Skip to main content

Articles in this section

Print

Microsoft Teams Certification Review

  • Updated

Microsoft Teams Certification Review

Rule description

This rule returns Teams based on the specified query and then sends a request to the Teams owner(s) to certify the Teams membership, continued existence, or both.

For more details about group certification, review the Configuration of Group Membership and Team Certification article.

When to use this rule

Without proper periodic control, Microsoft 365 may become polluted with an excessive amount of Teams. One of the solutions to keep the growing number of Teams under control is to enforce their attestation and certification process. Certification is a process when Team owners review and certify that the Team itself and its membership are correct and current.

Use this rule when you need the Teams' owners to check or certify:

  • Team existence

  • Team membership accuracy

  • Both the Team existence and Team membership accuracy

You can run a certification review for all Teams or only for Teams that have external members.

NOTE: In case a replication group is configured in your environment, Cayosoft recommends running certification rules on the publisher for better performance.

Rule settings

Query section

Setting name Description

General Settings

  • Display Name starts with

  • Email starts with

Specify the search query to identify Teams included in the certification process. 

Archived teams

Specify if archived teams should be included in the rule scope.

  • No file access for more than (days)

  • No new posts for more than (days)

NOTE: To apply these filters you should run at first the Analytics collection | Teams Usage rule.

Specify the number of days during which the Team didn't access the files or didn't write new posts.

 

Certification period (days)

Specify the certification period in days. The default value is 'Every rule execution creates a new certification task per group'.

By default, the certification rule execution schedule defines the certification period. A new certification task is created for each group on every rule execution. You can set the desired certification period in days if you want to run the rule more frequently than the certification period. The rule would ignore groups with pending or completed tasks within this period.

So, if the default value is used, every time the rule runs new certification items will be created.

if the number of days is specified, then the rule does not create any new certification items for a group with a pending or completed certification item state within the specified number.  When the specified number of days passes, the new certification items will be created again when the rule runs.

Other Query Settings

Members filter

Specify if you want to run the certification review for:

  • All Teams in the rule scope.

  • Teams with at least one guest member.

  • Teams with guest members only.

In this case, the Team will be sent to certification if it has no other members than guests.

Properties to display

Each object property defined in this setting matches the column that will be displayed in the Web Portal for this web query.

To display additional columns, add the required properties to the Properties to display list.

Filter

 

Set the filtering conditions to hide unwanted data based on criteria not supported in the Query criteria setting.

Example: filter by the found object Distinguished Name.

TIP: For optimal performance, use the Query criteria setting above to filter objects whenever possible.

Sort by

Sort result object list.

Initialization script

Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule.

Due to the PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where the initialization script can help. You can initialize a global variable in this setting and then use it in query criteria.

IMPORTANT: To use a variable, declared in the initialization script, in the query scope, it must be global: $global:<variable name>.

Example: Update AD users, created in the last ten days.

  1. Add this initialization script

    Copy
    {$global:DatePeriod = (Get-Date).AddDays(-10)}

  2. Use the $DatePeriod variable in the query criteria builder:

Output Section

This section defines the output format of this rule.

To get more information about this section, please see the Rule Output section article.

Enforce/Schedule section

This section defines the schedule for how often to run the rule.

To get more information about this section, please see the Rule Enforce/Schedule section article.

© Copyright 2013-2026 Cayosoft Inc. All rights reserved.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top

Related articles

Comments

0 comments

Please sign in to leave a comment.