Posted in Endpoint Administrator, Microsoft 365 Administrator, MS 365 Enterprise Administrator, MS 365 Modern Desktop Administrator, MS 365 Security Administrator

Microsoft Intune Dynamic Device Groups

   October 9, 2023

Microsoft Intune Dynamic Device Groups are a powerful feature that allows organizations to automatically group devices based on dynamic criteria, such as device properties, compliance status, or membership in Azure AD security groups. These dynamic groups can be used to target specific policies, applications, or configurations to devices that meet certain criteria. Here’s a step-by-step guide for IT beginners on how to create and use Dynamic Device Groups for Windows, iOS, and Android, including functions, workflows, and usage examples.

Prerequisites:

  • An active Microsoft Intune subscription.
  • Devices already enrolled in Intune.
  • Appropriate permissions in the Microsoft Intune portal.

Step-by-Step: Creating and Using Dynamic Device Groups in Microsoft Intune

For Windows:

Step 1: Access Dynamic Device Groups:

  1. Log in to the Microsoft Intune portal (https://portal.azure.com).
  2. In the left-hand navigation pane, select “Intune” and then “Devices.”
  3. Under “Devices,” select “Device groups.”

Step 2: Create a Dynamic Device Group:

  1. Click “New group.”
  2. In the “Group blade,” give the group a name and description.

Step 3: Configure Group Membership Rules:

  1. In the “Membership rules” section, define criteria for dynamic group membership. For Windows devices, you can use various properties like device type, operating system, compliance status, or ownership type.
  2. For example, you can create a dynamic group that includes all Windows 10 devices that are compliant with specific security policies.

Step 4: Review and Save:

  1. Review the membership rules to ensure they meet your criteria.
  2. Click “Create” to create the Dynamic Device Group.

For iOS and Android:

Step 1: Access Dynamic Device Groups:

  1. Log in to the Microsoft Intune portal.
  2. In the left-hand navigation pane, select “Intune” and then “Devices.”
  3. Under “Devices,” select “Device groups.”

Step 2: Create a Dynamic Device Group:

  1. Click “New group.”
  2. In the “Group blade,” give the group a name and description.

Step 3: Configure Group Membership Rules:

  1. In the “Membership rules” section, define criteria for dynamic group membership. For iOS and Android devices, you can use properties like device platform, device compliance status, or ownership type.
  2. For example, create a dynamic group that includes all iOS devices that are not compliant with specific security policies.

Step 4: Review and Save:

  1. Review the membership rules to ensure they meet your criteria.
  2. Click “Create” to create the Dynamic Device Group.

Usage Examples:

  • Windows Dynamic Device Group: Create a dynamic group for all Windows laptops that are enrolled in Intune and compliant with BitLocker encryption requirements. Assign BitLocker-specific policies to this group for enhanced security.
  • iOS Dynamic Device Group: Create a dynamic group for all iOS devices owned by executives. Deploy specific apps and configurations tailored to the needs of this user group.
  • Android Dynamic Device Group: Create a dynamic group for all Android devices used by field technicians. Apply device compliance policies to ensure these devices meet security and compliance standards.

Dynamic Device Groups provide a flexible way to automatically organize and target policies, apps, and configurations to devices based on changing criteria. These groups can help IT administrators streamline device management and ensure that the right policies are applied to the right devices.

Share: TwitterFacebookPinterestLinkedin
Author: tonyhughes