Dellenny

Guide me in IT world

Microsoft 365

How to Create a Microsoft 365 Group Naming Policy

Dellenny

Managing Microsoft 365 groups effectively is critical in ensuring a consistent, secure, and professional collaboration environment. Without controls in place, group names can quickly become messy, redundant, or even misleading — making governance a nightmare. That’s where Microsoft 365 Group Naming Policies come in.

In this blog post, I’ll walk you through what a naming policy is, why it’s essential, and how to create and manage one using both the Microsoft 365 Admin Center and PowerShell.

📌 What Is a Group Naming Policy?

A Group Naming Policy controls the naming convention for Microsoft 365 groups (including Microsoft Teams, Outlook Groups, Yammer, and SharePoint). It helps enforce standards by:

  • Adding a prefix/suffix to group names.
  • Blocking specific words.
  • Including user attributes like department, country, or company in group names.

✅ Why You Should Use Naming Policies

  • Governance: Prevents duplicate, ambiguous, or inappropriate names.
  • Security: Avoids using confidential or sensitive words.
  • Branding & Compliance: Ensures naming aligns with your organization’s policies.
  • Clarity: Makes it easier to identify a group’s purpose or ownership.

🔧 How to Create a Naming Policy

1. Prerequisites

  • You must have Azure Active Directory Premium P1 or P2.
  • Only Global Administrators and User Administrators can configure these policies.
  • Policies are enforced only through Azure AD. They don’t retroactively rename existing groups.

2. Options Available

You can define:

  • Prefix or Suffix: Fixed strings or Azure AD attributes (e.g., [Department], [Country]).
  • Blocked Words: A custom list of restricted words (e.g., “CEO”, “Admin”).

🖥️ Using Azure AD Admin Center

🔗 Navigate to: Azure Portal > Azure Active Directory > Groups > Naming policy

  1. Click + Naming policy.
  2. Add your desired prefix and suffix using:
    • Static strings like "GRP-".
    • User attributes (e.g., [Department], [Company]).
  3. Enter your blocked words list, comma-separated (e.g., CEO,Admin,HR).
  4. Click Save.

Example:

If your policy is:

  • Prefix: [Department]-
  • Suffix: -[Country]
  • Blocked Words: CEO,Admin

A user in the Sales department from Egypt trying to create a group named CEO Discussion would be forced into something like:
Sales-Discussion-Egypt and CEO would be blocked.

💻 Using PowerShell

For more flexibility, use PowerShell with the AzureAD module:

powershellCopyEdit# Connect to Azure AD
Connect-AzureAD

# Set naming policy
Set-AzureADDirectorySetting -Id <SettingID> -DirectorySetting @{
    "PrefixSuffixNamingRequirement" = "[Department]-[GroupName]"
    "CustomBlockedWordsList" = "CEO,Admin,HR,Finance"
}

To get or create a directory setting template:

powershellCopyEdit$template = Get-AzureADDirectorySettingTemplate | where {$_.DisplayName -eq "Group.Unified"}
$setting = $template.CreateDirectorySetting()
New-AzureADDirectorySetting -DirectorySetting $setting

⚠️ Important Notes

  • The policy applies only when users create groups — not admins via PowerShell or backend APIs.
  • Group names are validated during creation only, not during renaming.
  • Azure AD attributes used must be populated for the user creating the group; otherwise, they’re omitted.

🧪 Test Your Policy

Always test naming policies with test accounts before applying to your production environment. Incorrect configurations can lead to unexpected naming behavior or user frustration.

Implementing a naming policy is a simple yet powerful step to improve Microsoft 365 governance. It reduces clutter, enhances discoverability, and keeps your environment clean and compliant.

Start small, evaluate the naming patterns in your organization, and apply policies gradually. With Azure AD’s built-in tools and PowerShell capabilities, you can strike the right balance between control and flexibility.