After my recent post “You Can’t Disable Office 365 Groups”, I received feedback from a few people, specifically Elaine Van Bergen, Martina Grom and Joe Stocker that some editing controls have been added in through the tenant that allows Group creation to be disabled in the Office 365 tenant, and that these controls affect all of the user interfaces that can create groups. The procedure is outlined here, and Martina offers her insight on it here . I was a little disappointed that I had missed these newer controls earlier, but quite happy about the discussion that the original article started. It brought to light some of the confusion around this feature. In addition, it also highlights the fact that Office 365 Groups are about far more than just conversations, they are the bedrock of all Office 365 services moving forward.
Having said that, and having tested these new controls, I have a few observations to make about disabling Groups.
Much of the feedback that I received of my original article was “Good, they shouldn’t be disabled anyway, they’re too important”. To be sure the other side of that argument was heard from as well, but I tend to side with the former. For me at least, the group construct represents real value. It is a trade-off between ease of use and control to be sure, but as a container, it’s easy to understand, and relatively easy to work with for end users. The concerns around Groups are focused on governance, and those concerns are valid. If anyone can create a group anytime, and there is not process for organizing or classifying them in place, they can quickly get out of hand, producing islands of information all over.
The new management controls allow for a single security group (not an Office 365 group) to define those that can create Groups. Groups created by these members are available to all, but only these members can create new Groups. Only one security group can be flagged for group creation, so it’s an all or nothing proposition for these group members.
The article above walks through the process of creating these controls through PowerShell with the Microsoft Azure Active Directory Module for Windows. There are a couple of quirks when walking through this process. I found that the article itself contains a typo, the PowerShell command “Get-MsolCompanyInfo” should actually be “Get-MsolCompanyInformation”. In addition, when downloading the module itself, the 188.8.131.52 Preview version is required.
One would think that the GA version (184.108.40.206) would include everything necessary, but one would be wrong. I made the mistake of trying to use that version and I hit a wall. You need the preview version.
The Azure Active Directory management area in the new Azure portal also allows for the management of group creation rights. I was unable to use the interface to initially set these controls, but once set, the controls were reflected in the user interface, and it’s possible to manage them. Azure Active Directory management is still in preview in the new portal, so presumably this will improve at GA. The controls can be found in the Azure Active Directory blade under Users and Groups – Group Settings.
Like their predecessor, these controls don’t remove the option to create a group from the client interfaces. Once the “Create” option is selected, the user is usually notified that this will not be possible. In one case, it simply fails. The following are the different messages that users will receive when they try to create a new Group but are prevented from doing so.
Outlook Web Access
Ideally, the create option would simply be removed from the user interface, but at least these interfaces prevent the user from filling out details before failing with one notable exception. When a new Group Workspace is created in Power BI, the operation simply fails, and the user isn’t notified as to why. It almost seems as if the Power BI team wasn’t notified that these new controls exist.
The remaining workload that is (ok – will be) integrated with Groups is Yammer. With Yammer, when a Yammer Group is created, a corresponding Office 365 group will be created, and kept in sync with the Yammer group construct. This will ultimately be where Yammer notes and files are stored (via OneNote and OneDrive – basically SharePoint) as well as the group calendar (in Exchange). However, according to this Microsoft support article, if Office 365 Group creation is disabled, then the Yammer groups will not be Office 365 connected.
It therefore is now possible to prevent users from creating Office 365 Groups. This will be important to large organizations while they formulate an adoption strategy for Groups, but formulate it they should. Just because Groups can be disabled, it doesn’t mean that they should. Groups are by their very nature a compromise between usability and manageability, and centralizing creation tips the scales on the side of manageability. We’ve had this for a long time with classic SharePoint, and the usability of Groups is what’s so exciting from an adoption standpoint. Almost all innovations in the Office 365 space are now centered on Groups – they are the new foundational unit, and by ignoring them, you miss out on much of the future enhancements.
Caution is certainly advised, but it’s a good idea to move forward with a Groups strategy. Now.
Note – Since originally publishing this post, I have been made aware of some new management tools that will allow the ability to disable group creation by default. As opposed to modifying this post, which contains other observations, I have published a new one dealing with these new tools here.
As I’ve discussed before, Office 365 Groups are a very important feature in Office 365, and one that all organizations using Office 365 should fully understand as soon as possible. Groups are either required or they provide important capabilities for every product in the Office 365 stack. However, every organization has a different tolerance for change, and some have no tolerance for it at all. In addition, there are many aspects of Groups that are still a work in progress (navigation for example). A frequently asked question is “how do we turn off Groups?”. There’s nothing in the Office 365 Administration interface in either the Groups, or the Services & Add-ins sections.
What these approaches do is to adjust the Outlook Web Access policy that controls the creation of Office 365 Groups. At its core, an Office 365 Groups is just a type of Azure Active Directory Group, one with multiple services attached to it. When Groups were first introduced, the only way of creating them was through the Azure Active Directory interface, PowerShell and through Outlook Web Access (OWA). The first two methods require an administrative level of access, so enabling and disabling this feature in OWA effectively disabled it for end users. An end user can still see the Group creation controls, but any attempt to create a new group is met with a dialog informing them that this feature is disabled.
Since Groups were first introduced, there have been several significant changes as more Office 365 services embraced the Groups structure, and others have been introduced that rely on it.
When the “new” Power BI was introduced in mid 2015, its Sharing story relied heavily on Office 365 Groups. Each Group receives a Power BI workspace, and conversely each new Power BI workspace is a Group. Given that end users can create and to some extent manage the workspace directly in the Power BI user interface, it represents an alternate Groups management tool focused on the end user.
Creating a new Group in Power BI
Microsoft Planner, launched in mid-2016 is another product that relies on the availability of Groups. For the most part Planner stands on its own, with minimal ties to the rest of the Office 365 stack. Each Plan contains multiple tasks, but under the covers, each Plan is backed by an Office 365 Group, with all the rest of the available services. Creating a new plan in Planner creates a new Group, and everything that goes with it, even though the interface doesn’t make it very clear. You’re getting far more than just a plan.
Creating an Office 365 Groups (aka Plan) in Planner
With the release of Modern Team Sites in SharePoint, SharePoint is also very tightly bound to Office 365 Groups. Before this release, creating a new team site through the SharePoint interface or through the SharePoint administration interface created a classic SharePoint site collection. Doing so now also creates a group to go along with it (again, with everything that goes along with that) and all the access to the new Team Site (a site collection) is controlled through membership to that Group. The SharePoint interface for this makes it very clear as to what is happening – “Lets create a new team site and group”.
Creating an Office 365 Group from SharePoint
It is still possible to create a SharePoint site collection that is not bound to a group through the SharePoint administration interface. Modern team sites (the site collections created through the SharePoint user interface) don’t appear in the SharePoint administration interface at all.
The Outlook 2016 rich client also has a comprehensive set of group management features. A group can be created by right clicking on the “Groups” node in the Outlook mailbox, and once created can be fully managed by the “Home” tab in the ribbon.
Creating a new group in Outlook 2016
Managing a group in Outlook 2016
There are now 5 different way for end users to create and in some cases, manage their Office 365 groups. The original Outlook Web Access interface, and now Outlook 2016, Planner, SharePoint and Power BI. The processes outlined above for disabling group creation prevent group creation from Outlook Web Access, but what effect do they have on these new interfaces? The answer is, no effect whatsoever. Whether the “GroupCreationEnabled” OWA policy has been set to false or not, these other interfaces will still be able to create and work with Office 365 Groups. This may not be surprising as Power BI, Planner, and now even features of SharePoint are dependent on the Groups infrastructure.
I have not called out Microsoft Teams above. It is true that Teams is also dependent on the Groups infrastructure, and that creating a new team will create a new group. Where Teams differs from the other dependent services is that the creation of a new Group in one of the other interfaces does not automatically create a new Team. In addition, Teams itself must be enabled by an administrator, meaning that for this additional service, Groups creation can be controlled centrally.
In the very near future, Yammer will also become Groups dependent. Creation of a new group in Yammer will spin up a corresponding Office 365 group, which will be used to store the files and notes available in Yammer. These groups will be flagged as “Yammer managed” meaning that they will not appear in the Outlook interfaces, but they will be available to all the other services that utilize groups.
The bottom line of all this is that even if you use Office 365, and you think that you have disabled Groups in your tenant, the chances are that you could be in for a surprise. If any of these dependent services are in use, the chances are that you already have several created.
Groups are the bedrock of all new features in Office 365 moving forward – it is therefore a good idea that your organization understand them as soon as possible. Their inevitability is also another strong argument for paying close attention to them. If you are currently discussing whether or not they should be used, I would strongly encourage you to shifting that discussion to how they should best be used.
When Microsoft Teams was announced at the beginning of November 2016, I posted an article that attempted to explain the different social networking products available from Microsoft and the advantages/disadvantages of each. Since then, it has become apparent to me that there continues to be a lack of understanding about what Groups are, what they bring to the table, and where they fall short. This post is an attempt to help clear up some of that confusion.
To begin with, Groups isn’t a product in an of itself, it’s an infrastructure. Specifically, an Office 365 Group is a specific type of group in Azure Active directory. That’s it. They have a few properties, and they contain members, but outside of Office 365 administration or Azure Active Directory admin, there’s really nothing to look at. What is unique about them is that the Office 365 services are becoming increasingly tied to them, and creating one of these groups will provision multiple artifacts in multiple Office 365 services.
The value of Groups is really in the workloads and services that they tie together. This is where it starts to get a bit confusing. The way that I see it, there are currently 9 workloads (team sites, file storage, group inbox, enterprise social, group chat, notebook, plans, calendar, and report workspace) offered by 6 different services (SharePoint, Outlook, Yammer, Microsoft Teams, Planner, and Power BI). Arguably, Group inbox, enterprise social and group chat could all be considered conversation spaces, but my earlier article makes the case for considering them separately. Also, Skype for Business is notable by its absence, but I consider Teams to be the logical successor to Skype for Business.
A summary of the different workloads, and the services that offer them can be seen below.
This is a description of the various workloads offered by the component services, and it’s relatively straightforward. The only overlaps (if my earlier assertions about the different types of social are accepted) are group inbox services being offered by both Outlook and Yammer. Since Groups created and managed by Yammer will be kept distinct from other groups, this shouldn’t be the source of too much confusion.
The picture gets a little murkier however when we talk about the way that users will interact with groups, which is through a client application of one form or another. All the constituent services have at least one client application that interacts with Groups, and several of these overlaps significantly. A full understanding of Groups includes an understanding of all the available clients.
When an Office 365 Group is created, a Modern SharePoint Team site, which is a SharePoint site collection gets created along with it. This site collection is home not only to the Group’s team site, but to its OneDrive file storage, and to its Notebook (via OneNote). The SharePoint home page is focused on site collections, with Group site collections being called out specifically. From here one can search for Groups, pin favourite Groups, access recently used Groups, and access Groups deemed important by the tenant administrators.
SharePoint has two different clients that touch Groups – the standard web interface and SharePoint mobile. As noted above, SharePoint supplies 3 of the core Group workloads so the SharePoint interface is inherently well integrated. In addition to the native interface, the SharePoint web part framework lends itself to further integration, and indeed there are already two Modern web parts that have emerged that tough other Group workloads. The Yammer web part, which is available today in first release brings enterprise social into the SharePoint interface, and the upcoming Power BI allows the embedding of reports into SharePoint pages.
Groups can be created and managed directly in the SharePoint interface, and group conversations are accessed though a Group conversations link. Now, this launches the Outlook Web App to access the inbox, but when Yammer Group integration is rolled out, it will launch into Yammer for Yammer managed Groups.
The SharePoint mobile application is full fidelity, and modern web parts work with it. Thus, the SharePoint mobile app has all the same touchpoints that the browser interface does with one exception. It is currently not possible to add or manage Groups in the SharePoint mobile app.
There is currently no integration of Group chat (Teams), Plans, or the group calendar in either the browser or the SharePoint mobile client.
SharePoint UI integration with Groups
The Outlook web application was originally the only place to go to create Office 365 Groups. Management of Groups is therefore its strong suit and is provided natively. The Group inbox and the Group calendar are also both provided by Outlook (Exchange) and the web client reflects that. The Outlook clients are currently the only tools that allow these two workloads to be accessed natively. In addition to these native workload, the browser client provides contextual like to open the Group Team site, OneNote, OneDrive, and the Group Planner. There is currently no integration between the Outlook browser client and enterprise social (Yammer), Group chat (Teams) or Power BI workspace.
The rich Outlook client included in Office 2016 has almost full feature parity with the browser client. The only difference is that is does not currently provide links for opening the Group Team site, or Planner.
The Outlook mobile app, available on iOS, Android and Windows Mobile is a bit of an anomaly. This client does not integrate at all with Groups. Instead, the Outlook team has published an app on these platforms called “Outlook Groups”. Given that they are known as Office 365 Groups, this name can be a bit confusing. The Outlook Groups app provides native access for the Group inbox, Calendar, and OneDrive files. It will launch the mobile OneNote app for access to Group notes, and it even allows for Group management. It is the only mobile app that allows for Groups management.
Outlook UI integration with Groups
Yammer has historically been a completely separate application, and its user interface reflects that. To date, there is no integration with Groups, but this work has been done, and it will be available shortly. An early build of the Groups integrated Yammer interface was recently demonstrated at the Microsoft Ignite conference in Atlanta.
Groups integrated Yammer client
The integration points can be seen in the right column of the UI. Initially, Yammer will integrate OneNote and OneDrive for notes and file storage respectively, and accessing the links will open the respective web applications. The “classic” Yammer files and notes will be maintained for a period and can be accessed at the top of the UI. In addition to files and notes, both Planner and the SharePoint Team site will be available directly from the Yammer interface. There is not integration at all with the Group Inbox, Group chat, Calendar or the Power BI workspace.
IT will be possible to create manage Groups and add/remove members directly from the Yammer interface. Creation of a Yammer group will spawn an Office 365 group, and while all operations will be performed in Yammer, they will be kept in synvc with the Office 365 Group. It should be noted that Groups that are created in the manner will be flagged as “Yammer managed” as opposed to “Outlook managed” and will be invisible to the Outlook clients. All the other clients will be able to see them however.
The Groups integrated mobile client has not been shown publicly yet, so we can only speculate on what it may contain. I suspect it will mirror the browser client, but for now, the only thing that is certain is that it will support enterprise social.
Yammer UI integration with Groups
Teams is the new kid on the block. It is currently available in preview form, so this analysis may be incomplete. Microsoft Teams was built by the Skype product team, and given its ability to do 1:1 conversations, as well as textual, audio and video conversations, it should logically be seen as the successor to Skype for Business. What it brings to the table for Groups is a persistent semi-threaded chat interface. Although it only provides one of the workloads to Groups, it’s UI encompasses most of them.
The Teams client is quite rich, and it provides “sub-team” management. Every team gets at least one channel (General) and additional channels can be added at will. These channels are the containers for the semi-threaded discussions, and each channel also gets its own folder in the Groups OneDrive, as well as a section in the groups OneNote. Creating a channel provisions these artifacts automatically. Any one of these channels can be extended through tabs. Tabs are a way of including content that may be relevant to the channel, and that content can be dynamic. For example, a Power BI report can be added to a new tab and it will always be up to date, or through a third party, a Yammer Group conversation can be embedded as well. Finally, connectors can be employed to automatically add relevant content to a channel’s conversation interface as it occurs – a Twitter feed is a good example of this.
Teams channel showing the associated artifacts in OneDrive and OneNote
The fact that there is already a third-party tool for embedding Yammer conversations speaks to the extensibility of the Teams client as well. Extensibility options are available for tabs and connectors.
The integration of Teams with Planner is notable as well. As I previously wrote about here, the Teams client allows for multiple planner plans to be created within not only a single Group, but a single channel. These plans are NOT available through the Planner client UI, although the resulting tasks are. I would look for this to change in the near future, but that’s the way it works today.
The Teams client (both browser and desktop – they are virtually indistinguishable) has access to the widest set of Group workloads of any client currently. This is partly due to the fact that it is brand new, and as such, is the only client that has access to the Group chats. It has native access to Group management, file storage, group chat, notebook, plans and Power BI reports. It has links to the Group’s Team site, and through third party integration, it can embed enterprise social content. The only workloads that it does not currently integrate with are the Group inbox, and the Group calendar.
The mobile client is unfortunately vastly different. The only workloads that the mobile client works with today are Group chat (as expected) and Group files (from OneDrive. Given the importance of mobile to the modern team story, I would expect this to change. However, if the SharePoint mobile client had access to the Group chat, it could provide a viable alternative.
Microsoft Teams UI integration with Groups
There is very little integration between Planner and Groups. The Planner UI obviously offers native access to Group plans, but as mentioned in the Teams section, not all the plans – only the one associated twith the root Group itself. Each Plan also offers a link to access all of the files stored in the Group’s OneDrive, and that’s where the integration ends. There is no integration with the rest of the Group workspace. The Palnner browser client is also the only client available. Inexplicably, there is no mobile client for Planner.
Planner UI Integration with Groups
Power BI makes very good use of Groups – Groups provides the optimal sharing option for Power BI. Each Group is provided its own Power BI workspace, which is a container for data sources, reports, and dashboards. All members of the group get access to all the assets contained within.
The Power BI browser client is aimed primarily at the use of the Power BI service, but does provide some integration with the other Group workloads. Groups can be created and members added from the Power BI UI (although they are referred to as Group Workspaces). Native access is obviously provided to all the Power BI assets contained within, and links are also provided to the Outlook browser client for access to the Group inbox and the Group calendar. Finally, Group OneDrive files are natively available for the storage of data sources. There is no integration with the rest of the workloads currently.
The Power BI mobile client is all about Power BI – it doesn’t integrate with any of the other workloads, aside from being able to use the Group workspaces themselves.
To summarize, the modern Office 365 Group provides the membership and access services to 10 separate workloads which are provided across six different products/services. This “Group workspace” is accessed through any of 14 different clients that provide varying levels of access to the different workloads/and services. The choice of client will depend heavily on requirements and will likely lead to a combination of clients based on capability and preference. At the moment, the most integrated browser client is provided by Microsoft Teams, and the most integrated mobile client is SharePoint mobile. A final summary is below.
Microsoft Planner went into general availability in June of 2016. It allows basic project and task management for organizational teams. Like most products in the Office 365 suite, Planner makes extensive use of Office 365 Groups, which provides membership services through Azure Active Directory, and Storage through SharePoint. Creating a new Plan in Planner is one of the ways to create and Office 365 Group – each plan gets a Group. Conversely, each Group gets a Plan.
Adding Members to a Plan – Adding to the Office 365 Group
Microsoft Teams was released into preview earlier this month, and included in Teams is very tight integration with Planner. Teams is also tightly coupled with Groups (each Team gets Group), and adding the Group’s Plan to the interface is relatively straightforward. Simply click on the “add tab” icon, and choose Planner.
And then give the plan a name and save it.
However, there’s more to it than that. From the Teams interface, it’s possible to create additional Plans. To do so, simple add another tab and repeat the process.
How is this possible? If there is a 1:1 correspondence between Groups and Teams, and a 1:1 correspondence between Groups and Plans, then there must also be the same correspondence between Plans and Teams. As it turns out, that the relationship between Groups and Plans is no longer limited to 1:1. The plans created in Teams are not (or do not appear to be) a part of the group. This can be seen if you open Planner on its own, and these plans will not appear in the “All plans” list, because this is just a list of Groups. The Group itself has a Plan associated with it, but it’s not any of the plans that are created in Teams. However, if you have tasks from these Plans assigned to you, they will appear in the My tasks list.
Conversely, in the Teams interface, I cannot find a way to have this default plan appear in the Teams interface. This is something that could be very confusing for any users that use bot the Planner ands the Teams interfaces. Given that Teams is only in preview now, I can only assume that these user interface inconsistencies will be remedied.
The bottom line to all of this is that it appears that the bulk of the work has been done to allow multiple plans in a single Office 365 Group. You simply need to use Microsoft Teams in order to access them.
“The reports of Yammer’s death are greatly exaggerated”
Shortly after Microsoft purchased Yammer in the summer of 2012, it was all that the Office division could talk about. Yammer was to replace the conversation feed in SharePoint, the entire development team would adopt the quick shipping Yammer style, and we SharePoint MVPs were told that we were all Yammer MVPs. The conversation feed did in fact replace SharePoint’s in Office 365, and hooks were added to allow it to work with on-premises SharePoint. The SharePoint team moved to a quick shipping cloud first approach, but some time around 2014, the name Yammer was used less and less. At the 2015 Microsoft Ignite conference Yammer had a presence, but it was very muted compared to previous events. At the same time, a new conversations technology appeared in Office 365 Groups that was based on Exchange.
This trend led to a great deal of speculation that Yammer was on the wane. When Microsoft goes silent on a product, it normally means the end of it (Active X, Silverlight, SharePoint Designer, Silverlight). There are notable exceptions to this (SSRS), but it’s normally the case. However, at the same time they continued to make significant investments in it, and most of these investments were architectural (move data centres, Integration with Azure Active Directory). This has sent a very mixed message to the market – why would they continue to invest (heavily) in a dead product? It was almost as if they weren’t sure what to do with it, and were hedging their bets.
The Ignite 2016 conference has removed the mixed part of this messaging. Yammer is quite clearly the social strategy for Microsoft in Office 365. One needs only to look at the attention that Yammer received at the conference. At Ignite 2015, on the show floor, Yammer had a small pedestal with a single screen. It’s significantly larger at Ignite 2016.
There were a number of freebies being handed out. I haven’t seen a new Yammer T-shirt in years, and they were being handed out by the dozens. That itself is telling, but I found the iconography to be particularly interesting.
MVP Amy Dolzine
The renewed investment extended to the social events as well. The Yammer team hosted an event .
These investments are a clear sign, but what really matters is the product itself, and this is where the rubber hits the road. Yammer is becoming more and more tightly integrated with the Office 365 suite all of the time. A lot of architectural work has been done to facilitate this. In fact, next year, Microsoft will be dropping the standalone version of Yammer, and the Enterprise license along with it, making it first class component of Office 365. One look no further that the embedded Yammer conversation views:
In context Yammer conversations embedded in a SharePoint Publishing page
The above shows threaded discussions happening within the context of the content, in this case, a SharePoint publishing page. This is accomplished through the use of the new Yammer web part, which is built with the new SharePoint Framework, and delivered in Modern SharePoint pages. This feature is not available yet, but is coming very soon. The above image is not a mock -up. In fact, if you look at a list of modern web parts in a test environment today, there are only a couple that represent integration points – two of them stand out – Power BI, and Yammer.
Yammer is now an integral part of Office 365 Groups – another topic that was well represented at Ignite. I could attempt to articulate how this works, and why it matters, but this has already been done by Naomi Moneypenny here. There is also a Microsoft blog post discussing it available here. In a nutshell, Yammer will leverage all of the other Groups capabilities including SharePoint for document storage and OneNote for Notes capture, replacing its own native storage systems. Office 365 Groups will use Yammer for threaded discussions.
The approach to Yammer is different than the one we’ve become accustomed to. Yammer is to become an integral part of Office 365 Groups, providing the social component to the excellent content experience of Groups. Yammer becomes a part of a greater whole which, in my opinion is all to the good. Yammer has often been presented and used as a standalone solution. I’ve often felt that the threaded conversations in Yammer work well, but trying to use it for content management or event management is frustrating at best. Integration points between it and Office 365 have been poor to non-existent. The Yammer Add-in for SharePoint was recently removed from the store. Yammer groups have been different than Office 365 Groups leading to a disjointed experience. This is true no longer – now there are only Groups. The same group backing a SharePoint Team site backs Yammer’s social content. Yammer will also share OneDrive, OneNote and calendars, unifying all of the non-social content.
Yammer doesn’t appear to be going anywhere anytime soon.