Forum Discussion
"Special" dynamic device group
Hi! I need in Intune a dynamic device group for testing. So let me explain what I tried: All our devices are in our onPrem AD, and for my test we have a group inside the computer group. First ...
It's a device group (on AD) for our intern test.
Using dynamic group for Intune assignments is not a good idea unless you are using an Autopilot dynamic group. For everything else, try to use device filters as much as possible. That is why I asked about the intended membership of the group. Are the intern devices based on OU or something else? Is there any other common identifier that you can use like naming convention?
- That's what I asked for.
Yes , they have another OU, but device. organizationalUnit doesn't work anymore, and device.extensionAttribute1 doesn't give any device back (although it's present with PowerShell).
So my question is: can a dynamice device group read from AD or not?- Yes and no. AAD can sync but only ones it supports. As I see Extension attribute is your best option here. https://learn.microsoft.com/en-us/graph/api/device-update?view=graph-rest-1.0&tabs=http#example-2--write-extensionattributes-on-a-device
- I have set the extension attribute on the device but in AD. But the group with the dynamic device rule with device.extensionAttribute is empty in Entra.
My question is still: Is it possible to read the extension attribute from AD or not?