Modern Desktop Architect

Automatically Creating Autopilot AzureAD Group


After spending far too long working out why my Autopilot Dynamic group was failing to populate (answer: typo), what better way to avoid this in the future than to script it and it’s something that’s needed for every Intune environment anyway.

Along with this individual script, I have added a step into my Intune Build Environment script (now on V1.1) so this can be done automatically on new installs:

Install-Script -Name BuildIntuneEnvironment 

As usual, the code can all be found on my github repo here

This one in particular uses the preview AzureAD Powershell module:

First, install the module if it’s missing

#Install AZ Module if not available
if (Get-Module -ListAvailable -Name AzureADPreview) {
    Write-Host "AZ Ad Preview Module Already Installed"
} 
else {
    try {
        Install-Module -Name AzureADPreview -Scope CurrentUser -Repository PSGallery -Force -AllowClobber 
    }
    catch [Exception] {
        $_.message 
        exit
    }
}

Now import it:

import-module -Name AzureADPreview

And connect to it (this step gives the familiar popup login box)

Connect-AzureAD

And finally create the group (in this case called Autopilot-Devices)

New-AzureADMSGroup -DisplayName "Autopilot-Devices" -Description "Dynamic group for Autopilot Devices" -MailEnabled $False -MailNickName "group" -SecurityEnabled $True -GroupTypes "DynamicMembership" -MembershipRule "(device.devicePhysicalIDs -any (_ -contains ""ZTDid]""))" -MembershipRuleProcessingState "On"

There we go, no input except a quick login and the group is created, so much quicker than manually!

Add a Comment

Your email address will not be published. Required fields are marked *