How to prevent users from creating groups in Office 365 | #powershell

preview_player
Показать описание
Hi Everyone,
This video will show how to prevent or limit users from creating groups in Office 365. By default, all users can create Microsoft 365 groups.
When you limit who can create a group, it affects all services that rely on groups for access, including:
Outlook
SharePoint
Yammer
MS TEAMS
MS STREAM
Planner
Power BI ( Classic)
Project for the Web/Roadmap

Other roles can create Microsoft 365 Groups via limited means, listed below.

Exchange Administrator: Exchange admin center, Azure AD
Partner Tier 1 Support: Microsoft 365 admin center, Exchange admin center, Azure AD
Partner Tier 2 Support: Microsoft 365 admin center, Exchange admin center, Azure AD
Directory Writers: Azure AD
SharePoint Administrator: SharePoint admin center, Azure AD
Teams Service Administrator: Teams admin center, Azure AD
User Administrator: Microsoft 365 admin center, Azure AD
If you're a member of one of these roles, you can create Microsoft 365 Groups for restricted users and then assign the user as the owner of the group.

Licensing requirements

To manage who creates groups, the following people need Azure AD Premium licenses or Azure AD Basic EDU licenses assigned to them:

The admin who configures these group creation settings
The members of the group who are allowed to create groups

The following people don't need Azure AD Premium or Azure AD Basic EDU licenses assigned to them.

People who are members of Microsoft 365 groups and who don't have the ability to create other groups.

#office365 #powershell #microsoft #howto
  1. TechTrip
  2. MIcrosoft
  3. Office365
  4. PowerShell
  5. How to block user from creating groups
Рекомендации по теме
How to Prevent 0:02:38

How to Prevent Users From Running Specified Windows Applications

How to prevent 0:06:29

How to prevent users from associating a site to your Hub

How to Prevent 0:01:53

How to Prevent Users from Locking your Windows Computer

How to Prevent 0:01:43

How to Prevent Users From Installing Software in Windows 10

How to Prevent 0:03:15

How to Prevent Other Users From Accessing Your Files in Windows 10

how to block 0:07:44

how to block or prevent users from installing software

How to Prevent 0:02:02

How to Prevent Users from Changing the Language in Windows 11

How To Prevent 0:01:38

How To Prevent Users From Adding New Profile In Microsoft Edge [Tutorial]

Salesforce: Prevent push 0:02:16

Salesforce: Prevent push upgrades (auto and manual) entirely for versions lower than Y.0

How to prevent 0:05:05

How to prevent users from removing chrome extensions

How to prevent 0:07:44

How to prevent users from creating groups in Office 365 | #powershell

How to Prevent 0:04:29

How to Prevent Users from Installing Google Chrome Extension

How to Prevent 0:02:20

How to Prevent Users from Installing New Software on Windows 11

How to Prevent 0:04:51

How to Prevent Users From Deleting Browser History in Microsoft Edge

Prevent users from 0:03:02

Prevent users from getting Insider Preview builds in Windows 11/10

How to Prevent 0:01:17

How to Prevent Users From Changing Theme In Windows 10 [Tutorial]

How To Prevent 0:01:00

How To Prevent Users From Disabling Startup Apps In Windows 10

Prevent Users From 0:04:03

Prevent Users From Shutting Down Windows 10

How to Prevent 0:02:13

How to Prevent Users From Installing Printers windows 10

How to Prevent 0:01:01

How to Prevent Users From Changing Windows 10 Password

How to prevent 0:02:19

How to prevent users from adding new profile in Microsoft Edge

How to Prevent 0:01:15

How to Prevent Users from Modifying Search Index Locations in Windows 10/11/8/7

Prevent Users from 0:02:26

Prevent Users from changing the Date and Time in Windows 11

How to Prevent 0:07:21

How to Prevent Standard Users from Joining Computers to an Active Directory Domain

Комментарии
Автор

PowerShell Command

$GroupName = "<GroupName>"
$AllowGroupCreation = $False

Connect-AzureAD

$settingsObjectID = (Get-AzureADDirectorySetting | Where-object -Property Displayname -Value "Group.Unified" -EQ).id
if(!$settingsObjectID)
{
$template = | Where-object {$_.displayname -eq "group.unified"}
$settingsCopy =
New-AzureADDirectorySetting -DirectorySetting $settingsCopy
$settingsObjectID = (Get-AzureADDirectorySetting | Where-object -Property Displayname -Value "Group.Unified" -EQ).id
}

$settingsCopy = Get-AzureADDirectorySetting -Id $settingsObjectID
= $AllowGroupCreation

if($GroupName)
{
= (Get-AzureADGroup -SearchString $GroupName).objectid
} else {
= $GroupName
}
Set-AzureADDirectorySetting -Id $settingsObjectID -DirectorySetting $settingsCopy

(Get-AzureADDirectorySetting -Id $settingsObjectID).Values

TechTripChannel
Автор

Great tutorial. Just tested it out. This also works with an unlicensed global admin account (no M365 license or Entra P1). Of course one should not do it because it's licensing fraud.

frankwalker
Автор

PERFECT VIDEO! don´t have to say more - helped me after looking for hours

digitalisierung
Автор

Great video!

Im after a way to restrict users to create new Team groups, but i still want them to be able to create groups in other apps like planner.
There should be a script or setting i would be able to change.

Do you perhaps know what changes i need to do?
Thank you in advance.

iSlooshie