Intune – Create Azure AD dynamic device groups

Posted bysujithcyPosted inAzureAD, Intune

There are three device enrollments available for iOS devices. They are DEP(Device Enrollment Program), Apple Configurator and Corporate Identifier.

For DEP and Apple configurator enrolled devices can be easily fetched using Azure AD Dynamic group using DeviceEnrollmentProfileName property but for corporate identifier devices cannot be done the same way as DEP and Apple Configurator.

Here in this article, I would like to show you this can be achived 

(device.deviceManufacturer -eq "Apple") and (device.deviceOwnership -eq "Company") and (device.enrollmentProfileName -notContains "DEP Profile Name") and (device.enrollmentProfileName -notContains "Apple Configurator Profile Name")

Basically, what i am doing here is, isolating corporte identifier devices by excluding DEP and Apple configurator profiles. Corporte identifier does not have an enrollment profile creation options so we can only fetch the device using the above query.

Ref: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/groups-dynamic-membership

Published by sujithcy

Resourceful IT Professional consistently responds to a wide range of technical challenges with a specific focus on Azure Cloud and Office 365. Provide technical solutions, performance optimization, and technical improvements with a good understanding of the latest cutting-edge technologies and creative approach.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: