Admins can block a specific user from deleting tasks in Microsoft Planner that they did not create. This article will explain the necessary steps to prevent tasks from being deleted.
Apply the Policy for Blocking User Accounts
Planner uses the Microsoft 365 Groups membership model, which means that all group members share equal access to group services, such as group programs. The default, therefore, allows anyone in the group to delete any activity in the system. The lack of a recycling bin, trash can, or other rescue solution to allow the planner to restore accidentally deleted tasks is one of the reasons why you want to control some of the removal tasks, especially in large and complex programs.
Until recently, I never realized that it is possible to block people who don’t create tasks from deleting tasks. But administrators can use the Set-PlannerUserPolicy cmdlet to provide an account-blocking policy. For example:
Set-PlannerUserPolicy -UserAadIdOrPrincipalName pranau@example.com BlockDeleteTasksNotCreatedBySelf $True
The planner editor uses a server block policy, so it works fast. Blocked users can also update tasks, including marking them as complete.
The block works in all functions. There is no way to allow someone to remove tasks from all programs except a few selected programs.
To check the user blocking status, use the Get-PlannerUserPolicy cmdlet:
Get-PlannerUserPolicy -UserAadIdOrPrincipalName pranau@example.com | fl
You need to download the Planner PowerShell module from Microsoft to use Set-PlannerUserPolicy and Get-PlannerUserPolicy cmdlets. Because it only wraps up the Graph API code, the module works in a weird way, as described in this post
Blocking bulk users
If you want to set a blocking account for bulk accounts, a simple loop does the trick. This code uses the Get-ExoMailbox cmdlet to find all mailboxes for users and sets a block for their accounts:
What Happens a user tries to delete a job?
When a user is prevented from deleting tasks that they did not create, any attempt to delete jobs they did not create fails. User information varies slightly from client to client.
Deleting from the Planner Browser UI first appears to be active at first (Delete option still available). However, after a short delay, the work returns when the planner realizes that he should not have allowed the deletion to occur. The re-emergence of a deleted job is kind of fun until you understand what’s going on.
The same thing happens with the board view of the Tasks by Planner app and Performance in Groups. However, when you use the list view, the application flags the error and fails to delete the function (Figure 1).
The longest delay between an attempt to undo activity and a recurring task is in the Performance mobile client. This may be due to some sync delay. Initially, the removal task is active, but after a few minutes of delay, the task appears again.
Undoing User Block Policy
To undo a user blocking policy, restore the False (default) setting:
Set-PlannerUserPolicy -UserAadIdOrPrincipalName pranau@example.com -BlockDeleteTasksNotCreatedBySelf $False