Let’s try to create Azure AD Joined Devices Azure AD Dynamic group. This section of the post is going to be pretty easy because you need to follow the same steps that are explained above.
The only step you need to change is the value of the deviceTrustType attribute. You need to follow all the same steps explained above.
- Create a new AAD dynamic group for Azure AD joined devices (just follow the steps mentioned in the above section of the post)
- Add the dynamic rule as discussed before.
Check out the value of the property deviceTrustType that you want to look for in the Azure AD Joined scenario. The value that you want to look for is AzureAD for Hybrid AAD joined devices.
Azure AD Group Dynamic query for Azure AD joined devices -> (device.deviceTrustType -eq “AzureAD”)
The validation rules are the next step you need to perform to confirm that the dynamic query for Azure AD joined devices is correct!
- CPC-anoopb-L-DA -> Not in Azure AD joined the group because this device is Hybrid Azure AD joined.
- CPC-vidyam-2-CC -> In Azure AD joined the group because this device is Azure AD joined.
You need to click on the Save and the Create buttons to complete the Azure AD dynamic device group creation process.
