CODEWITHSUNDEEP
sharepoint-online
Bryan Schmiedeler
Bryan Schmiedeler

Reputation: 3137

Disable all site creation except for a certain group

I want to lock down site creation to a certain group of admin suresh. We have created a group for this, but what do I tell the SharePoint Admin to do in order to achieve this?

Upvotes: 0

Views: 126

Answers (1)

Gautam Sheth
Gautam Sheth

Reputation: 2500

To lock down site creation, you basically need to run a few PowerShell commands as below using Azure AD PowerShell. Run them commands with Global admin priviledges.

I am assuming that you have created an Azure AD group with certain users who will have access to create the site.

$creds = Get-Credential

Connect-AzureAD -Credential $creds

$group = Get-AzureADGroup -All $True | Where-Object {$_.DisplayName -eq "ENTER GROUP DISPLAY NAME HERE"} 

$policySetting = Get-AzureADDirectorySetting | where-object {$_.displayname -eq "Group.Unified"}

if($policySetting -eq $null) {

    $template = Get-AzureADDirectorySettingTemplate | Where-Object {$_.DisplayName -eq "Group.Unified"}

    $settings = $template.CreateDirectorySetting()

    $settings["EnableGroupCreation"] = $false

    $settings["GroupCreationAllowedGroupId"] = $group.ObjectId

    $policySetting = New-AzureADDirectorySetting -DirectorySetting $settings
}
else{

    $policySetting["EnableGroupCreation"] = $false

    $policySetting["GroupCreationAllowedGroupId"] = $group.ObjectId    

    Set-AzureADDirectorySetting -Id $policySetting.Id -DirectorySetting $policySetting
}

Links:

Installing the Azure AD module

Code modified from - Managing Office 365 group creation using Azure AD PowerShell v2

Upvotes: 1

Related Questions