Feedback by UserVoice

How can we improve Office 365 Groups?

Hide private groups from GAL by default

As soon as someone creates a private group, this should by default be hidden from GAL.

There are PowerShell CmdLets which allow administrators to hide/show the groups from the GAL. However this is a post-facto activity. With many users and groups this is very tedious and many times we don't even come know that a group has been created by someone somwhere.

701 votes
Sign in
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Abhitalks shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    in the plans  ·  O365 Feedback Team responded  · 

    We’re planning to release a group privacy type called “secret groups” later this year. Private groups (those whose contents are only visible to members) will still remain in the directory. Secret groups are essentially private groups that aren’t visible in the directory by non-members.


    Sign in
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      • Vilius commented  ·   ·  Flag as inappropriate

        @Vijay Nelson The is not need for secret groups. All Office 365 Groups created should hidden by default in GAL (Outlook). This includes both private and public groups. GAL is like an official address book for the employees and it should not be littered with user's tests, private mini groups, the groups which are mostly created temporary, like project groups, etc. etc. For example we are large enterprise and we have hundreds of groups like "" . This group email has no value in the GAL.

        The best solution would be to allow users to unhide the group, but dedicated administrators should confirm this change. Also it would be great to have O365 Groups in separate address list in the GAL.

      • Abdul Khan commented  ·   ·  Flag as inappropriate

        Secret Groups are not good enough. We need a flag or attribute populated which can be called for exclusion from the address lists like the GAL, Distribution Lists, etc.

        Right now there is too much garbage in there. Exchange Online is supposed to be an Enterprise product...

      • SDADM commented  ·   ·  Flag as inappropriate

        I fully agree with the poster who said, "User created groups of any kind should not show in the GAL."

        In addition in cluttering the GAL, we recently discovered that since there are no naming controls, users can potentially create groups (public or private) that have the same name as an official mailbox (an office, department, or employee). Then they show up in the GAL because they are not hidden...

        Do you realize what a HUGE security hole it is when any internal user can create an O365 Group called "Human Resources" or make one named after [Government Agency's] director in the GAL? When other users start to pick the wrong name in the GAL and now suddenly information is being sent to the wrong recipient(s)?

      • Anonymous commented  ·   ·  Flag as inappropriate

        User created groups of any kind should not show in the GAL. The GAL is for organizing a companies contacts and distribution lists, not every single users whimsical fleeting ideas of group after group.
        We need to be able to prevent users from making any sort of group.
        We only have 80ish users and have been on Office 365 for 3 weeks and I am already looking for a way to stop users from making all types of groups. Our GAL is already cluttered with groups called "Test", "Trial", "Bob's Group", come on...

      • Anonymous commented  ·   ·  Flag as inappropriate

        Not good enough! Secret groups will not solve the problem, which is that users are creating hundreds of needless groups with needless email addresses clogging up GAL's with JUNK! Most of the groups created by end users are simply for tracking or organizing work. People don't usually even WANT an email address, let alone know that it is being added to a huge company list. In fact, a better option than hiding the email from the list might be to not make an email address at all for the group, and make creating the email the optional part. I guarantee 90% of groups created would not check a box to use the email address. Please don't force people to use the produce the way you happened to program it and make it work the way people WANT to use it!

      • Anonymous commented  ·   ·  Flag as inappropriate

        When is this happening? I just implemented O365 and the GAL is a mess with all these SharePoint & teams (etc.) groups.

      • Chris Adams commented  ·   ·  Flag as inappropriate

        Microsoft, this is a very reasonable ask, we should be able to prevent private groups from showing up in the address book by default. Using a script after the fact is not a viable solution as the group still could still make it's way to the address book before a scheduled script is run.

      • Klic commented  ·   ·  Flag as inappropriate

        Can't believe this isn't fixed yet as it seems like the most basic of functions. Why the #"$! would we want a bunch of random groups cluttering up the address book? I'm trying to find ways to disable Planner, Teams and SharePoint to avoid this problem altogether.

      • Raj commented  ·   ·  Flag as inappropriate

        When you release this option, please allow admin to manage the options to allow users to create only secret groups across Organization or all 3.

        We prefer the option like end users can create only Secret groups in my Organization and Admins can create Private or Public Groups.

      • Adam Janecke commented  ·   ·  Flag as inappropriate

        Any updates on this O365 Feedback team? Our environment would have serious problems with the current options of public/private. Can you just change private to have the same settings as "Secret"? The "private" group setting is not that "private" if people can email that email address and it shows up in the GAL (I just had this happen today).

      • Anonymous commented  ·   ·  Flag as inappropriate

        its 2018 now, this option is still not available. its not a big issue until firm wide MS teams adoption. Every group created by users in MS teams are (suppose to be O365 group, but its kinda not) showing in the Global Address list, creating mass confusion. MS support tech has given us a command to hide all O365 groups from Global Address list, however its not ideal since we need to run in periodically. Anyways, for those who are interested:

        To hide all O365 groups from GAL
        Get-UnifiedGroup -ResultSize unlimited | Set-UnifiedGroup -HiddenFromAddressListsEnabled $true

        To enable specific O365 group in GAL
        Set-UnifiedGroup -Identity -HiddenFromAddressListsEnabled $false

      • King commented  ·   ·  Flag as inappropriate

        This is the only reason we haven't deployed this outside our IT group. If this goes on much longer I fear we'll be forced down the Spark path because of Microsoft's inability to create a legitimate admin console for Teams.

      • Bjove commented  ·   ·  Flag as inappropriate

        This has been in the plans for two years - will it be implemented?

      • Stephen commented  ·   ·  Flag as inappropriate

        Just want to add my voice to the others. We need this ability at the time of group creation.

      • Monir commented  ·   ·  Flag as inappropriate

        There should be just simple check boxes for the O365 Group owner from the group edit properties whether to show the group in GAL and/or members are allowed to send mail to it as there are many many O365 groups get created from Many O365 apps/service and some has many many users in them. This is simple crazy as everyone is allowed to send mails to these groups by default....

      • Doug commented  ·   ·  Flag as inappropriate

        "later this year" lol we are coming up on 2 years since you made that declaration. WTF

      ← Previous 1 3

      Feedback and Knowledge Base