We have seen lot of users are creating Microsoft Teams, Planner etc and these in-turn create Office 365 groups.
Some are even test and it creates lot of unwanted data in the GAL which many users and our organization management is not encouraging.
So we have created this script that runs regularly and hide Newly created Unified groups from the GAL.
If request is received to unhide some group that can also be performed by IT Admin as script only takes care of New groups created within last 2 days.
Before implementing this solution you can do a one time hide by using below one liner on Exchange Online Shell.
Get-UnifiedGroup -ResultSize:Unlimited | Set-UnifiedGroup -HiddenFromAddressListsEnabled:$true
Download and extract the Script from below link:
Update the .ps1 powershell script variables:
Logs –> contains Transcript logs
Report –> contains the detail about groups that have been set as hidden by the script.
$SmtpServer –> relay server
$from –> as per your enviornment
$erroemail –> where errors and report will be sent.
$days –> office 365 groups created in last 2 days are selected
Run encrypt.bat to encrypt the password of the service account that will connect to Exchange online.
Ones scheduled or run via unifiedgroupshide.bat, Here is the report that will be stored in report folder as well as sent on email.
<# .NOTES =========================================================================== Created on: 3/19/2018 10:16 AM Created by: Vikas Sukhija (http://SysCloudPro.com) Organization: Filename: UnifiedGroupsHide.ps1 =========================================================================== .DESCRIPTION Hide all new Unified Groups created in last 2 days #> #############Load Functions################# $error.clear() try { stop-transcript | out-null } catch { $error.clear() } function Write-Log { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [array]$Name, [Parameter(Mandatory = $true)] [string]$Ext, [Parameter(Mandatory = $true)] [string]$folder ) $log = @() $date1 = get-date -format d $date1 = $date1.ToString().Replace("/", "-") $time = get-date -format t $time = $time.ToString().Replace(":", "-") $time = $time.ToString().Replace(" ", "") foreach ($n in $name) { $log += (Get-Location).Path + "\" + $folder + "\" + $n + "_" + $date1 + "_" + $time + "_.$Ext" } return $log } function LaunchEOL { param ( $cred ) $UserCredential = $cred $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session -Prefix "EOL" -AllowClobber } Function RemoveEOL { $Session = Get-PSSession | where { $_.ComputerName -like "outlook.office365.com" } Remove-PSSession $Session } ##########################Load variables & Logs#################### $log = Write-Log -Name "process_HideUnifiedGroups" -folder logs -Ext log $Report = Write-Log -Name "HideUnifiedGroups" -folder Report -Ext csv $collection = @() $smtpserver = "smtp.labtest.com" $from = "Automate@labtest.com" $erroremail = "Reports@labtest.com" $days = (get-date).adddays(-2) #####################userid/password################################ $userId = "SVCAccount@labtest.com" $encrypted1 = "01kgkgnjhvekwhqvknerhmvoi89326842000003660000c000000010000000d3daae27960a5fc000000000000000777fd0d62ab916e90083c0a0a2" $pwd = ConvertTo-SecureString -string $encrypted1 $Credential = New-Object System.Management.Automation.PSCredential -ArgumentList $userId, $pwd ##########Start Script main############## Start-Transcript -Path $log get-date try { LaunchEOL -Cred $Credential } catch { write-host "$($_.Exception.Message)" -foregroundcolor red Send-MailMessage -SmtpServer $smtpserver -From $from -To $erroremail -Subject "Exchange online Unified Group Hide connection Error" -Body $($_.Exception.Message) break } Write-host "Start fetching o365 groups" -foregroundcolor Green $geto365groups = Get-EOLUnifiedGroup -resultsize unlimited | where{ $_.WhenCreated -ge $days } Write-host "Finished fetching o365 groups" -foregroundcolor Green $geto365groups | Foreach-object{ $Error.clear() $mcoll = "" | select Identity, Guid, HiddenFromAddressListsEnabled $identity = $_.identity $globalidentifier = $_.Guid $mcoll.Identity = $identity $mcoll.Guid = $globalidentifier.guid Set-EOLUnifiedGroup -Identity $globalidentifier.guid -HiddenFromAddressListsEnabled:$true if ($error) { $mcoll.HiddenFromAddressListsEnabled = "Error" } else { $mcoll.HiddenFromAddressListsEnabled = "Success" } $collection+=$mcoll } $collection | Export-Csv $Report -NoTypeInformation Send-MailMessage -SmtpServer $smtpserver -From $from -To $erroremail -Subject "Hide - Office 365 Groups Report" -Attachments $Report ########################Recycle reports & logs############## $path1 = ".\report\" $path2 = ".\Logs\" $limit = (Get-Date).AddDays(-60) #for report recycling Get-ChildItem -Path $path1 | Where-Object { $_.CreationTime -lt $limit } | Remove-Item -recurse -Force Get-ChildItem -Path $path2 | Where-Object { $_.CreationTime -lt $limit } | Remove-Item -recurse -Force get-date Write-Host "Script finished" -ForegroundColor green Stop-Transcript ##############################################################################
Thanks for reading and downloading
Sukhija Vikas
Tech Wizard 
Thank you very much for your script, it is very useful!!
Would you be so kind write me, how I can schedule it into the scheduled task? (with what parameter?)
Thank you!!
Pingback: HIDE Office 365 Groups from GAL | Cloud Computers Guide