to create O365 Groups:
Administrators can create groups thru the following manners
To create O365 Groups with PowerShell you will need to first connect to Exchange Online and retrieve cmdlet’s the following lines perform this
$Creds = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Creds -Authentication Basic -AllowRedirection
Import-PSSession $Session
Now we can create a group using the cmdlet New-UnifiedGroup and example of this would be:
New-UnifiedGroup -DLIdentity “My New Group”
If you wanted you can use several Optional parameters like this
New-UnifiedGroup -DLIdentity “My New Group” -Alias “GroupAlias” -SubscriptionEnabled -AutoSubscribeNewmembers -AccessType Private
We can modify the group settings by using the cmdlet Set-UnifiedGroup
Set-UnifiedGroup -Identity “My New Group” -AccessType Public -AlwaysSubscribeMembersToCalendarEvents
We can add Member or Owners by using the cmdlet Add-UnifiedGroupLinks
Add-UnifiedGroupLinks -Identity “My New Group” -LinkType Owners -Links chris@contoso.com #Adds owner
Add-UnifiedGroupLinks -Identity “My New Group” -LinkType Members -Links george@contoso.com,linda@contoso.com #Adds members
Note: See Remove-UnifiedGroupLinks to remove Members/Owners from group
How to remove/cleanup O365 Groups?
Configuring the policy requires Global Admin permission and is done in AAD portal, you can choose from 180 days, 365 days, or custom which has to be greater then 30 days. In the portal go to User and Groups -> Group Settings -> Expiration and set the desired policy.
Note: All objects attached to the group including the group itself can have a retention policy, and once the group is deleted those policies will be enforced (For more info see this article )
To remove O365 Groups with PowerShell you will need to first connect to Exchange Online and retrieve cmdlet’s the following lines perform this
$Creds = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Creds -Authentication Basic -AllowRedirection
Import-PSSession $Session
To remove the O365 Group run the cmdlet Remove-UnifiedGroup
Remove-UnifiedGroup -Identity “My New Group” -Force
How to upgrade Distribution lists and which ones can I not upgrade?
There are two ways to upgrade a DL to an O365 Group
NOTE: You need to be either an Exchange Admin or a Global admin to perform this task
Any DL that falls into these categories will not be eligible for upgrade:
Watch for further emails to look at further managing of O365 groups.
Pax
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.