Groups are a logical collections of objects, such as Windows-based computers, Mobile Devices or Users that can be used to apply policies, view reports, deploy applications, etc. You create a group by using the Create Group Wizard. You can explicitly assign membership to a group or you can create rules that will generate a dynamic group membership.
There are 3 membership types you can choose from:
- Assigned: members will be assigned manually
- Dynamic User: A query will be created, and the user will be automatically added or removed depending on the result of the query
- Dynamic Device: A query will be created, and the device will be automatically added or removed depending on the result of the query
For more information about creating Azure Groups, refer to https://docs.microsoft.com/en-gb/azure/active-directory/active-directory-groups-dynamic-membership-azure-portal
Creating Group
To create a Group, perform the following steps on a computer connected to the internet:
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Groups
- Under Groups | All Groups, click New group
- Under New Group, select Group type as Security, Name: All Enabled Users, Membership Type select as Dynamic Users and then click Add dynamic query
- Under Dynamic membership rules select Property as accountEnabled, operator as Equals and value type True. Click Save.
- Once back to New Group page, click Create
- Once back to the Groups | All Groups, note the All Enabled Users group is now listed
Edditing Group Name
To edit an existing Group, perform the following steps on a computer connected to the internet:
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Groups
- Under Groups | All Groups, click on the Group you want to Edit
- Click Properties and Change the group Name. Once done, click Save
Converting Dynamic to Assigned Group
To convert an existing dynamic group to Assigned, perform the following steps on a computer connected to the internet:
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Groups
- Under Groups | All Groups, click on the Group you want to convert
- Click Properties and Change the Membership type to Assigned and click Save.
- on the Warning message click Yes
Note: When you change the group type to assigned, existing members will remain members of the group and the dynamic rule will be deleted
Converting Assigned to Dynamic Group
To convert an existing assigned group to Dynamic, perform the following steps on a computer connected to the internet:
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Groups
- Under Groups | All Groups, click on the Group you want to convert
- Click Properties and Change the Membership type to Dynamic User and then click Add dynamic query
- Under Dynamic membership rules add the rules required for this group and click Save.
- Once back to group Properties page, click Save
- on the Warning message click Yes
Note: When you change the group type to Dynamic, existing members may change depending on the membership rule you provided
Assigned Group – Members management
To add new members or remove existing members to/from an assigned group, perform the following steps on a computer connected to the internet:
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Groups
- Under Groups | All Groups, click on the Group you want to Edit
- Click Members
- Click Properties and Change the group Name. Once done, click Save
- To add new member: click Add members button, select the member and click Select
Note that you can search for the member using the search box
- To remove an existing member, select the member (or members) and click Remove. On the warning message, click Yes
Viewing group Membership
To visualise a Group Membership, perform the following steps on a computer connected to the internet:
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Groups
- Under Groups | All Groups, click on the Group you want to visualise the members
- Under overview, you have a view of how many members the group have.
- Click Members to visualise all members
Deleting group
To delete an existing Group, perform the following steps on a computer connected to the internet:
- Open a browser and navigate to https://devicemanagement.portal.azure.com
- click Groups
- Option 1: Under Groups | All Groups, click on the Group you want to remove and on the group properties page, click Delete and on the warning page, click Yes
- Option 2: Under Groups | All Groups, select the check box next to the group (or groups) you want to delete and click Delete. On the warning page, click Ok
Article originally published on LinkedIn.
