Does this mean that "settings" are stored on the server and not in Azure AD? When these cmdlets are run, they prompt for account with GA rights, so was expecting that these values are stored in Azure AD ( tracked/audited for changes).
"cmdlets can be audited on the local server", refer to PowerShell module logging / process creation?
Have raised a MS support case and the initial response was we (MS) don't audit/track changes done to these settings. After explaining the reasons, support engineer says will check with peers/next level and provide an answer. If I hear something, will update this post.