MT.1055 - Microsoft 365 Group (and Team) creation should be restricted to approved users.
Overviewā
This test checks if Microsoft 365 Group creation is restricted to approved users.
By default, all users in the tenant can create Microsoft 365 Groups. This can lead to group sprawl, security risks and compliance issues.
Creating groups should be restricted to users who have undergone training and understand the responsibilities of group ownership, governance and compliance requirements.
Remediation actionā
Unfortunately, Microsoft 365 does not provide a user interface to restrict group creation. However, you can restrict group creation to approved users by using PowerShell.
Follow the link below to restrict Microsoft 365 Group creation to approved users:.
Related linksā
Test Metadataā
| Field | Value |
|---|---|
| Test ID | MT.1055 |
| Severity | Medium |
| Suite | Maester |
| Category | Group |
| PowerShell test | Test-MtGroupCreationRestricted |
| Tags | Group, Maester, MT.1055 |
Sourceā
- Pester test:
tests/Maester/Entra/Test-Groups.Tests.ps1 - PowerShell source:
powershell/public/maester/entra/Test-MtGroupCreationRestricted.ps1