Intune Group Tags Dynamic Assignment
Windows Autopilot registered devices is a great way to automate the deployment process without much of technician interaction.
Aside from the device profile you can execute when a registered device is recognized, you can use Group Tags ( See Group Tags Blog post ) to further customized the desktop to the user or role that device will perform
Side Note:
Keeping Intune portal (M365 Device Portal) clean should be top of mind for administrator out there! —
Please read:
- Cleaning up inactive Intune and Entra ID devices – Mr T-Bone´s Blog (tbone.se)
- How to manage stale devices in Microsoft Entra ID – Microsoft Entra ID | Microsoft Learn
Let’s contunue…
Most Group Tags are assigned at the time of ordering, but they can also be added manually post order by going into your device portal:
- Sign in to the Intune admin center.
- Click on Devices and then click on Enrollment.
- Under the Windows tab, click on Devices under Windows Autopilot category
- Find a device you want to apply a group tag and click on it.
- Search for the Group tag field, type the name of a group tag, and Save.
Group Tag Assignments can also be done dynamically by executing a powershell script. A couple of examples follow:
- IntunePowershell/Autopilot Helper Scripts/bulkGroupTagUpdate.ps1 at main · stevecapacity/IntunePowershell · GitHub
- GitHub – middlewesttech/autopilot-intune: This script automates the process of importing a device into Autopilot, assigning a Group Tag/OrderID, assigning a user to the device, and adding that user to a set MDM User Scope group. It all runs in one PowerShell script.
- Bulk Update Windows Autopilot entities · GitHub
- PS Script To Add Or Modify Group Tag Of Autopilot Devices In Intune HTMD Blog (anoopcnair.com)
Additional Resources:
- Automating group tags for Windows Autopilot registered devices | just another windows noob ? (niallbrady.com)
- Bulk Update Windows Autopilot entities · GitHub
- Automatically Categorize Intune Devices – PowerStacks
- Intune Autopilot Group Tags Automation With Azure Runbooks (nianit.com)
- Resolved – Unable to assign group tags with the WindowsAutopilotIntune PowerShell script – Microsoft Community Hub
- Add A Group Tag To Intune Autopilot Devices Using Powershell (cloudinfra.net)
- Assign-DeviceScopeTags.ps1 | PowerShell Script to automatically assign Intune Device Scope Tags based on Primary SMTP Address of enrolling user. (carygarvin.github.io)
- Intune Group Tags, Scope Tags – What are they and why do I need them? – Andrew Taylor (andrewstaylor.com)
