Blog Post

Intune Customer Success
6 MIN READ

Intune grouping, targeting, and filtering: recommendations for best performance

Intune_Support_Team's avatar
Intune_Support_Team
Silver Contributor
Nov 22, 2021
By: Scott Duffey - Senior Program Manager | Microsoft Intune   Editor's Note: We have incorporated this guidance into our documentation. As the information in this blog is no longer current, we i...
Updated Nov 09, 2023
Version 11.0
Filters
Scott Duffey's avatar
Scott Duffey
Icon for Microsoft rankMicrosoft
Dec 17, 2021

Hey Nik Stay , Thanks for the comments and so nice that you read "Learning Microsoft Endpoint Manager"!

 

Here are the options I can think of for your scenario: Deploying compliance policies to all users/devices but excluding HAADJ'd devices)

1. Ignore my recommendation and target compliance policy at an AAD group instead of virtual group... Just consider the scale impact if the targeted AAD group is huge.

2. Assign to ALL USERS and exclude HAADJ devices using a filter. This option is a little bit trickier for you since we dont support the AADJoinType (AADJ|HAADJ|WPJ) option today.  You said you have some AADJ devices that didnt enroll with AutoPilot so unfortunately the "EnrollmentProfileName" property is not perfect for you either. Last option - If you had a device naming standard for the old fleet of devices vs the new ones, you might be able to use that as a filter property.

 

Hope that helps a little.