Anoop C Nair

Video Tutorial to Learn about Intune MAM Policies and App Reporting by Specific User? In this post, I would like to share the video tutorial to explain. Microsoft Intune introduced MAM Reporting options with the Intune 2305 release.

Let’s learn how to create Intune App Protection Policies for iOS iPadOS. In this article – Create Intune App Protection Policies For IOS IPadOS. App Protection Policies can be applied to both enrolled and non-enrolled devices. APP can be used for third-party MDM solutions.

MAM policies created in the MEM portal are different from the MAM policies that we make from the Intune portal for MDM-enrolled devices. Outlook Groups is the newest application included in the Azure portal for Intune MAM-enabled applications.

Let’s check how to enable Intune App Protection Policies for Android and iOS devices. The video below provides more details and an end-user experience.

Intune MAM Policies and App Reporting?

Also, I can see the PREVIEW option to add custom applications for MAM policies without MDM enrollment. This is an excellent feature. Settings –>Preview – Line-of-business apps –> Preview – Add a custom app.

Intune MAM Policies and App Reporting
Settings
Preview – Line of business apps
Preview – Add a custom app

Video Tutorial to Learn about Intune MAM Policies and App Reporting by Specific User – Table 1

Video Tutorial to Learn about Intune MAM Policies and App Reporting by Specific User - Fig.1 — Video Tutorial to Learn about Intune MAM Policies and App Reporting by Specific User – Fig.1

Resources

SCCM Video Tutorials For IT Pros – HTMD Blog #2

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

Learn how to Set up Dynamic Device Groups in Intune. Do you want to add mobile devices automatically to Microsoft Intune Device Groups? Intune Dynamic groups have been a customer request for a long time.

This feature is similar to dynamic collections in SCCM/ConfigMgr. There are two ways to do it: one using the Azure AD Premium feature called AAD Dynamic Groups, and another is pretty new in Intune, something called Device Group Mapping.

One of our recent posts explains how to create nested Azure AD dynamic groups, a highly anticipated feature from the Azure AD team. This functionality shows the memberOf attribute, which was introduced to facilitate the nesting of Azure AD groups.

This capability allows for more flexible and efficient management of group memberships within Azure Active Directory, enabling organizations to simplify access controls and administration across their Azure resources.

How Do you Add Devices/Users Automatically to Intune Groups using Azure AD Dynamic Groups? – Learn How to Setup Dynamic Device Groups in Intune

Log in to the Azure AD portal (AAD Premium subscription should be there). Read More -> Create AAD Dynamic Groups Based On MDM Intune SCCM Management.

Learn How to Setup Dynamic Device Groups in Intune - Fig.1 — Learn How to Setup Dynamic Device Groups in Intune – Fig.1

Navigate via – Directory –> Groups –> Open the group (MDM Group) –> Configure. Enable Dynamic Group (Only available for AAD Premium subscriptions) Membership –> Add Users where <Department> is equal to “IT”.

Learn How to Setup Dynamic Device Groups in Intune
Login to AAD.Portal.Azure.com.
Navigate to the Azure Active Directory -> Groups node -> Click on the New Group button.
Group Type -> Security
Group Name -> HTMD AAD Group based on Dept
Group Description -> To add all devices or users from a dept
Membership Type -> Dynamic User

Learn How to Setup Dynamic Device Groups in Intune – Table 1

In this scenario, all the users from the IT department will be added to the AAD Dynamic Security Group, which is called MDM Group.

Don’t panic if the group is not reflecting with users immediately; give it some time. It will get updated.

Once the AAD Dynamic Group is created and updated, log in to the Intune portal (endpoint.microsoft.com) and Create a New User Group to fetch all the devices of IT department users.

Learn How to Setup Dynamic Device Groups in Intune - Fig.2 — Learn How to Setup Dynamic Device Groups in Intune – Fig.2

Whenever a new user joins the IT department, that user is automatically added to the Intune MDM group. Provisioning and de-provisioning groups is made easy with this.

More Details -> Create AAD Dynamic Groups Based On Domain Join Type Hybrid Azure AD And Azure AD

There are two options to build the Azure AD dynamic group query. You can use the rule builder or rule syntax text box to create or edit an AAD device group dynamic membership rule.

Rule Builder -> Graphical interface – Easy to create the dynamic query.
Rule Syntax -> Advanced technical users for complex queries.

Follow the steps below to use Azure AD dynamic group Rule Builder to create dynamic query rules for Hybrid Azure AD joined devices.

Under Configure Rules -> Choose Property drop-down list.
Select deviceTrustType as the property from the drop-down list.

How do you Add Devices automatically to Intune Device Groups using Device Group Mapping?

Click on the Admin tab in the Intune console. Navigate via Device Group Mapping—enable Device Group Mapping—Create a Device Group and ADD a CATEGORY to manage device group mapping rules. Once you click on Create Device Group, it will guide you through creating one device group.

When every user enrolls (during the Enrollment Process) to Intune using the Microsoft Intune Company Portal application, the User will get an extra screen to select “Choose the best category for this device.” I have created only one category, “ADMIN,” for users. You are free to make an Intune device category for each department!!

More details on AAD Groups Based On Intune Device Categories.

Learn How to Setup Dynamic Device Groups in Intune - Fig.3 — Learn How to Setup Dynamic Device Groups in Intune – Fig.3

Resources

SCCM Video Tutorials For IT Pros – HTMD Blog #2 (howtomanagedevices.com)

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Excellent Resource to Learn and Become an Expert in SCCM Reporting

Video Tutorial to Learn about Intune MAM Policies and App Reporting by Specific User

Table of Contents

Intune MAM Policies and App Reporting?

Resources

Author

Learn How to Perform Rapid Windows 10 Upgrade with SCCM ConfigMgr Configuration Manager

My Second Veeam Vanguard Award in a Row

Fix Azure AD Subscription Error We cannot Proceed with Signup Due to an Issue with Your Account

Fix Windows 10 Microsoft Surface Video Player Sound Issue

Azure RMS Roadshow Presentation Overview of EMS Intune Azure AD Azure Rights Management Service 1

Learn How to Setup Dynamic Device Groups in Intune

Table of Contents

How Do you Add Devices/Users Automatically to Intune Groups using Azure AD Dynamic Groups? – Learn How to Setup Dynamic Device Groups in Intune

How do you Add Devices automatically to Intune Device Groups using Device Group Mapping?

Resources

Author

One-Day Conference What is New in Windows Server 2016 Overview of EMS

How to Setup Windows 10 Machine for Home or Office Use

How to Setup Change Windows 10 Picture Password

Know More About SCCM ConfigMgr Environment Security Concerns Best Security Practices

Learn How to Troubleshoot Resolve the Problems with Windows 10 Machine

Backup Restore Windows 10 Machines Using Veeam Endpoint Backup Free

Download Free eBook on How to Get Hyper-V Performance Right