Windows 11 Azure AD Groups and Filters – An update

The more I think about managing Windows 11 in Azure AD and Intune, the more I want to refine some of the configurations I have done. The recent Windows 11 Dev Channel build had me thinking about the Azure AD and Intune Filter blog posts and the configurations done there. Now if you are not doing any Windows Insidering at your company (first thing I’d ask is why not, but that’s a conversation for another time), then the configurations for Windows 11 in those blog posts should be perfectly fine until the next release of Windows 11 in 2022 (Remember,…

Windows 10, 11 and Intune Filters

In a previous post I wrote about a way to create an Azure AD dynamic device group to identify Windows 11 devices. But what if you don’t want to add an additional group or groups, or do a bit of rework with your Intune configuration, or have Intune profiles and policies targeted at groups that only contain users? Fortunately a recent Intune feature (currently in preview) may be able to help here. Filters are a way to deploy Intune profiles and policies to user and/or device groups where there maybe (for example) both Windows 10 and Windows 11 devices, but…

Windows 11 and Intune – A Windows 11 Dynamic Device Group

I’ve recently started working on validating Windows 11 in my organisation. We manage our devices primarily with Intune now so I need a quick and easy way to identify these devices. I’m a big fan of using Azure AD Dynamic Groups to reduce admin overhead, and I use these a lot (both Device and User) to help me manage my environment. I have a standard Windows 10 Dynamic group The Query used here (device.managementType -eq “MDM”) -and (device.deviceOSType -contains “Windows”) will look for all Windows devices that are Intune managed and add them to this Azure AD group. However, at…