Forum Discussion
fnod
May 07, 2021Copper Contributor
User group based scope tags for distributed IT
Is there a way to assign scope tags to devices based on user groups? We need to delegate administrative privileges to local country admin.
- Hi
If I understand you correctly. You could create a custom intune role and assign it to the user group and add the scope tag to it. so only devices etc with that scope are visible to the local country admin
Nicola created a blog about this some time ago.. (if this is what you ment)
https://tech.nicolonsky.ch/intune-scope-tags-rbac-explained/- fnodCopper Contributor
Rudy_Ooms_MVP I already read that article, but we cannot apply scope tags to devices based on user groups.
- Thijs LecomteBronze ContributorFnod could you provide some more details on your requirement?
I have a customer that also has a requirement for local IT to support their own devices. We weren't able to create dynamic groups (through name of Autpilot tag). I created a script that retrieves the primary user of a device, checks the 'Company' field of that user and then adds the device to an assigned group.
That assigned group is assigned a scope tag