[CoIT-Security] FW: Adding Custom Banned Words for Office 365 Group Creation
CoIT Security
coit-security at lists.onenet.net
Thu Sep 13 12:02:31 CDT 2018
I thought this was an interesting addition to our repertoire of defense tools against misuse of the O365 groups. Banned words lists for O365 group creation. We are banning "bad words" as well as terms related to business operations like bursar, admissions, financial services, etc. etc.
Jesse is a systems administrator on our team and assembled this documentation from a couple of blogs as the info from Microsoft is not very complete at this time.
Rob
Rob Greggs
Acting Vice President for IITS
Oklahoma City Community College
7777 S. May Ave.
Oklahoma City, OK 73159
O: 405.682.7877
F: 405.688.3900
rgreggs at occc.edu<mailto:rgreggs at occc.edu>
Die dulci freure
From: Uffen, Jesse P.
Sent: Thursday, September 13, 2018 11:34 AM
To: Greggs, Rob <rgreggs at occc.edu>
Subject: Adding Custom Banned Words for Office 365 Group Creation
Adding custom banned words to O365 Groups names was talked about in the Community Hours call a few months back. I wanted to get this setup asap after we enabled Teams for students and after seeing an increase of compromised student accounts. Global admins and a few other administrative roles can bypass the filter if needed.
The cmdlets needed are available in the AzureADPreview powershell module:
https://www.powershellgallery.com/packages/AzureADPreview/2.0.1.18
I used these two blog posts for guidance:
https://drewmadelung.com/managing-office-365-group-using-azure-ad-powershell-v2/ - Used to configure group settings in our tenant.
https://drewmadelung.com/office-365-groups-naming-policy/ - Configuring custom blocked words.
A quick basic guide using powershell cmdlets from the blogposts I linked and my own experiences:
Connect-AzureAD - Connect to your tenant
Get-AzureADDirectorySetting | ForEach Values - View your current settings
$settings = Get-AzureADDirectorySetting | where-object {$_.displayname -eq "Group.Unified"} - Put your settings policy into a variable
$settings["CustomBlockedWordsList"] = "HR,Contoso,Payroll,CEO,CFO,CIO" - Configure the values for the custom blocked words list in the variable we created above
Set-AzureADDirectorySetting -Id $settings.Id -DirectorySetting $settings - Apply the settings
Get-AzureADDirectorySetting | ForEach Values - You should now see the updated values when you view your settings
To make it easier, I created a text document with all of my banned words (separated by commas) and put that content into a variable so I did not have to type out my list every time I made a change. When I set the custom blocked words list setting I pointed to the variable.
$badwords = get-content <filepath of txt file>
$settings["CustomBlockedWordsList"] = $badwords
Jesse
Jesse Uffen
Systems Administrator
405.686.6214
Juffen at occc.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20180913/ea83dac6/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: O365 group creation policy info.txt
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20180913/ea83dac6/attachment.txt>
More information about the CoIT-Security
mailing list