Feedback by UserVoice

How can we improve Office 365 Groups?

Hide private groups from GAL by default

As soon as someone creates a private group, this should by default be hidden from GAL.

There are PowerShell CmdLets which allow administrators to hide/show the groups from the GAL. However this is a post-facto activity. With many users and groups this is very tedious and many times we don't even come know that a group has been created by someone somwhere.

685 votes
Sign in
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Abhitalks shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    in the plans  ·  O365 Feedback Team responded  · 

    We’re planning to release a group privacy type called “secret groups” later this year. Private groups (those whose contents are only visible to members) will still remain in the directory. Secret groups are essentially private groups that aren’t visible in the directory by non-members.


    Sign in
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      • Abdul Khan commented  ·   ·  Flag as inappropriate

        Secret Groups are not good enough. We need a flag or attribute populated which can be called for exclusion from the address lists like the GAL, Distribution Lists, etc.

        Right now there is too much garbage in there. Exchange Online is supposed to be an Enterprise product...

      • SDADM commented  ·   ·  Flag as inappropriate

        I fully agree with the poster who said, "User created groups of any kind should not show in the GAL."

        In addition in cluttering the GAL, we recently discovered that since there are no naming controls, users can potentially create groups (public or private) that have the same name as an official mailbox (an office, department, or employee). Then they show up in the GAL because they are not hidden...

        Do you realize what a HUGE security hole it is when any internal user can create an O365 Group called "Human Resources" or make one named after [Government Agency's] director in the GAL? When other users start to pick the wrong name in the GAL and now suddenly information is being sent to the wrong recipient(s)?

      • Anonymous commented  ·   ·  Flag as inappropriate

        User created groups of any kind should not show in the GAL. The GAL is for organizing a companies contacts and distribution lists, not every single users whimsical fleeting ideas of group after group.
        We need to be able to prevent users from making any sort of group.
        We only have 80ish users and have been on Office 365 for 3 weeks and I am already looking for a way to stop users from making all types of groups. Our GAL is already cluttered with groups called "Test", "Trial", "Bob's Group", come on...

      • Anonymous commented  ·   ·  Flag as inappropriate

        Not good enough! Secret groups will not solve the problem, which is that users are creating hundreds of needless groups with needless email addresses clogging up GAL's with JUNK! Most of the groups created by end users are simply for tracking or organizing work. People don't usually even WANT an email address, let alone know that it is being added to a huge company list. In fact, a better option than hiding the email from the list might be to not make an email address at all for the group, and make creating the email the optional part. I guarantee 90% of groups created would not check a box to use the email address. Please don't force people to use the produce the way you happened to program it and make it work the way people WANT to use it!

      • Anonymous commented  ·   ·  Flag as inappropriate

        When is this happening? I just implemented O365 and the GAL is a mess with all these SharePoint & teams (etc.) groups.

      • Chris Adams commented  ·   ·  Flag as inappropriate

        Microsoft, this is a very reasonable ask, we should be able to prevent private groups from showing up in the address book by default. Using a script after the fact is not a viable solution as the group still could still make it's way to the address book before a scheduled script is run.

      • Klic commented  ·   ·  Flag as inappropriate

        Can't believe this isn't fixed yet as it seems like the most basic of functions. Why the #"$! would we want a bunch of random groups cluttering up the address book? I'm trying to find ways to disable Planner, Teams and SharePoint to avoid this problem altogether.

      • Raj commented  ·   ·  Flag as inappropriate

        When you release this option, please allow admin to manage the options to allow users to create only secret groups across Organization or all 3.

        We prefer the option like end users can create only Secret groups in my Organization and Admins can create Private or Public Groups.

      • Adam Janecke commented  ·   ·  Flag as inappropriate

        Any updates on this O365 Feedback team? Our environment would have serious problems with the current options of public/private. Can you just change private to have the same settings as "Secret"? The "private" group setting is not that "private" if people can email that email address and it shows up in the GAL (I just had this happen today).

      • Anonymous commented  ·   ·  Flag as inappropriate

        its 2018 now, this option is still not available. its not a big issue until firm wide MS teams adoption. Every group created by users in MS teams are (suppose to be O365 group, but its kinda not) showing in the Global Address list, creating mass confusion. MS support tech has given us a command to hide all O365 groups from Global Address list, however its not ideal since we need to run in periodically. Anyways, for those who are interested:

        To hide all O365 groups from GAL
        Get-UnifiedGroup -ResultSize unlimited | Set-UnifiedGroup -HiddenFromAddressListsEnabled $true

        To enable specific O365 group in GAL
        Set-UnifiedGroup -Identity -HiddenFromAddressListsEnabled $false

      • King commented  ·   ·  Flag as inappropriate

        This is the only reason we haven't deployed this outside our IT group. If this goes on much longer I fear we'll be forced down the Spark path because of Microsoft's inability to create a legitimate admin console for Teams.

      • Bjove commented  ·   ·  Flag as inappropriate

        This has been in the plans for two years - will it be implemented?

      • Stephen commented  ·   ·  Flag as inappropriate

        Just want to add my voice to the others. We need this ability at the time of group creation.

      • Monir commented  ·   ·  Flag as inappropriate

        There should be just simple check boxes for the O365 Group owner from the group edit properties whether to show the group in GAL and/or members are allowed to send mail to it as there are many many O365 groups get created from Many O365 apps/service and some has many many users in them. This is simple crazy as everyone is allowed to send mails to these groups by default....

      • Doug commented  ·   ·  Flag as inappropriate

        "later this year" lol we are coming up on 2 years since you made that declaration. WTF

      • Arch commented  ·   ·  Flag as inappropriate

        Much Needed fucntionality, which is missing. As Groups integration for backend user needs it is creating clutter in OWA. What practice does MS recommend to manage this? We want to see clean managed Gloabl Address list and give user the flexibility to be able to create groups for other office related fucntionality.....

      • Tony W. commented  ·   ·  Flag as inappropriate

        Need an easy way to limit visual ability. Same here about students requesting access to Private Groups that are meant for faculty and staff. It's not their fault, they just think it's related to courses they're taking. We just rolled out Teams with the new semester, and now getting several requests for students to join groups.

      ← Previous 1 3

      Feedback and Knowledge Base