Learn How to Setup Dynamic Device Groups in Intune

Learn How to Setup Dynamic Device Groups in Intune? Do you want to add mobile devices automatically to Microsoft Intune Device Groups? Intune Dynamic groups are always a customer request for a long back.

This feature is similar to dynamic collections in SCCM/ConfigMgr. There is two way to do it. One is using the Azure AD Premium feature called AAD Dynamic Groups, and another one is pretty new in Intune, something called Device Group Mapping.

How to add devices/users automatically to Intune Groups using Azure AD Dynamic Groups?

Learn How to Setup Dynamic Device Groups in Intune?

Patch My PC
  1. Log in to the Azure AD portal (AAD Premium subscription should be there).
  2. Navigate via – Directory –> Groups –> Open the group (MDM Group) –> Configure. Enable Dynamic Group (Only available for AAD Premium subscriptions) Membership –> Add Users where <Department> is equal to “IT”.  In this scenario, all the users from the IT department will get added to the AAD Dynamic Security Group called MDM Groups. Don’t be panic if the group is not reflecting with users immediately, give it some time. It will get updated. 
  3. Once the AAD Dynamic Group is created and updated, login to Intune portal (manage.microsoft.com)  and Create a New User Group to fetch all the devices of IT department users.
  4. Whenever a new user joins to IT department, that user will automatically get added to Intune MDM group as well. Provisioning and de-provisioning of groups made easy with this.
Learn How to Setup Dynamic Device Groups in Intune
Learn How to Setup Dynamic Device Groups in Intune

How to Add Devices automatically to Intune Device Groups using Device Group Mapping?

Learn How to Setup Dynamic Device Groups in Intune?

  1. Click on the Admin tab in Intune console. Navigate via Device Group Mapping – enable Device Group Mapping – Create a Device Group and ADD a CATEGORY to manage device group mapping rules. Once you click on Create Device Group, it will guide you through creating one device group.
  2. When every user enrolls (During Enrollment Process) to Intune using the Microsoft Intune Company Portal application, the User will get an extra/additional screen to select “Choose the best category for this device”. Right now, I have only created one category, “ADMIN” for users to select. You are free to create Intune device category for each department !!


SCCM Related Posts Real World Experiences Of SCCM Admins (anoopcnair.com)

SCCM Video Tutorials For IT Pros – HTMD Blog #2 (howtomanagedevices.com)


Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is a logger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.