MicrosoftBug #5 There are several security groups (some dynamic) and device configuration polices that are created by Microsoft Autopatch (aka Windows Autopatch). Discovered that the following profiles conflict. The following profiles are set to exclude the opposite referencing dynamic security groups to separate Windows 10 and Windows 11 operating system devices.
Device configuration profile
Modern Workplace - Telemetry Settings for Windows 11
Modern Workplace - Telemetry Settings for Windows 10
The following dynamic security groups that were created by Microsoft Autopatch (aka Windows Autopatch) has an incorrect expression that was actually identified by a Microsoft Intune Support Engineer. The 'and' should be 'or' which did work briefly until the Microsoft Autopatch (aka Windows Autopatch) cycled and re-applied the 'and' and now the conflict is back.
Dynamic Security Groups
Modern Workplace Devices Dynamic - Windows 11
Modern Workplace Devices Dynamic - Windows 10
(device.devicePhysicalIds -any _ -startsWith "[OrderID]:Microsoft365Managed_") and (device.deviceOSVersion -startsWith "10.0.22000")
Should be:
(device.devicePhysicalIds -any _ -startsWith "[OrderID]:Microsoft365Managed_") or (device.deviceOSVersion -startsWith "10.0.22000")
UPDATE:
The above changes are sticking this time around. Conflicts are disappearing.
