This post is part of the overall MS-700 Exam Study Guide. Links to each topic as they are posted can be found here.
In this section I will go through the following topics relating to Governance and Lifecycle Management for Microsoft Teams.
- Configure an expiration policy for Microsoft 365 groups
- Configure a naming policy for Microsoft 365 Groups
- Archive, delete, or unarchive one or more teams
In the previous post in this topic I detailed some of the ways we can apply a layer of Governance to Microsoft Teams deployments using policies. In this post, I go further into Teams Governance and Lifecycle management and explore how we manage Teams lifecycle management. As discussed previously, Teams deployments out of the box are very partial to generating sprawl (a large number of disparate data repositories that become very hard to manage). This post will help you to plan for each Teams lifecycle and help prevent this from occuring.
Configure an expiration policy for Microsoft 365 groups
Expiration Policies for Microsoft 365 groups allow for the natural removal of stale Group objects in the tenant. As this applies to Microsoft 365 Groups, it doesn’t only look at Teams but any group-based object such as SharePoint Team sites also. A group expiration policy sends periodic renewal requests to group owners based on a predefined lifetime settings. These notifications are sent 30 days, 15 days and 1 day before the expiration date. The notifications appear in Teams for groups created through Teams and via email for any other groups. Owners can choose to renew groups for another period or to allow them to expire and be deleted. Notifications for groups with no owners will be sent to a chosen contact or group of contacts to determine next steps.
If there are no responses to the renewal request before the expiration, the group will be deleted. If Retention Policies are assigned to the group / Team, it will be honored and data will be retained after the group object itself is deleted. When a group expires, admins will have 30 days to restore it from the deleted groups contained in Microsoft 365.
To configure the Group Expiration Policy, navigate to Groups -> Expiration in the Azure AD Portal. There are three settings to be configured here:
- Group Lifetime – How long groups should last after creation or renewal before the expiration / renewal flow is triggered
- Email contact for groups with no owners – Who should receive the renewal request when a group has no owners
- Enable expiration for these Microsoft 365 Groups – The groups in scope for expiration, this can be all groups, no groups or a selection of groups
With the policy configured (Figure 1), groups will begin being monitored for expiration within 24 hours. The policy targets the creation date of the group, not the date the policy was enabled so turning on the expiration policy may immediately process older groups for renewal.
Users can check the expiration status of their Teams under the Team Settings area where they will see the Team expiration setting listed as shown in Figure 2.
Configure a naming policy for Microsoft 365 Groups
Naming policies can be extremely useful for organizations with a large number of Teams. Naming policies apply at group creation time and enforce predefined naming conventions to new groups . They consist of a prefix, a suffix, or both. The naming policy supports string values or variables based on the creating users attributes (Department, Company, Office, State or Province, Country or region, Title).
The are configured from the Azure AD Portal under Groups -> Naming policy -> Group naming policy and apply to all users except admins. For example, the policy in Figure 3 configured an attribute and a string for both the prefix and suffix. In this policy, a user from the marketing department in Contoso who wants to create a Team called “Daily Scrum Meeting” would get a Team named “Marketing | Daily Scrum Meeting | Contoso“. This is much easier to identify as an admin than a Team named “Daily Scrum Meeting”. I particularly like using a pipe ( | ) as a logical separator between the prefix, name and suffix as it makes it much easier to read.
Another component of naming policies are Blocked Words lists. This is pretty much exactly as it sounds, from Groups -> Naming Policy -> Blocked words in the Azure AD portal, an admin uploads a CSV of words that can’t be used in group names and Microsoft 365 will block them from being used.
Archive, delete, or unarchive one or more teams
As Teams get older and less relevant, you may want to prevent new content from being added without actually deleting the Team. This is achieved by archiving the Team. Archiving a Team doesn’t remove it but makes it read only for files and chats, preventing new activity from occurring.
Archiving a Team is done from the Teams Admin Center (TAC) under the Teams -> Manage Teams section. Select the Team to archive and from the top menu, select the Archive option. you can also choose to make the backend SharePoint site read only at this point (Figure 4) to prevent new data or modifications.
A Team can be unarchived using the exact same process and selecting the Unarchive option. Within the TAC, Archived Teams can be easily identified as archived by the Status column as shown in Figure 5.
Archived Teams are removed from end users Teams clients but membership is not removed for unarchiving a Team will immediately restore access. Unarchiving Teams is extremely simple so it’s recommended to archive if you aren’t sure if the Team will be needed again.
Managing the lifecycle of Teams is extremely important, particularly in large organizations to avoid generating a complex mess of data (think Exchange Public Folders). The features discussed here will help you to get a handle on your Teams deployment and are best deployed before and organization deploys Teams but can be implemented at any time. In the next post, we will finish the Governance and Lifecycle management exam topic with the final few features to discuss.