HIDE Office 365 Groups from GAL

We have seen lot of users are creating Microsoft Teams, Planner etc and these in-turn create Office 365 groups.

Some are even test and it creates lot of unwanted data in the GAL which many users and our organization management is not encouraging.

So we have created this script that runs regularly and hide Newly created Unified groups from the GAL.

If request is received to unhide some group that can also be performed by IT Admin as script only takes care of New groups created within last 2 days.

Before implementing this solution you can do a one time hide by using below one liner on Exchange Online Shell.

Get-UnifiedGroup -ResultSize:Unlimited | Set-UnifiedGroup -HiddenFromAddressListsEnabled:$true

Download and extract the Script from below link:

https://gallery.technet.microsoft.com/scriptcenter/HIDE-Office-365-Groups-30b28754

Update the .ps1 powershell script variables:

Logs –> contains Transcript logs

Report –> contains the detail about groups that have been set as hidden by the script.

$SmtpServer –> relay server

$from –> as per your enviornment

$erroemail –> where errors and report will be sent.

$days –> office 365 groups created in last 2 days are selected

Run encrypt.bat to encrypt the password of the service account that will connect to Exchange online.

Ones scheduled or run via unifiedgroupshide.bat, Here is the report that will be stored in report folder as well as sent on email.

 

PowerShell
<#     
    .NOTES 
    =========================================================================== 
     Created on:       3/19/2018 10:16 AM 
     Created by:       Vikas Sukhija (http://SysCloudPro.com) 
     Organization:      
     Filename:         UnifiedGroupsHide.ps1 
    =========================================================================== 
    .DESCRIPTION 
        Hide all new Unified Groups created in last 2 days 
#> 
#############Load Functions################# 
$error.clear() 
try { stop-transcript | out-null } 
catch { $error.clear() } 
 
function Write-Log 
{ 
    [CmdletBinding()] 
    param 
    ( 
        [Parameter(Mandatory = $true)] 
        [array]$Name, 
        [Parameter(Mandatory = $true)] 
        [string]$Ext, 
        [Parameter(Mandatory = $true)] 
        [string]$folder 
    ) 
     
    $log = @() 
    $date1 = get-date -format d 
    $date1 = $date1.ToString().Replace("/""-") 
    $time = get-date -format t 
     
    $time = $time.ToString().Replace(":""-") 
    $time = $time.ToString().Replace(" """) 
     
    foreach ($n in $name) 
    { 
         
        $log += (Get-Location).Path + "\" + $folder + "\" + $n + "_" + $date1 + "_" + $time + "_.$Ext" 
    } 
    return $log 
} 
 
function LaunchEOL 
{ 
    param 
    ( 
        $cred 
    ) 
     
    $UserCredential = $cred 
     
    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection 
     
    Import-PSSession $Session -Prefix "EOL" -AllowClobber 
} 
Function RemoveEOL 
{ 
     
    $Session = Get-PSSession | where { $_.ComputerName -like "outlook.office365.com" } 
    Remove-PSSession $Session 
     
} 
 
##########################Load variables & Logs#################### 
$log = Write-Log -Name "process_HideUnifiedGroups" -folder logs -Ext log 
$Report = Write-Log -Name "HideUnifiedGroups" -folder Report -Ext csv 
$collection = @() 
 
$smtpserver = "smtp.labtest.com" 
$from = "Automate@labtest.com" 
$erroremail = "Reports@labtest.com" 
$days = (get-date).adddays(-2) 
 
#####################userid/password################################ 
$userId = "SVCAccount@labtest.com" 
$encrypted1 = "01kgkgnjhvekwhqvknerhmvoi89326842000003660000c000000010000000d3daae27960a5fc000000000000000777fd0d62ab916e90083c0a0a2" 
$pwd = ConvertTo-SecureString -string $encrypted1 
$Credential = New-Object System.Management.Automation.PSCredential -ArgumentList $userId$pwd 
##########Start Script main############## 
Start-Transcript -Path $log 
get-date 
try 
{ 
    LaunchEOL -Cred $Credential 
} 
catch 
{ 
    write-host "$($_.Exception.Message)" -foregroundcolor red 
    Send-MailMessage -SmtpServer $smtpserver -From $from -To $erroremail -Subject "Exchange online Unified Group Hide connection Error" -Body $($_.Exception.Message) 
    break 
} 
Write-host "Start fetching o365 groups" -foregroundcolor Green 
$geto365groups = Get-EOLUnifiedGroup -resultsize unlimited | where{ $_.WhenCreated -ge $days } 
Write-host "Finished fetching o365 groups" -foregroundcolor Green 
 
$geto365groups | Foreach-object{ 
    $Error.clear() 
    $mcoll = "" | select Identity, Guid, HiddenFromAddressListsEnabled 
    $identity = $_.identity 
    $globalidentifier = $_.Guid 
    $mcoll.Identity = $identity 
    $mcoll.Guid = $globalidentifier.guid 
    Set-EOLUnifiedGroup -Identity $globalidentifier.guid -HiddenFromAddressListsEnabled:$true 
    if ($error) 
    { 
        $mcoll.HiddenFromAddressListsEnabled = "Error" 
    } 
    else 
    { 
        $mcoll.HiddenFromAddressListsEnabled = "Success" 
    } 
    $collection+=$mcoll 
} 
$collection | Export-Csv $Report -NoTypeInformation 
 
Send-MailMessage -SmtpServer $smtpserver -From $from -To $erroremail -Subject "Hide - Office 365 Groups Report"  -Attachments $Report 
########################Recycle reports & logs############## 
$path1 = ".\report\" 
$path2 = ".\Logs\" 
$limit = (Get-Date).AddDays(-60) #for report recycling 
Get-ChildItem -Path $path1 | Where-Object { 
    $_.CreationTime -lt $limit 
} | Remove-Item -recurse -Force 
 
Get-ChildItem -Path $path2 | Where-Object { 
    $_.CreationTime -lt $limit 
} | Remove-Item -recurse -Force 
 
get-date 
Write-Host "Script finished" -ForegroundColor green 
Stop-Transcript 
##############################################################################

Thanks for reading and downloading

Sukhija Vikas

http://SysCloudPro.com

Advertisements

3 thoughts on “HIDE Office 365 Groups from GAL

  1. Pingback: HIDE Office 365 Groups from GAL | 365ForAll

  2. Thank you very much for your script, it is very useful!!

    Would you be so kind write me, how I can schedule it into the scheduled task? (with what parameter?)

    Thank you!!

  3. Pingback: HIDE Office 365 Groups from GAL | Cloud Computers Guide

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s