Group in Azure AD

• In Azure AD, groups are a collection of Active Directory objects
• The group can include users, computers, other groups, and other AD objects
• The administrator manages the group as a single object
• Group helps to provide access rights to multiple users - you can assign a set of access permissions to all the members of the group

Group types

• Security:
  • Used to manage member and computer access to shared resources for a group of users
  • A security group can have users, devices, groups and service principals as its members
• Microsoft 365:
  • Provides collaboration opportunities by giving members access to a shared mailbox, calendar, files, SharePoint site, and more
  • This option also lets you give people outside of your organization access to the group
  • A Microsoft 365 group can have only users as its members
• Details: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal#group-types

Membership types

• Assigned: Add specific users to be members of this group and to have unique permissions
• Dynamic user: Use dynamic membership rules to automatically add and remove members
• Dynamic device: Use dynamic group rules to automatically add and remove devices
• Details: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal#membership-types

Create group

• Go to : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview
• Group > ‘+ New Group’
• Fillup parameters > Create

Details: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal