Skip to Content

MC275349: Settings allow users to create groups in Azure portal have been improved

The Azure Active Directory settings that control how users can create security and Microsoft 365 groups have been updated. In the Azure portal, if you set either Security Groups or Microsoft 365 Groups to No, your settings may have been updated to Yes. Please validate these settings are correct for your tenant.

MC275349: Settings allow users to create groups in Azure portal have been improved

Affected Workloads

  • Identity Service

Here are the previous settings:
The Azure Active Directory settings that control how users can create security and Microsoft 365 groups have been updated.

Here are the new settings:
The Azure Active Directory settings that control how users can create security and Microsoft 365 groups have been updated.

  • The previous settings, when set to No, would still allow users to create groups in PowerShell and APIs and other portals, but not in Azure portals. To ensure this setting is honored consistently across the Azure portals, PowerShell, and API, we introduced an updated setting.
  • The new settings, when set to No, will not allow users to create groups in Azure portals, PowerShell, or via the API.
  • The new settings, when set to Yes, will allow users to create groups in Azure portals, PowerShell, and via the API.

Starting in May 2021, there was a transition period of a few weeks where you could select your preferred default values before the new settings took effect. If you did not specify your preferred default values during this transition period the new settings were set to the previous API settings. If you had previously set these values to No in the Azure portal, these values may have been reset during the implementation if the API settings still allowed users to create groups.

How this will affect your organization

These new settings control how users are allowed to create security and Microsoft 365 groups in Azure portals, as well as PowerShell and API.

What you need to do

Follow these steps to ensure these new settings are appropriate for how you would like groups to be managed in your organization.

  1. Sign in to the Azure portal as Global Administrator or Privileged Role Administrator.
  2. Navigate to Azure Active Directory > Groups > Settings General.
  3. Verify and, if necessary, update the following settings:
    • Security Groups: Users can create security groups in Azure portals, API or PowerShell
    • Microsoft 365 Groups: Users can create Microsoft 365 groups in Azure portals, API or PowerShell

Learn more

Message ID: MC275349
Published: 03 August 2021
Updated: 03 August 2021

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.