Deploy to AAD Groups / Members of AAD groups with configman
We would like to target collections that include AAD groups, or the members of AAD groups, with deployments in ConfigMan. We have several use cases where it would be helpful to target the users or machines in AAD groups for deployments.
These machines may be hybrid joined and not enrolled in intune or they may be AAD-only joined co-managed machines. AAD group membership for our users may also be good collection criteria.
Sven Mattheus commented
Definitely something that is missing today.
see also: https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/42121525-sync-aad-group-membership-memcm
I really do not understand why these ideas do not get way more votes.
I can only guess few enterprises are doing it the way MS recommends (native AAD-joined devices for identity). Doing it the right way should not mean you have to give up on ConfigMgr - but these crucial missing features are really blocking when managing +60K AAD devices.
We are facing a similar need for this functionality. Specifically for AAD-only joined co-managed machines.
We are moving to Autopilot and to limit the number of installations during initial imaging or resets, we are installing the Configuration Manager Client and will let that do most of the heavy lifting for Software Installs through our CMG.
The goal would be to only have the Autopilot systems in AAD, and sync the AAD information back to a collection to control the extra software deployments.