Forum Discussion

narayan225's avatar
narayan225
Copper Contributor
Mar 04, 2025

Hidden Group and Hidden Group Membership

Hi everyone!

I have come across a requirement where the client would like to use an excel spreadsheet, a service account and application registration to manage group membership for a confidential group.

They would like to create a group from which the members cannot leave, see other team members and cannot see the group itself.

Now, I have the concept of the flow with me but for the life of me, I cannot get around to finding/configuring a group that meets the requirement.

Have you guys come across this sort of scenario?

Group Configuration:

  • Users should not be able to view the group
  • Users should not be able to view members of the group
  • Users should not be able to leave the group

Thanks in advance.

admin
collaboration
compliance
data loss prevention
Distribution Group
exchange
Identity
microsoft 365
microsoft 365 admin center
Microsoft 365 Apps for enterprise
  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Mar 04, 2025

    How about this:

     

    • Excel Spreadsheet: Use an Excel spreadsheet to manage the group membership. You can create a list of members and their details in a hidden sheet. To hide a sheet, right-click on the sheet tab and select "Hide". To unhide it, right-click on any sheet tab and select "Unhide".
    • Service Account: Use a service account to manage the group membership. This account can be used to run scripts or automation tasks that update the group membership based on the Excel spreadsheet.
    • Application Registration: Register an application in your Azure Active Directory (AAD) to manage the group membership. This application can be granted the necessary permissions to read and update group memberships.
    • Group Configuration:
      • Hidden Group: To create a hidden group, you can use Azure Active Directory (AAD) to create a security group and set its visibility to "HiddenMembership". This will hide the group membership from non-members.
      • Prevent Leaving the Group: To prevent users from leaving the group, you can use a combination of AAD policies and PowerShell scripts to enforce group membership. For example, you can create a script that periodically checks the group membership and re-adds any users who have left the group.
    • Automation: Use PowerShell scripts or Azure Logic Apps to automate the process of updating group membership based on the Excel spreadsheet. These scripts can be scheduled to run at regular intervals to ensure that the group membership is always up-to-date.
    • narayan225's avatar
      narayan225
      Copper Contributor
      Mar 04, 2025

      Kidd_Ip 

      Hidden and Private groups hide the members from non-members. However, I am looking for a solution in which the members of the group cannot see other members. As it is a confidential group. It is only necessary for grouping them but not for collaboration.

      Hope you understand the requirement. 😊🙂

Resources