Event banner
Event details
Hello Microsoft Team,
In my company we have already a ring based system, where we manage our devices automatically and split them between different on-prem AD security groups.
We have enrolled our tenant with Windows Autopatch and created different Autopatch groups.
For each Autopatch group we have assigned our own custom ring based AD security groups, and within Autopatch settings we are only using the deployment test ring (which is empty) and the deployment last ring (assigned with our own custom group).
Autopatch Group | Deployment Ring | Assigned AD Security group
Autopatch RING.0 | Autopatch RING.0 - Last | RING.0 - Test ServiceDesk Users
Autopatch RING.1 | Autopatch RING.1 - Last | RING.1 - Test IT Global
Autopatch RING.2 | Autopatch RING.2 - Last | RING.2 - Test Pilot Users
Autopatch RING.3 | Autopatch RING.3 - Last | RING.3 - All Production Users
From time to time we have the need to move some of the devices between different security ad groups (rings).
Is there a way (remediation script or another method) for Autopatch to check if the devices have been moved from the original autopatch group and if so, to un-register them and re-register the devices again in the current and correct new autopatch group?
- EricMoe
Microsoft
Hi Pedro, with some of the latest updates we have applied to Autopatch, you can simply move devices from one group to another and Autopatch should take care of the rest. If you remove a device entirely from your Autopatch assigned groups, the device should get deregistered from Autopatch. Remember to ensure your AD groups do not have overlapping memberships, as that will create conflicts.
