IT Blog

Identity & Access Management

How to configure restriction for Users from creation of Office 365 groups, Plans & Microsoft teams.

 width=

Connect-AzureAD

Create new Security Group “AllowedtoCreateGroups”

Get-AzureADGroup -SearchString “AllowedtoCreateGroups”

$GroupName = “<SecurityGroupName>”

$AllowGroupCreation = “False”

Connect-AzureAD

$settingsObjectID = (Get-AzureADDirectorySetting | Where-object -Property Displayname -Value “Group.Unified” -EQ).id

if(!$settingsObjectID)

{

$template = Get-AzureADDirectorySettingTemplate | Where-object {$_.displayname -eq “group.unified”}

$settingsCopy = $template.CreateDirectorySetting()

New-AzureADDirectorySetting -DirectorySetting $settingsCopy

$settingsObjectID = (Get-AzureADDirectorySetting | Where-object -Property Displayname -Value “Group.Unified” -EQ).id

}

$settingsCopy = Get-AzureADDirectorySetting -Id $settingsObjectID

$settingsCopy[“EnableGroupCreation”] = $AllowGroupCreation

if($GroupName)

{

$settingsCopy[“GroupCreationAllowedGroupId”] = (Get-AzureADGroup -SearchString $GroupName).objectid

}

Set-AzureADDirectorySetting -Id $settingsObjectID -DirectorySetting $settingsCopy

(Get-AzureADDirectorySetting -Id $settingsObjectID).Values

Remove all Setting

$SettingId = Get-AzureADDirectorySetting -All $True | where-object {$_.DisplayName -eq “Group.Unified”}

Remove-AzureADDirectorySetting –Id $SettingId.Id

Leave a Reply

Your email address will not be published. Required fields are marked *