Forum Discussion

Pino78's avatar
Pino78
Copper Contributor
Oct 27, 2023

Help creating Dynamic Group rule in Intune

Hi,
I have been asked to remove a required Android application to only new enrolled Android Enterprise Fully Managed device in Intune. Currently, this application is deployed as required to all user. I need to create an exclusion group and I was thinking to create a dynamic group and use a rule that would include new enrolled devices only so I can apply this group an exclusion on the affected application.
Is that would be possible?
Any help would be appreciated.

 

Regards,

Giuseppe

  • Pino78 

    You could deploy to a dynamic group based on a query like this:

     

    device.enrollmentProfileName -eq "Android - Corporate-owned devices with work profile") and (device.deviceOSType -eq "AndroidEnterprise")



    Please click Mark as Best Response & Like if my post helped you to solve your issue.
    This will help others to find the correct solution easily. It also closes the item.

    If one of the posts was helpful in other ways, please consider giving it a Like.

    • Pino78's avatar
      Pino78
      Copper Contributor

      Hi Harm_Veenstra ,
      The rule that you have advised will show me all the Android devices currently enrolled in Intune but because this is a process that needs to be happening gradually we want to start only with the new enrolled Android devices so I can exclude them from the application (Google Chrome app) that is currently assigned to all Users.
      I have find a solution that maybe is working for my purpose below:

      (device.displayName -contains "_11/") and (device.displayName -contains "/2023_") or (device.displayName -contains "_12/") and (device.displayName -contains "/2023_") or (device.displayName -contains "/2024_") or (device.displayName -contains "/2025_") or (device.displayName -contains "/2026_") or (device.displayName -contains "/2027_") or (device.displayName -contains "/2028_") or (device.displayName -contains "/2029_") or (device.displayName -contains "/2030_")

      This Rule syntax will show me all the new enrolled devices from the 1st November 2023 to the end of December 2030. This with the hope that all the current Android Enterprise devices will be replaced by then and we can force the Uninstall of Google Chrome to all users, is not ideally because I need to keep monitoring it but it will do the job for the moment.

      Thanks,
      Giuseppe

      Thanks,
      Giuseppe

Resources