Creating an All-Employees Team (in Microsoft Teams)

The Need to Communicate with Everyone

Recently, I’ve been chatting with people about the way to create an All-Employees team. Literally, this is a team whose membership is composed of everyone in a tenant, something that only works if your organization has less than 2,500 people, which is the upper limit for team membership. If your organization is larger than 2,500, perhaps Yammer is the better choice for an All-Employees forum – or split your discussions across multiple departmental teams.

In any case, creating a new All-Employees team is easy with PowerShell. The script below:

• Gets the Office 365 tenant name and uses it to create a displayname for the new team.
• Creates a new team.
• Creates a list of user mailboxes. It’s important to filter the mailboxes as there’s no point adding shared or room mailboxes to the team. I use Get-Recipient to fetch a list of mailboxes because it’s faster, but you could use Get-Mailbox too.
• Adds all the mailboxes as members of the team. A check is done to stop us adding the account that created the team because it’s already a team member (and owner).
• Hides the new team from Exchange clients.
• Sets group properties so that members can’t create or remove channels, tabs, or apps.

$Tenant = (Get-OrganizationConfig).Name
$Tenant = $Tenant.Split(".")[0]
$TeamName = "All-Employees ("+$Tenant+")"
$NewTeam = (New-Team -DisplayName $TeamName -Alias AllEmployeesTeam -Description "All-employee team" -AccessType Public)
$Mailboxes = (Get-Recipient -RecipientTypeDetails UserMailbox -ResultSize Unlimited)
$Owner = (Get-TeamUser -GroupId $NewTeam.GroupId -Role Owner)
# Add all the mailboxes except the owner, who's already there
ForEach ($M in $Mailboxes) {
If ($M.WindowsLiveId -ne $Owner.User) {
Add-TeamUser -GroupId $NewTeam.GroupId -User $M.WindowsLiveID -Role Member}
}
Set-UnifiedGroup -Identity AllEmployeesTeam -HiddenFromExchangeClientsEnabled
Set-TeamMemberSettings -GroupId $NewTeam.GroupId -AllowCreateUpdateChannels $False -AllowDeleteChannels $False -AllowCreateUpdateRemoveTabs $False -AllowCreateUpdateRemoveConnectors $False -AllowAddRemoveApps $False

Some More Work To Do

There are some gotchas to be aware of. First, there’s no PowerShell command available yet to restrict posting in the General channel, so you’ll have to set this restriction manually if you want to limit General posts to owners.

Second, the script creates a basic team and there’s some work to do to set up channels, tabs, and apps to customize the team and make it seem right for members.

Third, you should add some more owners because it’s likely that a busy all-employees team will need some moderation.

Last, there’s no automatic addition of new employees to the team once it’s set up. You’ll have to add new employees manually or add some code to the process you use to create new Office 365 accounts.

Dynamic Groups

Another approach to consider when you have large memberships to manage is to use a Dynamic Office 365 Group. I’ve had good experiences with dynamic groups, and have some dynamic teams working, but Microsoft recently blocked the ability to team-enable dynamic groups. They promise that this feature will come in time. When it does, remember that this is an Azure Active Directory premium feature, so you’ll have to pay more for those licenses.

More Scripts in the Book

This is an example script from Chapter 14 of Office 365 for IT Pros. The sheer number of practical and useful PowerShell examples is a great reason to buy the book. For more information about using PowerShell with Teams and Office 365 Groups, see Chapter 14.