SharePoint & OneDrive · Advanced Management
Restricted Site Creation Manager
Configures which users and apps can create SharePoint and OneDrive sites. Uses allow or deny mode with security groups.
Scope: Organization-wide site creation policies
Permissions
- User restrictions - Allow/deny groups for site creation
- App restrictions - Allow/deny third-party apps for site creation
- Site types - Configure policies per site type (Team, Communication, OneDrive)
- PowerShell management - Full Set/Get-SPORestrictedSiteCreation access
Common use cases
- Preventing site sprawl
- Controlling shadow IT
- Centralizing site provisioning
- Meeting compliance requirements
Best practices
- Start in deny mode with specific groups blocked
- Document approved site creation processes
- Combine with site design templates
- Monitor site creation audit logs
Security considerations
- Restricting in SharePoint doesn't restrict Teams or Groups creation
- Users may create sites through other paths (Teams, Groups)
- Overly restrictive policies reduce productivity
- Need consistent policy across M365 services