#330 - Mastering Group Management with Microsoft's David Johnson

Feb 10, 2025

David Johnson, Principal PM Architect at Microsoft who governs Microsoft 365, Entra, and SharePoint at scale. He talks group types and membership management. He covers guest definitions, lifecycle and reattestation. He explains labeling, data protection, and how AI like Copilot changes permissions and governance.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Delegate Group Creation With Guardrails

Do let employees create Microsoft 365 groups and sites to avoid convoluted nesting and reuse mistakes.
Require labeling, naming rules, and expiry policies on creation and enforce owners so resources are accountable and short lived.

ADVICE

Automate Post Creation Hygiene

Do enforce group hygiene after creation using automated scans, notifications, and deletion if owners don't act.
Use Azure jobs and post-provisioning checks to require second owners and remove stale groups (restorable within 30 days).

ADVICE

Collect Naming And Labels At Creation

Do enforce naming conventions, block word lists, and require labels at group creation across all UI entry points (Teams, Outlook, SharePoint).
Let people create in‑product but collect metadata upfront so automated policies can act consistently later.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

In this episode of the Identity at the Center Podcast, hosts Jeff and Jim dive deep into group management, AI, and organizational governance with David Johnson, Principal PM Architect at Microsoft. Join the conversation as David shares his extensive experience managing Microsoft 365, Entra, and SharePoint permissions, and provides best practices for guest management and labeling sensitive data. David also discusses how these paradigms shift with the introduction of AI-driven tools like Copilot. Tune in to understand the essential steps to secure your IT infrastructure and ensure efficient data management.

Chapters

00:00 Introduction to AI and Permissions00:29 Reflecting on SharePoint Innovations00:59 Group Membership Management01:49 Podcast Introduction and Baseball Talk04:25 Upcoming Conferences and Discount Codes08:19 Interview with David Johnson12:40 Managing Microsoft 365 Groups24:29 Understanding Guest Invitations in Microsoft Environments25:09 Defining Guests and Their Access26:45 Common Mistakes in Guest Setup28:22 Lifecycle Management for Guests29:53 Delegated Authority and Guest Management32:28 SharePoint and Teams Integration38:50 Future Trends in Identity and Access Management43:29 Reflections on Microsoft Leadership45:16 Personal Insights and Travel Tips49:22 Conclusion and Farewell

Connect with David:https://www.linkedin.com/in/david-johnson-a12909196/

GMM GitHub repo is available to the public: Https://github.com/microsoftgraph/group-membership-management-tenant

Learn more or for installation support: Contact GMM inquiries atGMMinquiries@microsoft.com

Conference Discounts!

Gartner IAM Summit - CodeIDAC425 saves 425€:https://www.gartner.com/en/conferences/emea/identity-access-management-uk

European Identity and Cloud Conference 2025 - Use codeidac25mko for 25% off:https://www.kuppingercole.com/events/eic2025?ref=partneridac

Identiverse 2025 - Use code IDV25-IDAC25 for 25% off:https://identiverse.com/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web athttp://idacpodcast.com