I'm not sure how many people saw the new Group Templates feature in our v5.4 release, but I wanted to give it a little extra attention because the potential of the feature is so cool!
What is it?
Group Templates allow you to create dynamic groups (either User or Device) so that when you direct-apply an Intune Policy/Profile to a company, any new devices will have the Profile/Policy assigned to them.
It's similar to the Dynamic User and Device Groups you make in Intune, but on a global level.
NOTE: It can only be used for Intune Policies, right now, but there is an enhancement request (Group Templates - Add Functionality – Nerdio Help Center (getnerdio.com)) to expand on that functionality. If you've got the time, please go comment on/up-vote that request. 😉
How Does it Work?
At a high-level, you create your Group Template, apply it to a Policy, and then the policy (and group) are created in Intune using the logic in your Group Template.
What are the Limitations?
Currently, Group Templates can only be utilized in the following locations:
On top of that, Filters can only be applied in the following locations, but there will likely be a separate post about that in the future....
Enough talk, how do I use it?
Okay, okay. Now that we have all of the Whats? and Hows? out of the way, let's get down to how you can use the feature.
Create your Global Template(s)
- At the MSP-level of Nerdio, choose Group Templates
- Click Add new group template
- Enter a Name for the Template
NOTE: At the time of writing, this name is just a way to identify the template and make it unique. - Choose the Membership Type from the drop-down
- Toggle Dynamic Rule (if you're using a dynamic group)
- Apply your Dynamic Rule Parameters
- Click Next
- Create the Naming Template for the Group.
NOTE: If you click on one of the supplied variables, it will copy it to the Name Template field. However, if you click the Copy icon, it will copy the variable to your clipboard - Click Save & Close
Apply the Group Template to a Policy
Now that you've created a Group Template, you're ready to assign it to a policy.
(see Intune Policy Management at the MSP Level for more info)
- Select one of your Intune Policies
NOTE: Review the What are the Limitations? section for a reminder of which policies can currently utilize the Group Templates feature. - Choose Assign
- Click the Add assignments button
- Choose the Account(s)
- Select to either Add (the policy) or Overwrite (the policy if it exists)
- Click Confirm
- Select to either Manually sync the policy or Automatically sync the policy to the account when the policy is updated.
- Select the Group Template(s) you want to assign the policy
NOTE: At the time of writing, you can only assign the policy to a single Group Template. -
**OPTIONAL**
Filter the assignment to a subset of the devices - Click Apply and close
NOTE: You may need to manually Re-publish the policy for it to show-up in Intune if you're impatient like me and don't want to wait for a sync-cycle. 🙂
Check the assignment in Intune
Just because we always like to "trust, but verify", we want to go into Intune to make sure the policy applied.
- Logon to the customer's Intune Portal (https://intune.microsoft.com)
- Open the Policy and check the Assignments
- If you want to go the extra mile, you can also check the group membership to verify the group is gathering the correct devices
Conclusions
Overall, I think the potential for the Group Templates feature is really awesome, but I'd love to hear your use-cases and if you can see the potential use in your customer's environments. 🙂
Comments (4 comments)