Let’s learn how to create Azure AD Dynamic Device Group Using Display Name Property. I have seen displayname property is useful to create Azure AD dynamic device groups for Azure Virtual Desktop VMs.
AAD dynamic Device groups are similar to dynamic device collections in SCCM. Azure AD (AAD) dynamic device group is a set of devices grouped based on a common attribute value.
I agree that query using display name is an old way of grouping devices or virtual machines into a dynamic group.
You know there are better options (not optimal) to tag physical devices in the Autopilot world using devicePhysicalIds.
Create Azure AD Dynamic Device Group
Let’s create Azure AD Dynamic Device Group for Azure Virtual Desktop (a.k.a WVD). This dynamic Azure AD device group is based on hostnames.
- Open portal.azure.com
- Navigate to Azure AD (Azure Active Directory) -> Groups – All Groups.
- Click on “+ New Group“.
Select Security – Group Type from the drop-down option.
Enter Group Name “Namaste Techies WVD Device Groups” (any name is fine).
Enter Group Description “Namaste Techies WVD Device Groups” (any description is fine).
Select Dynamic Device as Membership type.
Click on Add Dynamic Query under Dynamic Device Members.
Hover over the properties column so that you get an option to select Azure AD dynamic device groups based on naming standards AVD (a.k.a WVD) VMs.
On the Dynamic Membership Rules blade, select DisplayName property column drop-down options. You have to select the displayName property from the Property drop-down as shown in the following screenshot.
NOTE! – Don’t rely only on one condition when you create Azure AD Dynamic device groups in WVD to be on the safer side. However, it would help if you were mindful of not making complex dynamic queries, and this could impact the automatic update of the Azure AD dynamic device group.
From the operator column, you can select the option name “StartWith” to select the hostname of Azure Virtual Desktop (a.k.a AVD) session hosts.
The hostname of my AVD VM starts with “namaste”.
In the value column, you can enter the hostname “Namaste” as shown in the below screenshot. This Azure AD dynamic query
- Click on SAVE and CREATE button to complete the process of building Azure AD dynamic device group creation.
Validate AAD Dynamic Device Query?
You can validate the Azure AD dynamic device query using the method explained in the following blog post. Validate Azure AD Dynamic Group Rules | Intune.
AAD Dynamic Device Group Query using Display Name
The following AAD Dynamic Device Group Query is built using the Display Name property column. The rule syntax is given below:
(device.displayName -startsWith "namaste")
Result
You can check the members of the dynamic device group from the Members tab in the Azure AD Device group.
Resources
- https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic-membership#using-attributes-to-create-rules-for-device-objects
- Validate Azure AD Dynamic Group Rules | Intune
- How to Create Azure AD Dynamic Device Groups for Windows BYOD CYOD Devices Microsoft Intune
Author
Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc……………