Wednesday, 25 June 2025

Intune Device Query

         

 In Microsoft Intune, a Device Query is commonly used to:

  • Filter or group devices dynamically

  • Audit device properties (like OS version, ownership, enrollment type)

  • Build Dynamic Azure AD device groups

  • Perform advanced troubleshooting with filters and reports

πŸ” Common Ways to Perform Device Queries in Intune

✅ 1. Use the Built-in Device Search

Navigation:

  • Go to Devices > All Devices

  • Use the Search box or Filters (OS, ownership, compliance, etc.)

✅ 2. Create a Dynamic Device Group Query (via Azure AD)

To group devices dynamically based on properties (e.g., OS, Autopilot enrollment), do this:

πŸ”Ή Steps:

  1. Go to Intune Admin Center > Groups

  2. Click + New group

  3. Group type: Security

  4. Membership type: Dynamic Device

  5. Click Add dynamic query

πŸ”Ή Example Queries:

πŸ“Œ Query: Windows 11 Devices



(device.deviceOSType -eq "Windows") and (device.deviceOSVersion -startsWith "10.0.22")

πŸ“Œ Query: Autopilot Registered Devices



device.devicePhysicalIds -any (_ -contains "[ZTDId]"))

πŸ“Œ Query: Devices with Corporate Ownership



(device.deviceOwnership -eq "Corporate")

πŸ“Œ Query: Devices not compliant



(device.complianceState -ne "compliant")

✅ 3. Use Filters for App/Policy Targeting

When assigning apps or policies, you can use Intune Filters to include/exclude devices dynamically.

Example:

  • Filter: Only Windows 11 laptops

  • Create filter via:

    • Devices > Filters > + Create

    • Add rule:



      osVersion -startsWith 10.0.22

Use this filter when assigning policies/apps.

✅ 4. Advanced Reports

Navigate to:

  • Reports > Endpoint Analytics or Device compliance

  • Export to Excel/CSV and use Power BI for custom queries.