10 ready-to-implement PowerShell scripts to make AD management easy!

Get your copy now
Azure AD Management

How to set up self-service group management in Azure AD

February 10, 2023

Self-service group management is a feature of Azure Active Directory (Azure AD) that allows users to create and manage groups within your organization’s directory. This can be a useful way to delegate group management tasks and reduce the workload of your IT team. In this article, we’ll take a look at how to set up self-service group management in Azure AD.

Step 1: Enable self-service group management

To enable self-service group management, follow these steps:

  1. Sign in to the Azure portal.
  2. Navigate to the Azure AD blade.
  3. In the left menu, click “Groups.”
  4. Click the “Settings” tab.
  5. Under “Group management,” toggle the switch to “On.”
  6. Click “Save.”

Step 2: Set group owner permissions

Once you’ve enabled self-service group management, you’ll need to specify which users or groups have the ability to create and manage groups. To do this, follow these steps:

  1. In the Azure portal, navigate to the Azure AD blade.
  2. Click on the group you want to set permissions for.
  3. Click the “Owners” tab.
  4. Click the “Add owner” button.
  5. Select the user or group you want to grant ownership to and click “Select.”
  6. Click “Assign.”

Step 3: Set group member permissions

In addition to setting group owner permissions, you can also specify which users or groups have the ability to join groups. To do this, follow these steps:

  1. In the Azure portal, navigate to the Azure AD blade.
  2. Click on the group you want to set permissions for.
  3. Click the “Members” tab.
  4. Click the “Add member” button.
  5. Select the user or group you want to grant membership to and click “Select.”
  6. Click “Assign.”

Step 4: Set group expiration settings (optional)

If you want to set expiration settings for your groups, you can do so by following these steps:

  1. In the Azure portal, navigate to the Azure AD blade.
  2. Click on the group you want to set expiration settings for.
  3. Click the “Settings” tab.
  4. Under “Group expiration,” toggle the switch to “On.”
  5. Specify the number of days until the group expires and click “Save.”

With self-service group management enabled, users in your organization will be able to create and manage their own groups within the Azure AD directory. This can be a useful way to delegate group management tasks and reduce the workload of your IT team.

Interested in know how Azure AD groups work? Follow the embedded link.

Related posts
Azure Active DirectoryAzure AD Management

Azure AD External Identities for B2C scenarios: Overview

April 13, 2024
Azure Active DirectoryAzure AD Management

How to resend Azure AD invitation to guest user?

April 11, 2024
Azure Active DirectoryAzure AD Management

Master Azure AD automation with Microsoft Graph PowerShell

April 11, 2024
Azure Active DirectoryAzure AD Management

Elevate access for Azure subscriptions and group management

April 11, 2024
×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.