Demistifying Microsoft Groups: 5 Keys to Successful Group Management

Microsoft Groups have been used for securing resources and providing membership abilities for more than three decades, before AD even early NT 4 Domains with local groups on servers.  With the advent of Azure AD and the Office 365 Cloud, the newer Microsoft 365 groups have evolved beyond the on premises groups to provide not only access control for files, email distribution and resources, but also security boundaries including the one of the newest features in Teams the information barriers which give you the ability to isolate one group of people from another including their ability to even see them or collaborate with them in the user interface. It’s more important than ever to have a hybrid strategy to manage your groups.

>> Register for a free educational webinar with Joel Oleson on “Demystifying Microsoft Groups: 5 Keys to Successful Group Management on June 2nd. More details below.

Microsoft Groups are used for these main uses:

  • Identity Based Security Perimeter including providing employee only access to internal resources
  • Membership and Access Controls including Application Authorization and SAAS Licensing
  • Email Notification and Distribution including alerts a group inbox or lists for forwarding

Four Types of Microsoft Groups

There are 4 main Microsoft groups in a hybrid environment and you will see overlap in groups between on-premises and the Microsoft cloud. In addition there is a group mailbox, but that function is primarily being replaced by capabilities in Microsoft 365 Groups with Outlook/Exchange online.

  • Microsoft 365 Groups cloud only
  • Security groups – both
  • Distribution groups – both
  • Mail enabled groups – both

You can synchronize groups, but the full sync including write back has limitations especially when discussing the Microsoft 365 group membership. We will continue to see innovation in efforts by Microsoft to make one or 2 way sync better, but it has a long way to go. Much of this is leveraged by AD contact objects internally which prevent access inadvertently being shared from cloud to on-premises.

Microsoft Group Management

Management of Groups in hybrid involved a number of different Admin interfaces.  In your on premise environment you’re using Active Directory and Exchange or even better… PowerShell.  In the cloud you have more options including Azure Active Directory, Microsoft 365 Admin center, Exchange Admin Center.  For policies on the groups you might find yourself using Teams Admin Center and Security and Compliance center.  Microsoft Graph is a great way to script or automate Microsoft 365 group changes.  Think of PowerShell for wide sweeping service wide changes across multiple groups and Graph for granular narrow changes such as changes on a large group. Microsoft Graph is only available in the cloud while PowerShell is available in both cloud and on premises. 

Delegation of rights and management is often provided to the owners while membership itself can be dynamic based on AD user attributes or rules.  These dynamic membership based groups can be configured both on premises and in the cloud with Microsoft 365 groups.  Identity is synchronized with Azure AD Connect.  Various single sign on and MFA solutions are supported for authentication and ensuring a good user experience both at work and remote including mobile support.

5 Keys to Successful Group Management:

Define your Hybrid Group Management Strategy for Service Wide Governance and Security.  There are changes that should only be made in one environment or the other.  Those that think they should simply sync all changes both ways are missing out on zero trust security positioning.  There are often differences with sensitive data internal where those groups should not be synchronized to the cloud.  Governance is not just about security.  Consider naming strategies, usage, reporting, and auditing.  Ownership and policies around lifecycle.

Plan Self Service or IT Led with Oversight  The goal should be self service with oversight, but for some services you may decide to have support desk manage membership.  Smaller companies may use IT support or have IT or HR in the lifecycle or approval process.  Service desk can be burdened for simple membership that could better be managed by the group owner.  Think full lifecycle.   Dynamic groups are the best as it will ensure attributes determine who should have membership.  There are tools that provide identity and access management including membership.  Groups delegation is important but along with it comes responsibility and accountability. 

Provision your Groups with lifecycle membership in mind.  Gather additional metadata including owner, secondary owner, department, location, and other contextual data.  Imagine the owner leaves, the situation you need to avoid is orphaned groups on sensitive data.  It’s chaos to have groups without proper ownership and management.  Relying on the support desk to understand management is asking for trouble if they don’t know who should be a member. 

Audit your groups usage and lifecycle periodically.  We need to ensure that groups never become orphaned (no owner) and we also need to ensure that groups membership is valid, and that its existence still valid.  If a group should be removed, that’s what needs to happen.  Ideally these audits should be as automated as possible with pressure on owners to do the validation and attestation.

Archive or Delete Unused Groups – There’s nothing worse than stale groups giving people rights that they should no longer have.  Even when a group has no members doesn’t mean it isn’t a threat.  It could be used to gain access to resources.  The more groups the greater the chance for mistakes to be made.  You should be not only auditing the groups, but regularly deleting, archiving, and cleaning up the mess.  Dynamic groups are a great way to go to focus on ensuring membership is valid based on rules, but also ensuring owners are regularly reviewing their group.  Do they still need it?  This shouldn’t be a once in a lifetime type question. 

Enjoy the infographic. Feel free to download it blog about it, share it. It is created with creative commons sharealike license. You can download the high resolution printable PDF “Microsoft Groups Demystified: 5 Keys to Successful Group Management” on slideshare or the the JPG version of “Microsoft Groups Demystified: 5 Keys to Successful Group Management.” Love to hear your feedback on social media or in the comments.

Groups are powerful, and yet most companies struggle with management and see self service group management as identity chaos with security nightmares.  Tools such as Cayosoft can help you get a better handle on your hybrid group management strategies.  Keeping groups transparent and understood across the organization as a responsibility and accountability is the most important key to successful group management. 

Join me on a webinar where we can dive into this topic for an hour with Q&A sponsored by Cayosoft.

Free Webinar: Microsoft Groups Demystified: 5 Keys to Successful Group Management

>> Register Now

When: June 4th at 2pm Eastern Time / 11am Pacific Time

Speakers: Joel Oleson, MVP & RD, Director at Perficient and Robert Bobel, CEO of Cayosoft, Hybrid expert

Description: How are you handling Microsoft groups as you adopt more and more of the cloud? What should you do with your DLs? For hybrid environments, legacy groups can be a real struggle, and most organizations leave security groups in place while creating new ones in the cloud. Double the groups can mean double the frustration.

Join us for this webinar, where we’ll explore the history of security groups and distribution lists and dive deep into how best to approach users and strategies for on-premises and cloud group coexistence and synchronization. We’ll also explore the new Teams Information Boundaries and Unified Labeling and classifications to paint a clearer picture of security and classification in Microsoft 365. 

This session will take comprehensive look at Microsoft “Groups end to end” and work to cover some common groups questions:

  • What about lifecycle and cleanup? 
  • Policy & Naming standards?
  • Is write-back an option? 
  • How do I sync my groups? 
  • What can I do for coexistence and hybrid?
  • I want to copy my on-prem groups can I do that?
  • Can I setup my groups as dynamic or rule-based in the cloud (and potential additional costs)? 

>> Register Now

7 Innovative ways Project Cortex Delivers Business Value Infographic

Project Cortex

Understanding Microsoft Project Cortex

Project Cortex applies AI to automatically organize your content.  It delivers innovative experiences with Topic cards, Topic pages, and both knowledge and content centers across the productivity tools of Office 365 including Teams, SharePoint, Outlook and Office apps.  It has features and tools that enhance the experiences you use everyday to connect experts to the data and capturing knowledge in innovative enhancements based on AI in ways never possible before.

If you’re one of the thousands of people looking to wrap your head around Project Cortex this is the right place.  Maybe you understand it at a high level, but struggling with how to “sell” this transformative tool to the business.  You know it’s a worthwhile investment, but can you say this is what you should be focusing on right now. 

What is Project Cortex?

Project Cortex has many components and features in it’s AI tentacles of reasoned and gathered insights and providing highlighted topics, but the two main components of these AI based Knowledge services are first the Knowledge Center based on AI “Machine Learning” and second the Content Center based on AI Machine Teaching models, classifiers and extractors which allows humans to train the AI to improve content extraction and enable business automation.  The third component is reinforcement which is an important components to both sides of this AI “brain.”  Reinforcement supports seeding topics through acronmys, taxonomy, and new topics.  The administrative interfaces of Project Cortex are designed for managing what it looks at including blocked topics, blacklisted or whitelisted content areas, and an interface for reviewing the recommended topics. 

This infographic and article was written to help you understand the business value of Project Cortex and hopefully arm you with easy ways to explain it.  Our companion webinar on June 2 will dive into each of these business value statements.

7 Innovative Ways Microsoft Project Cortex Delivers Business Value

  1. Empower teams with knowledge and expertise in the apps you use everyday.  Imagine being able to open up a document and have references back to explanations, other documents and experts who have a deeper level of knowledge and understanding!  Everyone benefits when you can find answers without getting up from your desk to go find someone.  The power of connecting topics like acronyms to a knowledge center of content is brilliant.
  2. Advanced Artificial Intelligence to harness collective knowledge.  AI is super powerful, it scales, it reasons, and gets better and better over time at extracting, grouping, filtering, clustering and ultimately building an incredible knowledge center of topics that can be tapped by the organization.  With very little human interaction, AI will gather and automate so much of what can be automated and Project Cortex gives us the connections and tools to get at the semi structured content that is scatered across our data, collaboration, storage and content services repositories.
  3. Connect people to knowledge and knowledge to people. Features built into Project Cortex help build ontologies and models, it knows how to group and cluster knowledge into a knowledge graph built to extend the Microsoft graph of people.  It helps cluster the data into recommended Topics on Topic pages with experts, files, definitions, questions and answers.  What it’s doing is helping make it easier to find answers to the questions you never knew you had.  It provides contextual knowledge providing context clues in the productivity tools and one click answers including experts and data in a knowledge center backed by an enhanced knowledge graph and topic pages that are easy to use and designed to evolve over time like a wiki.
  4. Streamline business processes with security, compliance, and automation.  With the powerful content center, the business teaches the AI about the incoming data and content types of the organization.  It learns to classify and model data through machine teaching and training.  Powerful extractors and classifiers help extract fields, metadata, and structured content enabling business processes to be automated in ways never possible right in the Microsoft 365 platform where much of this data already lives.  Power Platform tools such as PowerApps, Power Automate and Power Virtual agents can be used to streamline business processes for approvals, forms, applications, custom actions, and real engagement.  
  5. Discover information across topics platforms and connected data. As Project Cortex is looking at changes it has the ability to leverage trends, popularity, connections to help you keep on top of the topics that mean the most to you.  You can follow Topics and be aware of what’s happening in new ways only possible through AI.  The Microsoft graph has been extended to help connect not only files, objects, usage and activities, but expertise, topics, knowledge and relationships through ontologies which are easy to navigate and discover incredible insights on Topic pages.
  6. Empower organizational agility, drive efficiencies and cost savings. A better connected organization is able move more quickly, it is able to be more transparent and work in the open.  Through new capabilities as the workstreams are more automated, the business is able to make decisions faster eliminating waste and enabling cost savings opportunities through knowledge that is gathered.  An organization can work more closely together and be more aware as silos of information are broken down through transparency and knowledge sharing in context.
  7. Automate extraction and tagging improves search and discovery based on seeding topics from your taxonomies.  It is true that metadata makes content more easy to find, filter and group.  Taxonomies help us organize our content.  Humans are very bad at tagging.  They are inconsistent and yes, it’s a pain! They don’t want to do it.  AI is very good at tagging and it is very consistent.  The good news it gets better and better and a good taxonomy is the best medicine for ensuring a happier and healthier Project Cortex.  You can seed the taxonomy, acronyms, and even directly add new topics into the knowledge center.  Populating these is   a best practice that helps help provide a more intelligent AI which improves search and a stronger ontology to work from which starts adding value even faster.   

Project Cortex has a lot going on as the biggest thing happening in Microsoft 365 this year.  It’s the culmination of a lot of technology innovation and integrates across all of the major workloads.  It has promise to add the ability to add additional compliance as it classifies and extract content, it has the ability to boost business productivity and ramp up new employees looking for contextual clues in content.  There’s so much in this package that adds real differentiation.  This is knowledge management on steroids while democratizing AI and making it more accessible to all.  Project Cortex is poised to reinvent business process automation with the Power Platform while infusing knowledge into the tools we use everyday. 

Here’s the infographic in full form.

Project Cortex Infographic

Download the 7 Innovative Ways Project Cortex Delivers Business Value infographic as a JPG or the Project Cortex Infographic as a PDF. Feel free to use this infographic in your efforts to help your business understand Microsoft Project Cortex. It’s creative commons share alike with attribution.

Join us on the upcoming Free Project Cortex webinar

Webinar: 7 Innovative ways Project Cortex Delivers Business Value

>>Register Now

Project Cortex applies AI to automatically organize your content.  It delivers innovative experiences with Topic cards, Topic pages, and both knowledge and content centers across the productivity tools of Office 365 including Teams, SharePoint, Outlook and Office apps.  It has features and tools that enhance the experiences you use everyday to connect experts to the data and capturing knowledge in innovative enhancements based on AI in ways never possible before.

What is Project Cortex?  What value does it provide?  What can AI do for my business?  If you’re either trying to wrap your head around project Cortex or simply trying to understand the business value, this webinar is for you!

When: June 2nd at 11am PDT/12pm MDT/1pm CDT/2pm EDT/7pm BST/8pm CEST

>> Register Now!

Speaker: Joel Oleson

Sponsored by WAND

Free Microsoft Virtual Events and training

Welcome to the new normal. Looks like we might be here for a while. I’ve had a few friends complain about cancelled events and many saying they were disappointed they didn’t reschedule as virtual. I’ve got a surprise for you. This new normal is settling in and we should cosy up with our virtual selves. There are a variety of webinars, summits, SharePints, even open mic social and upcoming virtual events I want you to be aware of.


Webinar: Gain Control of Microsoft Teams Chaos

While the benefits of Microsoft Teams for collaboration are clear, it’s difficult for IT and service owners to manage the sprawl including lifecycle provisioning, security and compliance.

Join Microsoft MVP and Office 365 expert Joel Oleson and Cayosoft founder and hybrid management expert Robert Bobel for key insights to help you navigate the chaos of Microsoft Teams.

>>Register for the April 15 free webinar

Webinar: Microsoft’s Project Cortex and the Future of Knowledge Management

Join Us As We Examine Project Cortex

  • What is Project Cortex?
  • How does incorporating AI and automation change the game?
  • What can you do to prepare?

Register Today

Webinar: Accelerate Adoption & Change Management for Remote Work With Teams

Microsoft Teams Summit Virtual Event 

(Full day full agenda)

When: April 20


9:00 am – Empower Your Organization with Teams Remote Work Crisis Management & COVID-19 – Joel Oleson & Ron Jones

10:30 am – Accelerating Adoption and Change Management for Teams for Remote Work – David Chapman

11:30 am – Measuring Teams Adoption and Success with PowerBI and TyGraph – Ed Senez

12:00 pm – Virtual Lunch Break and Socializing

1:00 pm – Securing Teams with Microsoft 365 Security for Remote Work – Mark Doberstein

2:00 pm – Best Practices for Microsoft Teams & Network Performance for Remote Work – Trevor Miller

3:00 pm – Closing Keynote: What’s New and Coming for Microsoft Teams – Michelle Gilbert, Microsoft


Fancy a #SharePint? Every Thursday at 5.

No alt text provided for this image


Microsoft 365 Virtual Marathon

Microsoft 365 Virtual Marathon is an online, 36 hour event happening May 27-28 2020. We will have sessions going the whole time with speakers from around the globe. This event is free for all wanting to attend. Come join us as we talk about the many different pieces of Microsoft 365.

Free for all attendees. We will be coordinating with sponsors to help cover expenses of running this event and for prize drawings and donation to COVID19 nonprofit to be announced.

Microsoft 365 Virtual Marathon is a joint effort with SPC and members of the Office 365 community.

We will have keynotes from Microsoft Jeff Teper, Bill Baer, Naomi Moneypenny and Jon Levesque and more… in addition to hundreds of sessions from thought leaders and members of the community from around the world.

>> Registration is available at

>> Call for speakers, open till May 1st 2020, can be found on sessionize

Past but not forgotten:

Microsoft Teams Day (available on demand)

Keynote on Microsoft Teams Strategy COVID19 Frontline worker & Work From Home Strategies:

Modern Workplace Sessions:

Microsoft Crisis Management Response Templates and Remote Work Resources for Coronavirus #Covid19

Virtual Events & Training

The Microsoft teams have been releasing some super cool quick and easy solutions. Microsoft has been doing some really helpful things and my intention is to help give visibility to multiple efforts which may have been overlooked or missed across multiple blog posts or tweets from a variety of different product teams. Not only that but Microsoft has made Office 365 E1 free for 6 months, and has been highlighting the freemium version of Teams. The Power Apps team has made the otherwise premium version of notifications free during the crisis as well. Microsoft has really been doing amazing things to help serve the community and the world in this crisis. I highly recommend starting by reading Microsoft CVP Jared Spataro’s “Our commitment to customers during COVID-19.”

Crisis Communication Power Platform Template

– The solution is inspired by a rapid response app built by Schlumberger. This combines capabilities of Power Apps, Power Automate, Teams, and SharePoint. It can be used on the web, mobile or in Teams.

Key features include:

  • Employees can report their work status (e.g., working from home) and make requests. This helps managers coordinate across their teams and helps central response teams track status across an organization.
  • Admins can use the app to push news, updates, and content specific to their organization, and can provide emergency contacts specific to different locations.
  • The app includes the ability to add RSS feeds of up-to-date information from reputable sources such as WHO, CDC, or a local authority.

Microsoft Announced: “As part of this effort, we are also giving all Power Apps users temporary access to a premium feature, Power Apps Push Notifications, so you won’t need any premium licenses to use Power Apps to push information to users. We have reclassified Push Notifications as a standard connector for the duration of the COVID-19 crisis.”

>>Get the Crisis Response Power Platform Template Solution

Crisis Management Site Communication Portal

How to instructions for creating a Crisis communications site. 4 Step instructions for building out the site.  1) draw wire frame content layout plan, 2) create the site from SharePoint start page, 3) edit and rearrange text, words, links, sections, layouts off of template, and 4) finalize design, content and permissions. The instructions include twitter integration for pulling in feeds, yammer integration for pulling in conversations, resource links, and much more. Here’s a snippet from the instructions:

Going left-to-right, top-down, the crisis management site uses the following web parts:

  • Hero – use this to highlight the most important, or newest, content on the site. The one in the example uses the carousel layout.
  • Text – use the rich-text editor to add and update the main intent of the site, or an important message. You can use and adjust color, font size, hyperlink and tables.  
  • Quick links – call out primary resources. These can be internal sites, pages, documents, videos, FAQs, and can be external links, too.
  • Yammer Conversations – create an associated “Crisis Management” community and take questions and manage feedback directly from the site.
  • News – publish daily and weekly news posts. They will appear here on the site and flow into everyone SharePoint start page where News from sites appear.  
  • Twitter – pull in feeds from public Twitter handles; the above example (per COVID-19) highlights @CDCgov and I also suggest: @CDCemergency & @WHO.
  • People – indicate the right people dedicated to the specific crisis. This is tied to Azure Active Directory and on-hover, visitors of the site will be able to see all their contact information.

There are a lot of good resources on this page as well at the bottom. Great resources:

>> Step by Step Resources for Building a Crisis Communications Site

Work Remotely with Microsoft Teams Guidance & Resource pages

for links for administrators, communications teams and end users. Work Remotely With Microsoft Teams

You may not know, but even companies who don’t have Microsoft today can get FREE access to Office 365 for 6 months during this crisis using the free 6-month Office 365 E1 offer or the Freemium version of Teams. Reach out to your Microsoft account team or partner if you need help. I work at Perficient and I know we’ve been working hard to help people who are looking to get up to speed quickly.

Support remote workers using Microsoft Teams

There are a ton of great resources:

>>Resources: Work Remotely With Microsoft Teams

Absence and Out of Office Monitoring Dashboard Solution in Power BI

This solution is part of the Crisis Communication Template, but could be used without the app as well.

Here’s a link to the Git Hub solution:

>>Monitor Office Absence with Power BI

Building a Crisis FAQ Bot using Power Virtual Agents

There’s a bot too! Integrate your customer support area by providing common FAQ through a bot.


Infographic: 7 Analytics Dashboards for SharePoint and Teams and Office 365 in Microsoft 365

Teams Analytics Infographic

If you’ve been looking for the best deployment and adoption dashboards and analytics in Office 365, SharePoint and Teams, this is the webinar for you.  In this discussion we’ll dive into the best Power BI charts, graphs, and dashboards that are frequently hidden in deployment and getting started kits.  Microsoft has sprinkled the Compliance and Security centers, Adoption kits, Deployment Advisors, and Admin Centers, often unintentionally well hidden behind links.  In this session we’ll walk through and expose the top 7 places where you can find these FREE Power BI analytics that you can use to track adoption and deployment. 

Analytics in SharePoint Teams and Office 365 Infographic

#1 Office 365 Power BI Usage Analytics by Workload – Many dashboards and reports.

A screenshot of a social media post

Description automatically generated
Office 365 Usage Reports by Workload

These activity reports give you Power BI dashboards for each workload.  You’ll find one for Exchange, SharePoint, OneDrive, Yammer, Skype for Business and Teams.

In your tenant go to you’ll see there are a number of reports including the following. Many of them added in the last 6 months. You can also get these and customize them in Power BI:

#2 Office 365 Deployment Advisors for Migration, Usage Adoption Planning

A screenshot of a cell phone

Description automatically generated

#3 Microsoft Teams Advisor in Teams Admin Center for Planning, Deployment, and Multi phase Approach of Project Tracking. Includes Planner plans and Admin dashboard.

4. Teams Call Analytics and Call Quality Dashboard

5. Compliance Center Classification Analytics for Sensitivity and Retention Label Usage

6. Microsoft MyAnalytics for Personal Productivity and Workplace Insights

7. Office 365 Client Management Health and Upgrade Management Dashboard

This session is sponsored by NGAGE who have created even more powerful reports, charts and graphs for tracking your Teams and SharePoint Usage, Adoption, and Deployment answering key questions that will help you in your efforts to track adoption, money saving business value, and return on investment.

Join us on the upcoming webinar where we will explore each of these analytics offerings which are included with your Office 365 or Microsoft 365 Subscription.

Title: 7 Free Analytics Dashboards for SharePoint and Teams in Microsoft 365

When: February 13, 2020 at 11am Pacific

>>Register Now!

I will be diving into some these useful Power BI charts, graphs and dashboards that Microsoft have sprinkled across multiple Admin UIs, Deployment and Getting Started kits and Compliance and Security Centers. These FREE tools will help you track adoption and deployment of SharePoint and Teams.

Before the Q&A session there will be a brief overview of NGAGE’s enterprise-class analytics products for SharePoint and Teams. These go way way beyond providing basic adoption metrics to deliver on countless use cases to help Administrators, Communicators, Knowledge Managers, Team and Site Owners be measurably more successful. Hope to see you there!!