Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Device Groups assignment (defender)

Iron Contributor

Morning all, QQ - I am wanting to assign devices to a particular group - however the devices do not follow a specific rule that we can automate ( due to naming convention ).  Is there a way to manually add devices to a group or add via tagging etc.   I cannot find the answer to this in the previous similar questions so thought as the platform has progressed such alot there may be a simple fix to this that I am missing. 

cheers - Mark 

2 Replies
Yes, you can use tags to assign device groups.
There does not seem to be any specifics in the official docs, but there is a parameter for tags within the device group membership settings.

Just make sure to set a high priority so that the new group is prioritized.

Forgot to mention the tagging.

You can of course manually tag the devices in the GUI or via API, but you can also set a tag via windows registry if you are using windows devices.
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/machine-tags?view=o365-wor...

 

This could allow you to tag a large amount of devices easily if you already have some sort of OU grouping etc in AD, if this applies to your device groups as well.