Intune Dynamic Device Groups
Intune aka Microsoft Endpoint Manager can be extremely powerful but as it always goes with great power comes great responsibility.
To make sure I’m only targeting the devices I want, I like to make a few dynamic device groups that I’ll use for various Intune policy targeting.
The dynamic device groups I create are:
- Windows AAD Joined for all the Windows devices joined to Azure AD.
- Windows Hybrid AAD Joined for all the Windows devices that are hybrid joined to Azure AD.
- Windows AAD Registered for all the Windows devices that are registered to Azure AD this is typically BYOD (Bring Your Own Device).
- Windows Personal for all the personal Windows devices.
By creating these groups I can correctly target my Intune policies to always have the intended outcome.
Here are the dynamic membership rules I use for the dynamic device groups.
…