ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Azure AD Management

How to set up self-service group management in Azure AD

Self-service group management is a feature of Azure Active Directory (Azure AD) that allows users to create and manage groups within your organization’s directory. This can be a useful way to delegate group management tasks and reduce the workload of your IT team. In this article, we’ll take a look at how to set up self-service group management in Azure AD.

Step 1: Enable self-service group management

To enable self-service group management, follow these steps:

  1. Sign in to the Azure portal.
  2. Navigate to the Azure AD blade.
  3. In the left menu, click “Groups.”
  4. Click the “Settings” tab.
  5. Under “Group management,” toggle the switch to “On.”
  6. Click “Save.”

Step 2: Set group owner permissions

Once you’ve enabled self-service group management, you’ll need to specify which users or groups have the ability to create and manage groups. To do this, follow these steps:

  1. In the Azure portal, navigate to the Azure AD blade.
  2. Click on the group you want to set permissions for.
  3. Click the “Owners” tab.
  4. Click the “Add owner” button.
  5. Select the user or group you want to grant ownership to and click “Select.”
  6. Click “Assign.”

Step 3: Set group member permissions

In addition to setting group owner permissions, you can also specify which users or groups have the ability to join groups. To do this, follow these steps:

  1. In the Azure portal, navigate to the Azure AD blade.
  2. Click on the group you want to set permissions for.
  3. Click the “Members” tab.
  4. Click the “Add member” button.
  5. Select the user or group you want to grant membership to and click “Select.”
  6. Click “Assign.”

Step 4: Set group expiration settings (optional)

If you want to set expiration settings for your groups, you can do so by following these steps:

  1. In the Azure portal, navigate to the Azure AD blade.
  2. Click on the group you want to set expiration settings for.
  3. Click the “Settings” tab.
  4. Under “Group expiration,” toggle the switch to “On.”
  5. Specify the number of days until the group expires and click “Save.”

With self-service group management enabled, users in your organization will be able to create and manage their own groups within the Azure AD directory. This can be a useful way to delegate group management tasks and reduce the workload of your IT team.

Interested in know how Azure AD groups work? Follow the embedded link.

Related posts
Azure Active DirectoryAzure AD Management

How to implement app registration in Microsoft Entra ID

Azure Active DirectoryAzure AD Management

How to register apps using Microsoft Entra ID

Azure Active DirectoryAzure AD Management

How to implement device enrollemnt via Microsoft Intune

Azure Active DirectoryAzure AD Management

Manage Identities in Microsoft Entra ID

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.