Archiving Microsoft 365 Groups (and Teams) with PowerShell

Keep Groups and Teams Online, But Stop User Access

Chapter 13 of Office 365 for IT Pros is where we tackle the subject of how to use PowerShell to manage Microsoft 365 Groups and Teams. For the last two versions, we’ve included a script to demonstrate how to archive a group at the end of its useful lifetime, such as when a project finishes.

The script works by removing all the current owners and members and replacing them with a single owner/member, which we’ll call the compliance manager. The script also removes the group from address lists and hides it from Exchange clients to make sure that users can’t browse to find it and updates the SMTP address and display name to show that the group is archived.

The idea is to keep the group and its resources online in a state where eDiscovery can still find information easily and the group can be resuscitated quickly if necessary. Teams has a menu option to archive a team by making it read-only. This is essentially the same, but the approach works for all groups.

Archiving Groups at the End of The Academic Year

We received a request through the Microsoft Technical Community for a script that could archive 600 teams at the end of an academic year. When you think about it, archiving the teams (groups) used for classes is something that schools and universities probably must do each year.

Everyone loves the chance to revisit old code (don’t they?). In response, we’ve updated the script (you can download a copy from GitHub) and will include it in the August update for the Office 365 for IT Pros (2021 edition) eBook.

Script Steps

The updated script:

• Makes a collection of groups to be archived. The script searches for groups marked with “Archive” in the CustomAttribute1 property. This code could be replaced by reading in a set of groups from a CSV file using the Import-CSV cmdlet.
• Replaces the current members and owners with a user identified in the script in the $AdminAccount variable. This might be an account created specially to manage archived groups.
• Creates a new primary SMTP address of the group in the form OldAddress_archived@domain. Replacing the address stops email arriving to the group.
• If your tenant uses Sensitivity Labels to control group settings, you need to define a sensitivity label to assign to archived groups. This should be a label that marks the group as private and restricts guests.
• The group settings are updated to make it inaccessible (not discoverable) through Exchange clients and Teams.

Everything that the script does is logged and output to a CSV file (Figure 1 shows the output as piped to the Out-GridView cmdlet).

The script uses the Exchange Online PowerShell module and you must connect with a tenant admin account to be able to update group settings.

Extract, Review, and Process

An approach which might be easier to take when processing hundreds of groups (as in at the end of a school term or academic year) is to:

• Extract details of groups and write them to a CSV file.
• Review the CSV file in Excel and remove groups that you want to keep (not archive).
• Use the updated CSV file as input to the script.

For example, this code finds groups and creates a CSV file for review:

After editing the CSV file (Figure 2) to remove the groups you don’t want to archive and saving the file, we can then replace the call to Get-UnifiedGroup in the script with:

The rest of the code in the script is unaltered.

Finding Inactive Groups and Teams for Archiving

If you’re not in an education environment, you could use the same approach to archiving Groups and Teams. In this case, you could run the Groups and Teams Activity Report to find underused or inactive groups to archive.

As with everything in PowerShell, you can update the code as you like to fit the circumstances of your tenant. Have fun!