# Create and manage an appropriate Microsoft group for Teams app

When using the Teams app, the best practice approach for scoping access to users
is to use one of these options:

 1. Global: if any Teams user from your organization might use Arist in the
    future, we highly recommend using the default Global Policy already provided
    by Microsoft. In this case, there is no need to create an additional
    grouping, and this step can be skipped.

 2. Microsoft M365 or Security Group: create or identify a group for all Arist
    users excluding non-person accounts (e.g. Calendars, Booking Rooms). Many
    customers leverage an already existing group that fulfills this requirement
    (e.g. "All Employees").
    
    This will be used both for the Teams pre-install, as well as the Arist User
    Sync. This will be used For more information on how the groups are used by
    Arist, see how the user sync feature works
    [https://help.arist.co/article/1100-how-to-sync-teams-users-through-arist-web-ui].

The group chosen should contain the entire population of desired Arist users.
User segmentation can then be done from within Arist by creating "Cohorts",
after the full Teams integration is complete.


HOW TO CREATE AND MANAGE A FRESH M365 GROUP

The following video demonstrates how to create your Teams-enabled M365 Group,
and optionally how to bulk upload members into your group via CSV.



Typically, IT administrators will first set up the M365 Group on behalf of a
non-technical Arist administrator, and then assign them the ability to add and
remove users from that group.



--------------------------------------------------------------------------------



--------------------------------------------------------------------------------