In this post, you will learn how to use Intune filters to assign app policies and profiles in the Intune Portal. With the latest development, Microsoft recently added an exciting new feature, Filters in Microsoft Endpoint Manager.
The feature adds greater flexibility for assigning apps and policies to groups of users or devices. As an Intune Admin, you can use filters to assign a policy based on your creation rules.
Using filters to achieve the right targeting outcome, you can combine a group assignment with a device’s characteristics.
One of Filters’ features is to improve flexibility when assigning Intune policies and apps in public preview (Generally Available). Microsoft fully supports public preview features for Microsoft Endpoint Manager.
This helps the product team continuously work to obtain your valuable feedback about the new feature in the preview before the Microsoft product team finalizes the features.
Table of Contents
Video – Intune Assignment Filters Decoded
This video will teach you about Intune Assignment Filters Decoded | Associated Assignments | AAD Groups Vs Filters | Supported Workloads and All.
- Intune Filters for Azure Virtual Desktop VMs
- MEM Intune: Create Assignment Filters for Azure Virtual Desktop Single Session Windows 10 | AVD
- Create A Filter Rule For Windows 365 Cloud PCs Using Intune
How Intune Filters Work – Architecture
Recently, Scott shared a tip on Twitter: Intune Filters can use $null as a value. You can now use $null as a value in assignment filters. It’s very handy if you want to exclude devices that were:
- Not enrolled with an enrollment profile
- or Not assigned a device category
Features and Benefits
Filters include the following features and benefits:
- Improve flexibility and granularity when assigning Intune policies and apps.
- Filters are used when assigning apps, policies, and profiles. They dynamically target devices based on the device properties you enter.
- Filters can include or exclude devices in a specific group based on the criteria you enter.
- Create a query of device properties based on the platform, including Android, iOS/iPad, macOS, and Windows 10.
- Filters can be used and reused in multiple scenarios in “Include” or “Exclude” mode.
Prerequisites
Your account must have the Intune Service Administrator (also known as Intune Administrator) permission to enable or disable filters for your tenant. Intune Filters are out of public preview now.
Enable Intune Filters Public Preview
- Sign in to the Microsoft Endpoint Manager admin center.
- Select Tenant administration > Filters > Try the filters (preview) feature.
Intune Filters are out of public preview now. If you are not part of the preview, join the preview to see the latest features and improvements. In Filters (preview), Select the banner at the top of the page to Try out the filters (preview) feature.
To enable the feature, under Preview features, toggle the switch to turn it on and click Apply.
Intune Filters are out of public preview now.
Once the feature is available for you, you can see Create option at the top of the Filters (preview) page.
Create a Filter
Select Tenant Administration> Filters > Create.
- In Basics, enter the following properties and Click Next.
- Filter name: Enter the appropriate name for the filter.
- Description: Enter a description for the filter. This setting is optional but recommended.
Platform: Select your platform from available options: iOS/iPadOS, Windows 10, Android device administrator, macOS, Android Enterprise
There are two ways to create a rule in Rules: Use the rule builder or the rule syntax. The expression you made with the rule builder is automatically added to the rule syntax editor.
Rule builder:
And/Or: After you add an expression, you can add to the expression using the and or or options.
Property: Select a property for your rule, such as device or operating system SKU.
Operator: Select the operator from the list, such as equals or contains.
Value: Enter the value in your expression. For example, enter 10.0.18362 for the OS version, or Microsoft for the manufacturer.
Add expression: After you add the property, operator, and value, select Add expression:
Rule syntax – You can manually enter your rule expression and write your rules in the rule syntax editor. In Rule syntax, select Edit:
Preview Devices Option in Intune Filters
You have a new Preview Devices option to check whether the Intune filter rules are correctly configured or not.
Device preview – You can see a sample device set that matches the filter rules.
The above example shows the Personal Devices enrolled in Intune. You will need to click on the Preview Devices link, as shown in the screenshot.
Select Next.
Review your settings in Review + Create. When you select Create, your changes are saved. The filter is created and ready to be used. It is also shown in the filters list.
Here, you can see the filter has been successfully created.
Use Of Filter
After creating the filter, it’s ready to use when assigning your apps or policies.
- Sign in to the Endpoint Manager admin center.
- Go to your apps, compliance policies, or configuration profiles. For a list of what’s supported, see Supported workloads when creating filters.
- Select an existing policy or create a new policy. For example, select Apps > Windows and select an existing app. Select Properties > Assignments > Edit
- To assign your policy to a users group or a devices group, select Edit filter. You can choose to include or exclude filtered devices. A list of filters that match the policy platform is shown.
- Select your filter from the available options and click Select. For example, here, I selected Include filtered devices in the assignment, and select the filter, Here you can see multiple options available that we had created.
Once you have selected the filter to behave, It will be shown Filter mode and Filter (preview) as below –
- To save your changes, select Review + Save> Save.
When the device checks in with the Intune service, the properties defined in the filter are evaluated to determine whether the app or policy should be applied.
Change or Modify an Existing Filter
After a filter is created, it can be changed or updated.
- Sign in to the Endpoint Manager admin center.
- Select Tenant administration > Filters (preview). A list of all the filters is shown. You can also update filters in Devices > Filters (preview) or Apps > Filters (preview).
- Select the filter you want to change. Select Rules > Edit, and make your changes –
- To save your changes, select Review + save > Save.
Delete a Filter
- Sign in to the Endpoint Manager admin center.
- Select Tenant administration > Filters (preview). A list of all the filters is shown. You can also delete filters in Devices > Filters (preview) or Apps > Filters (preview).
- Next to the filter, select the ellipses (…) and select Delete. A prompt will appear with the message “Are you sure?” Click OK to delete.
Important – You must remove the filter from any policy assignments to delete a filter. Otherwise, you’ll get the following error when trying to delete the filter.
Reports
Filter evaluation report for devices
This report shows every app or policy with a filter applied. For each evaluated app or policy, you can see the applied filters and get more detailed information.
The filter evaluation results can take up to 30 minutes to appear in the Endpoint Manager admin center after the evaluation.
- Sign in to the Endpoint Manager admin center.
- Select Devices > All Devices > Select a device > Filter evaluation (preview). The following information is shown:
- The evaluation results: Match or No match
- If the filter was using the Include or Exclude mode
- The filter name, description, and rules.
- The date and time the evaluation occurred.
- The properties that were evaluated, such as
deviceName
.
- The Filter information section is populated with the currently configured filter name, description, and rules. The information isn’t populated from log data. The filter name, syntax, and other metadata may have changed since the last evaluation. When troubleshooting, look at the Evaluation time and Last modified timestamps.
Explore these Filter reports and troubleshooting in the Microsoft Endpoint Manager article to learn more about the reporting features and to help troubleshoot filters and conflicts.
Known Issue
Since this feature is still in preview, you might encounter unexpected reporting delays while editing or deleting an existing filter, among other issues. I recommend you visit Microsoft Document Filters Public Preview – Overview and Known Issues.
Let us update you with your comments about your experience with the new feature.
Resources
- Use filters (preview) when assigning your apps, policies, and profiles in Microsoft Endpoint Manager.
- How to Locate Device with Intune | Endpoint Manager
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.
Hi Anoop,
I have one question on this new feature.
I would like to know whom has enable this option “Enable Filters Public Preview” from Intune console for any tenant. I mean from any Admin logs can we get something or answers only from Microsoft ?
Hi Yogesh,
Ensure you’re Signed in to MEM Admin Portal as an Intune administrator to enable the new feature for the tenant.