Introduction
In Azure Active Directory (Azure AD), there are three main types of groups- security groups, Microsoft 365 groups, and dynamic groups.
Security groups
- Security groups manage access to resources and applications within an organization.
- They are typically used to grant or deny access to resources such as files, folders, printers, or applications.
- Security groups can contain users, devices, and other security groups.
- They can assign permissions and roles to users and other groups.
Microsoft 365 groups
- Microsoft 365 groups manage collaboration and communication within Microsoft 365 services such as Exchange, SharePoint, and Teams.
- They provide a shared workspace for users to collaborate on documents, communicate, and share resources such as calendars, tasks, and notes.
- Microsoft 365 groups can contain users, distribution lists, and other Microsoft 365 groups.
- They can assign permissions and roles to users and other groups.
Dynamic groups
- Dynamic groups are automatically populated based on user attributes or other criteria.
- They are typically used to automate the management of access to resources and applications.
- Dynamic groups can be based on criteria such as job title, department, location, or other attributes.
- They can assign permissions and roles to users and other groups.
Summary
Security groups are primarily used to manage access to resources and applications. Microsoft 365 groups are used for collaboration and communication within Microsoft 365 services. Dynamic groups are used to automate the management of access to resources and applications based on user attributes or other criteria.