Support for Azure Dynamic Device groups for grouping ADJ & HDJ devices
how to properly group Azure Domain Joined devices and Hybrid Azure Domain Joined devices??... there is no available support for this request.
There are values available within an ADJ and HDJ to be filtered. I can filter them in Get-MsolDevice or in the Azure Portal too, but an Azure dynamic device group doesn't have an available attribute to filter them, there are two values that can be used to filter but none of them are available for Azure DDG:
DeviceTrustType: Azure AD Joined
DeviceTrustType: Domain Joined
Please advise how to group these two device types in Azure DDGs.
Simon Jones commented
This certainly caused pain in most enterprise environments, but certainly in education is causing some pain in all corners of the globe. Some priority and resolution would be appreciated.
Mahmoud Abdelrahman commented
Almost a year later and one attribute still cannot be added, yet MS encouraging people to get to Azure and use it more.
There are so many missing basic attributes needed for organizations to better group objects like users and computers, MS any plans to support current systems instead of adding another half-cooked shiny named one?
Yep, agree, this is defo needed soon please.....
Patrick Brown commented
We need to have this ability in order to properly assign device licenses for educational institutions. Our only option now is to assign the device licenses to all devices. If we could create a group of all hybrid-joined devices only it could be correctly assigned.
Nigel Brown commented
I would also like all Hardware device details to be exposed in the query - say 'Free storage space' to dynamic group to deploy free space solutions / scripts.
Joshua Bines commented
Our issue is that we need to assign a scope tag to these to a select group of computer objects and we would like them to be automatically enrolled.
I'd suggest populating a new onpremiseDN that we could target or a custom attrib that we could write too could also work.
Please add this ASAP. We really need a possiblity to distinguish between the Types - Hybrid Joined, Azure Ad Joined and Registered.
Jerry Ham commented
Definitely required as we need to be able to set different policies (for example WIP policy or Device Configuration Profiles) on classic on-prem domain joined machines than we set on new AAD only machines. We can't accurately do this without support for DeviceTrustType in Dynamic Groups as we end up having to periodically run scripts and this only "catches up" machines that already got the wrong policies and whose users have likely already called the service desk to complain.