Let’s discuss Best Practices for Creating Entra ID Dynamic Groups for Intune. A dynamic group (requires Microsoft Entra ID P1 or P2) in Intune to automatically add users or devices to the user group or device group based on an expression you create.
Microsoft Entra ID dynamic group processing is essential in an organization. It helps manage a lot of devices. The smooth and efficient running of the Entra ID dynamic group process helps organizations manage many devices.
You can create attribute-based rules to enable dynamic membership for a group in Microsoft Entra ID. Dynamic group membership automatically adds and removes members using membership rules based on member attributes.
‘Contain’ and not Contain‘ operators are included in the rule builders’ list of operators. ‘Contain’ and not Contains’ operators were recently removed from (MC705357) the rule builder’s list of operators to encourage dynamic group rules. This blog post helps you to understand the Best Practices for Creating Entra ID Dynamic Groups for Intune
Best Practices for Creating Entra ID Dynamic Groups for Intune
The recently removed (MC705357) ‘contains’ and ‘not Contains’ operators can be used if you edit the rule syntax manually. Their removal is due to their inefficiency in group processing, which may delay dynamic processes. Some performant alternatives are available in Microsoft Intune.
- Equals
- Not Equals
- Start With
- Not Starts
Performant Alternatives in Dynamic Groups for Intune
Microsoft Provide Performant Alternatives in Dynamic Groups for Intune. It helps improve efficiency in Entra ID Dynamic Groups for Intune. You can easily access these alternatives from the Microsoft Intune Admin Center.
- Sign in to the Intune Admin Center portal https://intune.microsoft.com/.
- Select Groups from the Intune portal.
- Select All Groups from the Groups.
- Click on New Groups.
After selecting New Groups, you should provide a Group name or email address, and enter a description for the group from the window below. Select the Membership type as Dynamic User and click on Add dynamic query.
After that, in Configure Rules, you can see the different operators. In these windows, you can see the Performant Alternatives, such as Equals and Not Equals. You can easily choose an operator for your Dynamic Groups from this window.
The window below also shows Performant Alternatives. You can see Performant Alternatives such as Start With and Not Starts With in the window below. These Performant Alternatives can optimize the rules.
Dynamic Devices for Microsoft Entra ID in Intune
You can easily access Dynamic Devices for Microsoft Entra ID in Intune by selecting Groups from the Microsoft Intune Admin Center. Select All Groups from Groups and Enter the Membership type as Dynamic Devices.
- Free Entra Training Videos | Start Learning Entra ID Azure AD
- Entra ID Best Practices Monitoring Option for the Tenant
Index Ongoing Properties for Improving Dynamic Group Efficiency
Some inefficiencies exist in the processing of group membership due to the non-indexed device properties available when creating a dynamic group. Until these properties are indexed, it is best to avoid them.
The deviceOwnership and enrollmentProfileName properties have recently been indexed. The table below shows the index’s ongoing properties for Improving Dynamic Group efficiency.
| Index Ongoing Properties for Improving Dynamic Group Efficiency |
|---|
| deviceCategory |
| deviceManagementAppId |
| deviceManufacturer |
| deviceModel |
| deviceOSType |
| deviceOSVersion |
| devicePhysicalIds |
| deviceTrustType |
| isRooted |
| managementType |
| objectId |
| profileType |
| systemLabels |
Evaluating Dynamic Group Rules with PowerShell
Users can easily evaluate dynamic group rules with PowerShell. It allows you to display the output, such as displayName, id, and membershipRule, for each of the dynamic groups in your organization in a CSV-based file with Script. This is the best method for evaluating the inefficiencies in membership rules for all of your Entra ID dynamic groups.
- Azure AD App Proxy Latest Enhancements and Premium Version of Entra App Proxy
- New Microsoft Entra Portal Walkthrough
Reference
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp
Author
Gopika S Nair is a computer enthusiast. She loves writing on Windows 11 and related technologies. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She is Post Graduate Diploma Holder in Computer Science.