Forum Discussion
Solved
Dynamic Groups Help
Hi All
We're about to migrate from MobileIron to Intune and I've been building the service ready for our users.
In MobileIron, we previously had different policies and configurations for ...
Hi Dan,
please have a look here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-groups-dynamic-membership-azure-portal
you will need to come up with a different strategy how to assign configurations. As of now there is no way to build a query like person x not member in group y.
The way Microsoft is thinking about the Intune assignments are user centric. So a VIP group will get different settings and is not member of the broad employee group for example. This leads to separation in the end. Your example of user has iOS and DEP is also not directly addressable. We can't mix user and device attributes. We would assign a policy to a user group and if the user has an Android all iOS device policies would be marked as "not applicable". If the user now enrolls a iOS device the iOS policies would apply. Makes sense?
Certainly not the flexibility you may be familiar with MobileIron, but that's how it is.
best,
Oliver
Hi Dan,
please have a look here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-groups-dynamic-membership-azure-portal
you will need to come up with a different strategy how to assign configurations. As of now there is no way to build a query like person x not member in group y.
The way Microsoft is thinking about the Intune assignments are user centric. So a VIP group will get different settings and is not member of the broad employee group for example. This leads to separation in the end. Your example of user has iOS and DEP is also not directly addressable. We can't mix user and device attributes. We would assign a policy to a user group and if the user has an Android all iOS device policies would be marked as "not applicable". If the user now enrolls a iOS device the iOS policies would apply. Makes sense?
Certainly not the flexibility you may be familiar with MobileIron, but that's how it is.
best,
Oliver
Hi Oliver
Thank you for your response. I can see I'm going to need a complete rethink about how we sort our policies and groupings!
D
Thank you for your response. I can see I'm going to need a complete rethink about how we sort our policies and groupings!
D
