Note to Self: PowerShell Create Dynamic Azure AD Group

If, like me, you use PowerShell or Scripts of any kind, sometimes you find things don’t work, and then you find the commands that resolve it. Isn’t it true that down the line, when you hit the same issue, you then can’t remember what you did? Well, this post is a reminder for me.

Load Azure Active Directory Preview Module

if (Get-Module -ListAvailable -Name AzureADPreview) {
    Write-Host "AzureADPreview Module Already Installed" -ForegroundColor Green
else {
    Write-Host "AzureADPreview Module Not Installed. Installing........." -ForegroundColor Red
        Install-Module -Name AzureADPreview -AllowClobber -Force
    Write-Host "AzureADPreview Module Installed" -ForegroundColor Green
Import-Module AzureADPreview

Set Azure Active Directory Device Security Group Configuration

# Create a Device Specific Security Group
$IntuneGroupName = "Intune Devices"
$IntuneGroupMailName = "IntuneDevices"
$IntuneGroupQuery = "(device.displayName -contains ""Corp-Devices"")"

Create Dynamic Azure Active Directory Group

# Create Dynamic Azure Active Directory Group filtered to Devices and set to Paused
$IntuneDevices = New-AzureADMSGroup `
    -Description "$($IntuneGroupName)" `
    -DisplayName "$($IntuneGroupName)" `
    -MailEnabled $false `
    -SecurityEnabled $true `
    -MailNickname "$($IntuneGroupMailName)" `
    -GroupTypes "DynamicMembership" `
    -MembershipRule "$($IntuneGroupQuery)" `
    -MembershipRuleProcessingState "Paused" 

# Set the Dynamic Azure Active Directory Group to Sync
Set-AzureADMSGroup -Id $IntuneDevices.Id -MembershipRuleProcessingState "Paused" 

Liam Cleary

Liam began his career as a Trainer of all things computer-related. He quickly realized that programming, breaking, and hacking was a lot more fun. He spent the next few years working within core infrastructure and security services until he found SharePoint. He is the founder and owner of SharePlicity, a consulting company that focuses on all areas of Technology. His role within SharePlicity is to help organizations implement technology that will enhance internal and external collaboration, document and records management, automate business processes, and of course security controls and protection. He is also a Microsoft MVP focusing on Architecture but also crosses the boundary into Development. He is also a Microsoft Certified Trainer (MCT). His specialty over the past few years has been security in SharePoint and its surrounding platforms. He can often be found at user groups or conferences speaking, offering advice, spending time in the community, teaching his kids how to code, raspberry PI programming, hacking the planet or building Lego robots.

You may also like...