Event banner
Event details
dynamic groups wont add iOS devices after enrollment that haven't been signed into Company Portal. This is concerning because usually the user wont be there to sign into CP right away. even with device naming templates which I have added a department and having a dynamic group to add those devices it wont add them until someone logs into CP. Is there a way now or in the future to deal with this.
MicrosoftThis might be a side effect of the fact that dynamic groups inherently have some latency before updating. We introduced enrollment-time grouping (discussed around the middle of the video and here on our roadmap) to address this issue.
If you are consistently able to reproduce the sign-in requirement (even after waiting for a significant amount of time) the best move would be to open a support ticket with logs so that we can investigate this further.
The only difference I have seen is with iOS devices not logged in have Unknown for Ownership and no Primary User set. Once you log into CP the Ownership changes to Corporate and Primary User is set and then after that is when it would add to dynamic group. So we have to wait for a user to log in before it adds to group and then install apps afterwards
- Jessica-Yang
You can also set up JIT registration and compliance remediation so that the CP login isn't required, and Entra join gets completed with any M365 app or SSO-enabled app upon first sign in, with SSO established throughout the device. Details are in this blog - https://techcommunity.microsoft.com/blog/intunecustomersuccess/just-in-time-registration-and-compliance-remediation-for-iosipados-with-microsof/3660843