Dynamic Membership Rules

Steps To Create a Group Membership Rule:

1. Sign in to the Azure AD admin center with an account that is in the Global administrator, Intune administrator, or User administrator role in the Azure AD organization.

2. Search for and select Groups.

3. Select All groups and select New group.

4. On the Group page, enter a name and description for the new group. Select a Membership type for either users or devices, and then select Add dynamic query. The rule builder supports up to five expressions. To add more than five expressions, you must use the text box.

5. To see the custom extension properties available for your membership query:
6. Select Get custom extension properties
7. Enter the application ID, and then select Refresh properties.
8. After creating the rule, select Save.
9. Select Create on the New group page to create the group.
If the rule you entered isn't valid, an explanation of why the rule couldn't be processed is displayed in an
Azure notification in the portal. Read it carefully to understand how to fix the rule.

To update an existing rule

1. Sign in to the Azure AD admin center with an account that is in the Global administrator, Group
administrator, Intune administrator, or User administrator role in the Azure AD organization.
2. Select Groups > All groups.
3. Select a group to open its profile.
4. On the profile page for the group, select Dynamic membership rules. The rule builder supports up to five expressions. To add more than five expressions, you must use the text box.

5. To see the custom extension properties available for your membership rule:
6. Select Get custom extension properties
7. Enter the application ID, and then select Refresh properties.
8. After updating the rule, select Save.
Expressions you can use for Dynamic Membership Complete list of supported properties and expressions is available at this link.