Managing the lifecycle of Microsoft 365 Groups is essential for maintaining an organized and efficient collaboration environment. One critical aspect of this management is configuring expiration policies to ensure that inactive groups are periodically reviewed and renewed or deleted as needed. In this article we will cover how to configure Microsoft 365 Group expiration policies using Microsoft Graph PowerShell including a detailed script explanation, enhancements and conclusions.
Install-Module -Name Microsoft.Graph -Scope CurrentUser
.Connect-MgGraph -Scopes "Group.ReadWrite.All"
# Connect to Microsoft Graph
Connect-MgGraph -Scopes "Group.ReadWrite.All"
# Function to retrieve the current group expiration policy
function Get-GroupExpirationPolicy {
try {
$policy = Get-MgGroupLifecyclePolicy -All
if ($policy) {
Write-Host "Current Group Expiration Policy:"
$policy | Format-Table -Property Id GroupLifetimeInDays ManagedGroupTypes AlternateNotificationEmails
} else {
Write-Host "No group expiration policy found."
}
} catch {
Write-Error "Failed to retrieve the group expiration policy. Error: $_"
}
}
# Function to create or update group expiration policy
function Set-GroupExpirationPolicy {
param (
[int]$GroupLifetimeInDays = 180
[string]$ManagedGroupTypes = "All"
[string]$AlternateNotificationEmails = ""
)
try {
$policy = Get-MgGroupLifecyclePolicy -All
if ($policy) {
# Update the existing policy
$policyId = $policy.Id
$params = @{
GroupLifetimeInDays = $GroupLifetimeInDays
ManagedGroupTypes = $ManagedGroupTypes
AlternateNotificationEmails = $AlternateNotificationEmails
}
Update-MgGroupLifecyclePolicy -GroupLifecyclePolicyId $policyId -BodyParameter $params
Write-Host "Group expiration policy updated successfully."
} else {
# Create a new policy
New-MgGroupLifecyclePolicy -GroupLifetimeInDays $GroupLifetimeInDays -ManagedGroupTypes $ManagedGroupTypes -AlternateNotificationEmails $AlternateNotificationEmails
Write-Host "Group expiration policy created successfully."
}
} catch {
Write-Error "Failed to set the group expiration policy. Error: $_"
}
}
# Retrieve the current group expiration policy
Get-GroupExpirationPolicy
# Set or update the group expiration policy
Set-GroupExpirationPolicy -GroupLifetimeInDays 365 -ManagedGroupTypes "All" -AlternateNotificationEmails "admin@yourdomain.com"
# Retrieve the updated group expiration policy
Get-GroupExpirationPolicy
# Disconnect from Microsoft Graph
Disconnect-MgGraph
Connect to Microsoft Graph: Establish a connection to Microsoft Graph with the required permissions using Connect-MgGraph -Scopes "Group.ReadWrite.All"
.
Get-GroupExpirationPolicy Function:
Get-MgGroupLifecyclePolicy -All
to fetch all policies and formats the output to show the policy details.Set-GroupExpirationPolicy Function:
Update-MgGroupLifecyclePolicy
. If not it creates a new policy using New-MgGroupLifecyclePolicy
.Retrieve and Set Policies:
Disconnect from Microsoft Graph: Ends the session with Microsoft Graph using Disconnect-MgGraph
.
Configuring Microsoft 365 Group expiration policies using Microsoft Graph PowerShell is a powerful way to automate the management of group lifecycles. By implementing and customizing the provided script administrators can ensure that inactive groups are periodically reviewed helping to maintain an organized and efficient collaboration environment.
For more detailed information refer to the official documentation:
By leveraging these resources and enhancing the script as needed you can streamline the management of Microsoft 365 Groups within your organization.
© m365corner.com. All Rights Reserved. Design by HTML Codex