Forum Discussion
Solved
dynamic group based on domain join type
Hi, is there a simple solution to this: - I would like to have a dynamic group for all devices 1. which are Azure AD joined & 2. All devices which are hybrid azure ad joined. Is there an att...
PatrickF11 Well, this is supported and available!
You can create Azure AD dynamic device groups based on Hybrid Azure AD Join and Azure AD Join. This is using the DeviceTrustType attribute. I have put across some more points and validation details etcCreate AAD Dynamic Groups based on Domain Join Type Hybrid Azure AD and Azure AD.
I'd also love to find a solution for this. I'm just starting to test computers that are AAD Joined rather than Hybrid AAD Joined, and want to target configuration profiles at the AAD Joined computers only. For example, I have a PFX certificate profile to issue a certificate to the machine, which is unnecessary for Hybrid AADJ computers since they auto-enroll a computer certificate when they join the domain. It probably wouldn't hurt to have them also get a certificate from the intune profile, but it would be one more certificate in the store and there is a non-zero chance that will cause issues with certificate matching somewhere down the line.
Hi Steve,
at this moment i'm using a dynamic group while querying for the Autopilot Deployment Profile.
One example (in this case for Android):
(device.deviceOSType -eq "AndroidEnterprise") -and (device.enrollmentProfileName -eq "DevEnroll_Android_Name123")
at this moment i'm using a dynamic group while querying for the Autopilot Deployment Profile.
One example (in this case for Android):
(device.deviceOSType -eq "AndroidEnterprise") -and (device.enrollmentProfileName -eq "DevEnroll_Android_Name123")
- The Easy way I always do this staff is as follows;
Go to Devices > All Devices > check the Join Type in the Columns section so you have it on your view > click export > check only includes selected Columns in the exported file
once you files download open excel and filter the Join type column and guess what you know the number of Joined devices, Registered and Hybrid devices.
Maybe some thinks this is manual well there is no other way unless you use profile type but what if someone has not setup the devices profile type or categories.- Thank you for the tip! This helped me make a dynamic group with what I was targeting!
- Problem with this is that you need to remember to add new devices each time.
+1 We need this too.
We don't want to set a manual device category, because of the additional management.
Currently no way to do so except a global filter which contains all Windows devices.
