Forum Discussion
Intune Dinamic group by Device IP
I know is not possible, but, may be there is an alternative view of this. We want to group devices by his IP, because is the way we are doing it now with Configuration Manager and Its our unequivocal way of locating equipment. GrĂ cies!
The issue with IP grouping with a cloud-based system is that you have no idea what IP addresses the machine may connect to.
It is all well and good with SCCM, because it is all local resources, and if the device is off-network, it can't reach SCCM to get a policy that can't apply. But a cloud-based Intune policy can check in from anywhere, so if the user goes to a client's office that shares a similar IP scheme as your other buildings, or has a home network set up by an overly ambitious nephew that decided uncle bob needs a 10.x.x.x network instead of a typical 192.168.x.x home network, then it may get a false positive match for being at the wrong location and get the wrong app package or policy applied, which could lead to weird issues.
I know that we have some Entra level policies based on the public IPs a device is checking in from to get different login or connection settings applied at that level... But as far as Intune is concerned for device policies or app packages, I haven't found any good 'fool proof' options for tracking location yet.
If you are looking to change a setting or reg key, you could set up a remediation policy that reaches out to a known network resource, and if true then set a setting... but that would run hourly and wouldn't exactly be real-time. You would probably be better off using a scheduled task that is triggered by a network change, or user login so that it behaves more consistently... but how helpful that would be is highly dependent on what you are trying to change. Great if you just need to change a reg key or a file... not so great if a different building needs a different software package installed.
