Magazine

In this article regarding creating a compliance strategy with Intune, it was about an Azure Active Directory group.

But what is a Dynamic group?

An Azure Active Directory (AAD) dynamic group is a type of group that allows you to group users or workstations based on specific rules. This allows more efficient management of permissions for Azure applications and resources, as group members can change based on user profile data or the workstation.

How is it configured?

To understand how a dynamic group is configured, the best way is still to practice.

We will see this with the tutorial below, which involves creating a group that will automatically contain all the Corporate workstations in an organization.

1. Log in to the Azure portal, then select Active Directory, Groups, then New Group.

2. Choose the options as below: Group type: Security – Membership type: Dynamic Device

Then click on Add dynamic query, and create the rule:

Here, we base it on the deviceOwnership property and check if the device belongs to the company by using the value “Company”.
Then click on Save, and you will be redirected to the page below:

Click on Create to finalize the creation of the group, which will then be visible in Azure AD groups: