Starting tomorrow, Microsoft will begin replacing its Intune Groups with Azure Active Directory Groups. All group management, policy deployment, and profile deployment will be migrated to the other service.
The change is made possible by a new Azure-based Intune portal, which will come with some new Azure Active Directory Premium features.
Azure-Intune Portal Features
According to a Microsoft spokesperson, the new portal will provide the following benefits:
“This new experience will keep you from having to duplicate groups between services, allow you access to some new Azure Active Directory Premium (AADP) group features, and provide extensibility using PowerShell and Graph. This will also unify the group management experience across enterprise mobility management.”
The change will also result in modifications of the admin console to accommodate. Microsoft assures specifics will be revealed in Intune documentation soon.
Some functionality will be removed as a result of the migration, including:
- “Excluding members or groups while creating a new group
- Ungrouped Users and Ungrouped Devices groups
- Manage Groups in the Service Admin role
- Custom group-based alerts for Notification Rules
- Pivoting with groups in reports”
The features may be missed by some, but according to Microsoft the changes are “based on your feedback to have one grouping and targeting experience across Enterprise Mobility + Security.“
Intune Groups Migration Schedule
Though the rollout will officially begin in September, most users won't notice a change until November. Microsoft has a rough schedule for the changes, as follows:
- “In September, new accounts provisioned after the monthly service release will use Azure AD security groups rather than Intune user groups.
- In October, new accounts provisioned after the monthly service release will manage both user and device based groups in Azure AD portal. No impact to existing customers
- In November, Intune product team will start migrating existing customers to the new Azure AD based group management experience. All user and device groups in Intune today will be migrated to Azure AD security groups.”
The team is currently finalizing the November schedule and will be working to minimize end user impact. In the meantime, you can read the full documentation, which includes ways to prepare.