Configuration of Subdomain And Manage Who Can Create Teams.

When working with Teams in Microsoft 365, it’s very easy for your users to create teams. This can lead to many unnecessary teams and maybe some inappropriate ones for your organization.

Another problem when working with teams is that whenever you create a new team the name takes up the potential use of a shared mailbox, distribution list, or even a user mailbox.

Let’s say you want a shared mailbox called “Sales@yourdomain.com”, you can’t do that if one of your users has created a team called “Sales” because it will use sales as the username / email address.

To address these issues you can use the following methods.

Creating A Subdomain Called “teams.yourdomain.com”

By using this method you will be able to have a team called “Sales” and a sharedmailbox called “Sales” as well.

Go to your Microsoft 365 Admin Center and access domains under settings and click “Add Domain”

Choose “Add Domain”

Type in your desired subdomain for all of your future Teams.

Type your subdomain. “Teams.yourdomain.com”

Add the provided DNS record to your DNS for your domain. Make sure that you’re using the Teams hostname in front of your domain when entering the records so you don’t change anything regarding your primary domain.

Make sure “Exchange” is ticked on.

When you have added the required DNS records you can now click continue and the domain Setup should be complete.

Change Existing And Future Teams Prefix.

Now that we have added the subdomain to our tenant and it’s ready to use, we can now start adding the “teams.” prefix to our existing Teams and all future Teams.

Start by connecting to “Exchange Online PowerShell” and run the following command to change all existing Teams prefixes to your newly created teams prefix.

Remember to change “Yourdomain”

For all future Teams created you can run the following script to change that as well.

Create A Security Group For Creating Teams.

Now that we have fixed one of our issues, its time to address the user creation of random Teams and limit the creation of teams to a certain group of people based on Azure security group.

Note: Make sure you have installed the “AzureADPreview” module.
Install-Module AzureADPreview

Connect to AzureAD Powershell and run the following code.
This can take a couple of minutes to take effect on your tenant.

Source: Creation of groups script by microsoft.

After running the script above and waiting a couple of minutes, you will now experience that only the members of the “ACL_Teams_Create_Allow” security group are allowed to create Teams.

Feel free to add your IT department or specific users to the group.

We have now accomplished the following.
– Created a subdomain for Teams.
– Changed all existing Teams SMTP address to our new subdomain.
– Set all future Teams created to use our new subdomain.
– Created a group that allows certain members to create Teams.

If you have any questions / feedback or would like to correct me on any of the stuff above, please use the comment section or contact me directly using the blue button in the bottom right corner.

1 thought on “Configuration of Subdomain And Manage Who Can Create Teams.”

Leave a Comment