So you were correct @rsp
if they (the role) is not defined as “Not set” in the new user/member role permissions it is not executed but they remain enabled. After I changed to “Disabled” the "magic" happened.
I think I might ran into an issue with my configuration of the role permission as I am seeing this warning message:
Does anyone of you guys know with permission that controls 2FA and the ability to edit it, (On user level - e.g. so they can configure it for their own user)?
Also I cannot get the “Group email inbox” to be displayed in the users account:
Emails are set to enable in the “executive role” which I made:
However if I add the user as a “System administrator” the group inbox does show up:
which I find a bit odd, but I suppose that has to do with permissions? 
Also allow users to use the group inbox (In inbound email admin settings), does not seem to do a difference:
Am I missing something here/ done something wrong with the configuration too?
Thanks in advance
Kind regards