Azure Active Directory (Azure AD) groups have several settings that can be configured to manage access and permissions for users and resources. Some of the settings available for Azure AD groups include:
Group type
Azure AD groups can be created as one of two types: security or distribution. Security groups are used to manage access to resources, while distribution groups are used for email communication.
Group members
You can add or remove members from an Azure AD group by selecting the group and then managing the members through the Azure AD portal, PowerShell, or Microsoft Graph API.
Group owners
You can assign one or more owners to an Azure AD group to manage the group’s settings and members.
Group settings
You can configure settings such as the group’s name, description, and visibility (private or public).
Dynamic membership
You can configure dynamic membership rules to automatically add or remove members based on certain criteria such as user attributes or group membership.
Group expiration
You can set an expiration date for an Azure AD group, after which the group will be deleted and its members will no longer have access to the group’s resources.
Group roles
You can assign roles such as owner, member, or guest to users in an Azure AD group.
Group Policies
You can apply policies to groups of users, for example, to enforce multi-factor authentication or password expiration.
It’s important to note that not all settings are available in all Azure AD editions, for example, the Azure AD Business edition doesn’t have the dynamic membership feature.