IT Consultant Everyday Notes

Just some problems/solutions storage

Monthly Archives: June 2018

Azure: How to create a group of devices deployed by Autopilot

With Intune update we can create a dynamic group containing all devices deployed by Autopilot (and use this group for Application and Policy assignments).

Here is how to do that (according MS doc):

Create an AutoPilot device group

  1. In Intune in the Azure portal, choose Device enrollment > Windows enrollment > Devices.

  2. In the Group blade:

    1. For Group type, choose Security.
    2. Type a Group name and Group description.
    3. For Membership type, choose either Assigned or Dynamic Device.
  3. If you chose Assigned for Membership type in the previous step, then in the Group blade, choose Membersand add AutoPilot devices to the group. AutoPilot devices that aren’t yet enrolled are devices where the name equals the serial number of the device.

  4. If you chose Dynamic Devices for Membership type above, then in the Group blade, choose Dynamic device members and type any of the following code in the Advanced rule box.

    • If you want to create a group that includes all of your AutoPilot devices, type (device.devicePhysicalIDs -any _ -contains "[ZTDId]")
    • If you want to create a group that includes all of your AutoPilot devices with a specific order ID, type: (device.devicePhysicalIds -any _ -eq "[OrderID]:179887111881")
    • If you want to create a group that includes all of your AutoPilot devices with a specific Purchase Order ID, type: (device.devicePhysicalIds -any _ -eq "[PurchaseOrderId]:76222342342")

    After adding the Advanced rule code, choose Save.

  5. Choose Create.

Keep in mind dynamic group may take several hours to run a query to populate the group. Fortunately the sync can be forced from Devices node in Intune Autopilot section.

image