How to Create a Dynamic Group for Autopilot Devices in Microsoft Intune

Dynamic groups in Azure Active Directory (Azure AD) enable automatic membership based on defined criteria. For Windows Autopilot devices, a dynamic group ensures that devices meeting specific attributes are automatically added, simplifying profile assignments and management.

---

Steps to Create a Dynamic Group for Autopilot Devices

1. Sign In to Microsoft Endpoint Manager Admin Center
   Navigate to the intune.microsoft.com

2. Access Groups

   • Go to Groups > All groups in the left-hand menu.
   • Click New group to create a new dynamic group.

3. Configure Group Settings

   • Group Type: Select Security.
   • Group Name: Enter a meaningful name, e.g., Autopilot Devices.
   • Description: Optionally, provide details about the group, e.g., "Dynamic group for Autopilot-enrolled devices."

4. Set Membership Type
   Under the Membership type dropdown, select Dynamic Device.

5. Define the Dynamic Membership Rule

   • Click Add dynamic query.
   • In the Rule syntax field, use the following query to include all Autopilot devices:

     
     (device.devicePhysicalIds -any (_ -eq "[ZTDId]"))
     

     Explanation:
     • device.devicePhysicalIds: Attribute containing the physical IDs of devices.
     • [ZTDId]: A tag assigned to devices registered for Windows Autopilot.

6. Save the Query

   • Click Save to apply the dynamic membership rule.
   • Click Create to finalize the group creation.

7. Verify Group Membership

   • After creation, navigate to the group's Members tab.
   • Confirm that Autopilot devices are automatically added based on the rule.