Feedback by UserVoice

How can we improve Office 365 Groups?

Naming Policy for Azure Premium Customers Only

In Microsoft's April update for Office 365 groups they mention the Azure AD naming policy is coming but only for Azure Premium customers. This should not be the case. Proper management of Office 365 groups should include naming policies. Without naming policies, there is a large potential for namespace collisions for folks who do not use the Azure AD premium service. This is something that should be available to all not just Azure AD premium customers.

223 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
You have left! (?) (thinking…)
IamCSquared shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

6 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • SDADM commented  ·   ·  Flag as inappropriate

    We recently discovered that since there are no naming controls, users can potentially create groups (public or private) that have the same name as an official mailbox (an office, department, or employee). Then they show up in the GAL...

    Do you realize what a HUGE security hole it is when any internal user can create an O365 Group called "Human Resources" or make one named after [Government Agency's] director in the GAL? When other users start to pick the wrong name in the GAL and now suddenly information is being sent to the wrong recipient(s)? We need to be able to control naming.

  • Mattias Lindgren commented  ·   ·  Flag as inappropriate

    In the Office 365 Road Map there is a feature that has been under development for a long time: (Office 365 Groups: naming policy in Azure Active Directory, Feature ID: 14687). I assume that it is that feature this thread is all about.

    I agree that this feature should not require Azure Active Directory Premium, but mots off all, am I interested in when the feature will be available? It has an Estimated Release: Q2 CY2017.

  • Anwar Mahmood commented  ·   ·  Flag as inappropriate

    Being completely selfish, education tenancies have the "Azure Active Directory Basic for EDU" SKU (in PowerShell, the ServicePlan is called "AAD_BASIC_EDU". This naming policy is an ABSOLUTE REQUIREMENT and should be provided with this licence.

  • Aaron Thorn commented  ·   ·  Flag as inappropriate

    The question is why would this not be built into the Office 365. Most organizations cannot afford the added cost .

  • Lewis Noles commented  ·   ·  Flag as inappropriate

    I wholeheartedly agree that the Azure AD Naming policy should not require Azure AD Premium licensing. We have not implemented Office 365 Groups exactly because we could not restrict the naming. With our large user base, Azure AD Premium is extremely cost-prohibitive, especially since Office 365 for Education is billed as essentially a free service for education.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I agree. I work for a large university that operates Office 365 in a hybrid environment. We simply cannot enable groups for our students, faculty, and staff until we have a solution for preventing naming conflicts with our on-prem accounts. Also, we would like to prevent our users from creating an email address such as president@university.edu. While having the Azure AD premium service is certainly desirable; I believe it is cost prohibitive for many public universities.

Feedback and Knowledge Base