Thanks for these video gents, been awhile for me and InTune but current job charging ahead on iOS management and soon Windows 10 for remote users... (bye bye SCCM). love from Brisbane, QLD.
@@IntuneTraining Hi how to create group for two users like one user is with admin rights and another users is without admin rights , it this possible ...Please reply
So far it's been amazing to follow your Intune series and I have gained a lot of useful information. I'm currently on episode 9 so I still have a lot left but I wish you could do episode about managed browsers, bookmarks and restrictions on Android Enterprise.
Hi , great videos ! Quick question how can make a dynamic device group for all Machines owned by users that have a specific "Company" or "Department" or "Location" or "Title" from their user details ?
Hi Guys, Big fan of your channel..Can I request you make some videos on these topics. Manage Microsoft 365 Governance and Compliance Configure Data Loss Prevention (DLP) configure DLP policies design data retention policies in Microsoft 365 manage DLP exceptions monitor DLP policy matches manage DLP policy matches Implement sensitivity labels plan for sensitivity labels create and publish sensitivity labels use sensitivity labels on SharePoint and OneDrive plan for Windows information Protection (WIP) implementation Manage data governance configure information retention plan for Microsoft 365 backup plan for restoring deleted content plan information retention policies Manage auditing configure audit log retention configure audit policy monitor Unified Audit Logs Manage eDiscovery search content by using Security and Compliance Center plan for in-place and legal hold configure eDiscovery and create cases
Hi gents thanks for all the info. Please can you direct me to where you discuss creating the "Intuned_AutoPilotEnrolled" dynamic group. Thanks in advance.
What Im struggling to understand is how to transition from managing machines by OU in AD to Intune. I cant make groups off of an OU so I dont know how to group machines.
Is there a way to create a dynamic group. But once it populates to lock it from populating future devices? For example - we forgot to do something on all our surface pro laptops and want to push a driver patch or something. BUT don't need it on any new surface pros after today because the fix is in our normal image task sequence. Or maybe an attribute to only target surface pros deployed before a specific date?
Not natively, but your scenario doesn't sounds like it needs a dynamic group. If I had that issue, I'd query graph for the devices you are after and create a sec group and add those devices into it. Do whatever you need to do and then kill off the sec group. TL;DR - if you don't actually want dynamic, then just use graph to automate enrolling members to a normal security group. - Ben
DEP enrolled device that is a member of a Dynamic Group. If I wipe that device in Intune, does it also get removed from the Dynamic Group it belonged to?
Hi there, is it possible to go based on the categorytag? So when i label the Device with "Standard", i should then use: (device.devicePhysicalIds -any "[OrderID]:Standard") ? But i got error messages about that.
Can you dynamically add a device to a group based on an attribute of the user that logged into the device during autopilot? We populate a location attribute for users and would like to group the device based on that attribute. Thanks.
Can you possibly go over best practices for how you'd group devices in a hybrid environment? If you use a dynamic rule that uses ZTID it grabs every autopiloted device. Which is ok in some circumstances but can cause issues as well.
Can you guys (please) do a session (guide) on how to create a dynamic group (in flow) based on a specific discovered app? I want to have a group that has office 2019 installed..
You can follow this video and sub out what we used for literally ANY detectable thing to trigger the group membership. Think about how you would detect if the app was installed or not (PowerShell), then think about how you would get it out to the devices (Proactive Remediation Scripts). Once you've got that sorted out, the only thing that needs to be changed here is making the Power Automate Flow run based on a HTTP request (webhook) instead of a scheduled time trigger. - Ben
Greats Video Guys. I got a quick question for you guys, I kind of new to intune and azure, but my company is planning to go autopilot with intune. let say, I need to create a new config profile or create new apps and I need to deploy to one single machine only, i assume you would need to have a group and then add that specific machine to that group? I hope that makes sense.
@@IntuneTraining will the group work that same with Application as well? cause I assume when you create packages it would need to get assign to devices, or it still works the same with users?
@@IntuneTraining thanks for the quick response. Another out of the box question, my current work environment everyone is on gsuite and no office account. If I go intune, what would be the best approach for account creation?
Hi Steve and Adam! Great Video! Im trying to do the automation for iPad devices to be renamed like you show in the video for Surface Pro. I need the renaming to show the users LASTNAME_DeviceUdidLast Four
Love the channel guys! Always look forward to a new lesson. Would love to see a hybrid azure ad setup too!
We know but we won’t be doing Hybrid unfortunately. It’s very complex to setup in the lab.
Thanks for these video gents, been awhile for me and InTune but current job charging ahead on iOS management and soon Windows 10 for remote users... (bye bye SCCM).
love from Brisbane, QLD.
You guys need someone to barge in and scream "who are you and what are you doing in my bedroom!?!" :D
Yeah we should have! That would have been awesome
@@IntuneTraining Hi how to create group for two users like one user is with admin rights and another users is without admin rights , it this possible ...Please reply
So far it's been amazing to follow your Intune series and I have gained a lot of useful information. I'm currently on episode 9 so I still have a lot left but I wish you could do episode about managed browsers, bookmarks and restrictions on Android Enterprise.
Cool stuff, looks easy to setup. Reminds me of wmi queries in mdt. Thanks for this!
This is saving my life right now! :) .. only comment right now?? Houston?? I'm in SA! Who knew!
Hi , great videos !
Quick question how can make a dynamic device group for all Machines owned by users that have a specific "Company" or "Department" or "Location" or "Title" from their user details ?
Hi Guys, you've done Bitlocker but is there one on Defender? Can't see it but am notorious for missing the obvious.
HI Guys, how can we create a single dynamic group with users from multiple cities or from different departments?
Yiu guys are such a great resource...one suggestion is maybe get a microphone each as sometime the audio is a bit low level
It'd be good to see a tutorial or just a discussion about the always-on VPN solution
Hi Guys, Big fan of your channel..Can I request you make some videos on these topics.
Manage Microsoft 365 Governance and Compliance
Configure Data Loss Prevention (DLP)
configure DLP policies
design data retention policies in Microsoft 365
manage DLP exceptions
monitor DLP policy matches
manage DLP policy matches
Implement sensitivity labels
plan for sensitivity labels
create and publish sensitivity labels
use sensitivity labels on SharePoint and OneDrive
plan for Windows information Protection (WIP) implementation
Manage data governance
configure information retention
plan for Microsoft 365 backup
plan for restoring deleted content
plan information retention policies
Manage auditing
configure audit log retention
configure audit policy
monitor Unified Audit Logs
Manage eDiscovery
search content by using Security and Compliance Center
plan for in-place and legal hold
configure eDiscovery and create cases
quality content
Hi gents thanks for all the info. Please can you direct me to where you discuss creating the "Intuned_AutoPilotEnrolled" dynamic group. Thanks in advance.
What Im struggling to understand is how to transition from managing machines by OU in AD to Intune. I cant make groups off of an OU so I dont know how to group machines.
Is there a way to create a dynamic group. But once it populates to lock it from populating future devices? For example - we forgot to do something on all our surface pro laptops and want to push a driver patch or something. BUT don't need it on any new surface pros after today because the fix is in our normal image task sequence. Or maybe an attribute to only target surface pros deployed before a specific date?
Not natively, but your scenario doesn't sounds like it needs a dynamic group.
If I had that issue, I'd query graph for the devices you are after and create a sec group and add those devices into it.
Do whatever you need to do and then kill off the sec group.
TL;DR - if you don't actually want dynamic, then just use graph to automate enrolling members to a normal security group.
- Ben
is there any way of creating a dynamic device group based on installed software? This was so easy to do in SCCM.
Can you add more than one rule per dynamic group? If so which one would take precedence?
Could you guys also show us how we are going to implement Autopilot in VM machines from scratch.
DEP enrolled device that is a member of a Dynamic Group. If I wipe that device in Intune, does it also get removed from the Dynamic Group it belonged to?
Hi there, is it possible to go based on the categorytag? So when i label the Device with "Standard", i should then use: (device.devicePhysicalIds -any "[OrderID]:Standard") ? But i got error messages about that.
What error do you get? Make sure you’re using the Advanced editor in the Dynamic Groups node.
Can you dynamically add a device to a group based on an attribute of the user that logged into the device during autopilot? We populate a location attribute for users and would like to group the device based on that attribute. Thanks.
Can you possibly go over best practices for how you'd group devices in a hybrid environment? If you use a dynamic rule that uses ZTID it grabs every autopiloted device. Which is ok in some circumstances but can cause issues as well.
It all depends on your needs. There’s no on-size fits all best practice for this.
Do i want to be using user groups for policies and profiles, if the devices are always allocated to a user?
Yes
Hi, can you do a video on device categories?
Can you guys (please) do a session (guide) on how to create a dynamic group (in flow) based on a specific discovered app? I want to have a group that has office 2019 installed..
You can follow this video and sub out what we used for literally ANY detectable thing to trigger the group membership. Think about how you would detect if the app was installed or not (PowerShell), then think about how you would get it out to the devices (Proactive Remediation Scripts). Once you've got that sorted out, the only thing that needs to be changed here is making the Power Automate Flow run based on a HTTP request (webhook) instead of a scheduled time trigger.
- Ben
Greats Video Guys. I got a quick question for you guys, I kind of new to intune and azure, but my company is planning to go autopilot with intune. let say, I need to create a new config profile or create new apps and I need to deploy to one single machine only, i assume you would need to have a group and then add that specific machine to that group? I hope that makes sense.
Yep. Make a group. Add the user (preferably user not device). Deploy to the group.
@@IntuneTraining will the group work that same with Application as well? cause I assume when you create packages it would need to get assign to devices, or it still works the same with users?
Yep. You can target everything to user groups or device groups. We like to try to target as much to users as possible.
@@IntuneTraining thanks for the quick response. Another out of the box question, my current work environment everyone is on gsuite and no office account. If I go intune, what would be the best approach for account creation?
@@IntuneTraining thank you. btw, do you a video that covers from beginning to end?
Hi Steve and Adam! Great Video! Im trying to do the automation for iPad devices to be renamed like you show in the video for Surface Pro. I need the renaming to show the users LASTNAME_DeviceUdidLast Four
Nothing native that you can use to do that.
Get a better mic, I can barely hear the guy on the left.
We have better mics. Watch newer videos. :-) and that guy’s name is Steve.