Creating a Secret Office 365 Group
When presenting my PowerShell for Office 365 sessions I always show to create a Secret Office 365 Group for users to collaborate securely .. and privately. Why not a simple Office 365 Group of type Private? Let me show you!
Below, I have create an Office 365 Group via the User Interface called “Private Group” , and of type Private, with two members inside!
Since this group was created via the User Interface and no additional settings were configured, a member called Vanessa below, can go into the Discovery tab, and find the Private Group I have created before, even if she is not a member!
Even better (or worst), once Vanessa goes in to the group, she will not be able to see the e-mails, or any content, but she will be able to see the members of the group as you can see below!
This of course can be useful in some occasions for example, if you had Project Sites, it’s okay to see who the owner of a certain project is if you need to request to Join, or something like this! However, if this group was for a re-org, you probably don’t want all the company to be able to find out there is a re-org going on next year, even worst, you don’t want them to know that they are the only manager not in that group! Luckily, there is a way to create a Secret Office 365 Group (by the way: This is a term I came up with, there is no official, secret category😊).
The bad news, is that this can only be done via PowerShell, and not via the User Interface! You will first have to connect to Exchange Online by using PowerShell, and I will not cover how to do this in this blog post. (Check the links at the bottom of this blog to see a few resources).
The first thing we need to do is to create the new Office 365 group, specifying the Private Access Type, and a very important parameter which is -HiddenGroupMembership.
New-UnifiedGroup -DisplayName "2019 Re-Org" -Alias 2019reorg -AccessType Private -HiddenGroupMembershipEnabled
This first step doesn’t hide it, and as you can see below, Vanessa can still see the group in the Discovery Tab.
However, when going inside the group, not only Vanessa can’t see any conversations, but the Members widget and group information from the top right is gone! So Vanessa knows there will be a re-org, but she cannot see who is a member/owner of the group, and cannot do a request to join!
Now, to hide it from search, we need to modify that group using PowerShell , and setting the group to be hidden from the Address List:
Set-UnifiedGroup -Identity "2019reorg" -HiddenFromAddressListsEnabled $true
After this is done, the group will not show up in the Groups Search anymore! (Make sure to close Outlook and re-open as it might cache results)
That is it! Now, how do we apply this to existing Groups? Unfortunately, the Hidden Group Membership cannot be done on groups after they have been created, so if someone find the link to them, they will be able to see the membership. The good news is that you can use PowerShell quite easily to update all existing Private groups to be hidden from search!
Get-UnifiedGroup | Where {$_.AccessType -eq "Private"} | Set-UnifiedGroup -HiddenFromAddressListsEnabled $trueNow, even the Private Group is Hidden from Search!
That is it, once you know how to use PowerShell for Office 365, you can easily create Secret Office 365 Groups!
| Leave a comment and don’t forget to like the Vlad Talks Tech Page on Facebook and to follow me on Twitter here for the latest news and technical articles on SharePoint. I am also a Pluralsight author, and you can view all the courses I created on my author page. |
