June 8, 2018
Posted by on
With Intune update we can create a dynamic group containing all devices deployed by Autopilot (and use this group for Application and Policy assignments).
Here is how to do that (according MS doc):
Create an AutoPilot device group
In Intune in the Azure portal, choose Device enrollment > Windows enrollment > Devices.
In the Group blade:
- For Group type, choose Security.
- Type a Group name and Group description.
- For Membership type, choose either Assigned or Dynamic Device.
If you chose Assigned for Membership type in the previous step, then in the Group blade, choose Membersand add AutoPilot devices to the group. AutoPilot devices that aren’t yet enrolled are devices where the name equals the serial number of the device.
If you chose Dynamic Devices for Membership type above, then in the Group blade, choose Dynamic device members and type any of the following code in the Advanced rule box.
- If you want to create a group that includes all of your AutoPilot devices, type
(device.devicePhysicalIDs -any _ -contains "[ZTDId]")
- If you want to create a group that includes all of your AutoPilot devices with a specific order ID, type:
(device.devicePhysicalIds -any _ -eq "[OrderID]:179887111881")
- If you want to create a group that includes all of your AutoPilot devices with a specific Purchase Order ID, type:
(device.devicePhysicalIds -any _ -eq "[PurchaseOrderId]:76222342342")
After adding the Advanced rule code, choose Save.
Keep in mind dynamic group may take several hours to run a query to populate the group. Fortunately the sync can be forced from Devices node in Intune Autopilot section.