Can someone help me create an Azure/Intune Azure dynamic group for non-encrypted devices? I am trying to force-push the encryption policy for non-encrypted devices only, In order to achieve that I want to prepare the dynamic groups for identifying the devices.
I am pretty sure there is no device attribute in AAD groups that supports this. Your best bet will be to create a static group or deploy the policies to all the managed devices. The ones already encrypted should not get impacted.