Microsoft 365 group expiration policy

With the increase in usage of Microsoft 365 groups, administrators and users need a way to clean up unused groups. Expiration policies can help remove inactive groups from the system and make things cleaner.

When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, team, etc.) are also deleted.

When a group expires it is "soft-deleted" which means it can still be recovered for up to 30 days.

Administrators can specify an expiration period and any inactive group that reaches the end of that period, and is not renewed, will be deleted. The expiration period begins when the group is created, or on the date it was last renewed. Group owners will automatically be sent an email before the expiration that allows them to renew the group for another expiration interval. Teams users will see persistent notifications in Teams.

Groups that are actively in use are renewed automatically. Any of the following actions will auto-renew a group:

  • SharePoint - view, edit, download, move, share, or upload files.
  • Outlook - join group, read or write group message from the group, and like a message (Outlook on the web).
  • Teams - visiting a teams channel.

Important

When you change the expiration policy, the service recalculates the expiration date for each group. It always starts counting from the date when the group was created, and then applies the new expiration policy.

It's important to know that expiration is turned off by default. Administrators will have to enable it for their organization if they want to use it.

Note

Configuring and using the expiration policy for Microsoft 365 groups requires you to possess but not necessarily assign Azure AD Premium licenses for the members of all groups to which the expiration policy is applied. For more information see Getting started with Azure Active Directory Premium.

Who can configure and use the Microsoft 365 groups expiration policy?

Role What they can do
Global admin (in Azure, the Company administrator), User administrator Create, read, update, or delete the Microsoft 365 groups expiration policy settings.
User Renew or restore a Microsoft 365 group that they own

How to set the expiration policy

As noted above, expiry is turned off by default. An administrator will have to enable the expiration policy and set the properties for it to take effect. To enable it go to Azure Active Directory (AAD) > Groups > Expiration. Here you can set the default group lifetime and specify how far in advance you want the first and second expiration notifications to go to the group owner.

The group lifetime is specified in days and can be set to 180, 365 or to a custom value that you specify. The custom value has to be at least 30 days.

If the group does not have an owner, the expiration emails will go to a specified administrator.

You can set the policy for all of your groups, only selected groups, or turn it off completely by selecting None. Note that currently you can't have different policies for different groups.

Screenshot of Groups expiration settings in Azure Active Directory

How expiration and renewal work

The expiration policy works as follows:

  • About a month before expiration, the system will check to see if there has been any group activity since the group was created or since the beginning of the current renewal cycle.

  • If prior activity is detected, then the expiration date is advanced at that time by the number of days specified in the expiration policy.

  • If prior activity is not detected, the system will continue to watch for activity until the expiration date. If activity is detected, the system will advance the expiration date by the specified amount at that time.

30 days before the group expires, the group owners (or the email addresses that you specified for groups that don't have an owner) will receive an email allowing them to easily renew the group. If they don't renew it, they'll receive another renewal email 15 days before expiration. If they still haven't renewed it, they will receive one more email notification the day before expiration. (Once the group has been renewed, no further email reminders are sent until 30 days before the new expiration date.)

Group owners will be notified via email. If the group was created via Planner, SharePoint, or any other app, the expiration notifications will always come via email. If the group was created via Teams, the group owner will receive a notification to renew through the activity section. It's not recommended that you enable expiration on a group if your group owner doesn't have a valid email address.

If for some reason none of the owners or admins renew the group before it expires, and automatic renewal does not occur due to the group not meeting the requirements to be automatically renewed, the admin can still restore the group for up to 30 days after expiration. For details see: Restore a deleted Microsoft 365 group.

How expiry works with retention policies

If you have setup retention policy in Security and Compliance center for groups, expiration policy works seamlessly with retention policy. When a group expires, the group's conversations in mail box and files in the group site are retained in the retention container for the specific number of days defined in the retention policy. Users will not see the group, or its content, after expiration however.

Overview of retention policies

Assign a new owner to an orphaned group

Configure Microsoft 365 groups expiration

Activity-based automatic renewal