Create Dynamic Azure AD Group for Hybrid Azure AD Joined Devices RRS feed

  • Question

  • Hi,

    I would like to create a dynamic group for Hybrid Azure AD Joined devices in Azure AD. I tried putting device.deviceTrustType - eq - "ServerAd" but it doesn't take the input. I ran Get-MsolDevice to find out other parameters I can use. I found 

    DeviceTrustType               : Domain Joined

    But even that doesn't work in dynamic query? Any other suggestions (Device Management type etc).


    Sumit Kumar

    Thanks, Sumit

    Wednesday, December 19, 2018 3:13 PM

All replies

  • Hi Sumit, provides a listing of device class attributes that can be used to create dynamic group membership rules. Unfortunately looks like organizationalUnit is no longer applicable...


    Wednesday, December 19, 2018 4:11 PM
  • Thanks Marcin. But none of the attribute really help in getting the desired output (Hybrid AzureAd Joined devices group or domain joined devices). I even tried domainName attribute but it doesn't populate anything.

    Thanks, Sumit

    Thursday, December 20, 2018 9:38 AM
  • I am still struggling with this. Does anyone has any other solution. I can create a static group with get-msoldevice output with some filters.

    Thanks, Sumit

    Thursday, March 21, 2019 2:39 PM
  • The attribute that is in the msoldevice output is "Device Trust Type"

    this might mean you can do (device.DeviceTrustType -eq "Hybrid Azure AD Joined")

    This might not be a supported property in Azure AD.

    This is just a wild guess though. 

    Tuesday, April 16, 2019 8:27 PM
  • device.DeviceTrustType is not recognized as valid property in Azure AD while creating a device dynamic group

    Thanks, Sumit

    Wednesday, May 1, 2019 3:17 PM
  • Did you ever find an answer?  Seems there's no updates and the comments also suggest this is not yet possible.  There's a feedback item here:


    Wednesday, January 8, 2020 3:05 PM