Windows Intune: Groups and Updates

This is part of an ongoing series about Windows Intune. This week will focus on groups and updates.


In Intune, groups work similarly to collections in SCCM. You can group devices and users for various tasks, such as organization or deployment of software. Just like with collections in SCCM, membership can be based on criteria (similar to queries) or direct adds. Groups can be added under the All Users or All Groups nodes. One difference between Intune and SCCM is that you cannot divide groups into sub-folders.


To create a group, click “Create Group” from the tasks section. Give your group a name, and select a parent group. Just as with SCCM, groups can only contain either users or devices, not both; which parent group you select will determine which type of group this is. I am going to create a device group.


Next, we can define criteria for this group. This will make the group dynamic, meaning that when a device fits the criteria, it will be added to the group. Two functions to look at here are the “Device Type” and “Start group membership with” boxes. The device type box defines if this group has computers or mobile devices. Next, start group membership tells the system if you want all of the devices from the parent group included with this group. Next, we can define which organizational units or domains make up this group. Currently, that is all of the criteria that can be selected.

Next, the direct membership screen allows us to directly add devices to a group. Define this as needed. Next, you can see a summary of what was selected and finally create the group.


I can now see the status of my new group by clicking on it. You can also see the devices in this group by clicking “Devices”.



The update function works similarly to a standard WSUS infrastructure. Administrators can use this screen to approve updates for their clients. The first step is defining what products we want to update. Most of this is limited to Windows-based devices. To begin defining products, click “Select Classifications and Products” from the tasks screen. You should get a screen similar to this:


Go through this screen and define everything that your organization needs. If you have seen SCCM or WSUS before, this list should be pretty familiar. At the bottom of the screen you are allowed to set up automatic approval rules. Define these as needed for your organization.

After setting up what update classifications and products you need, select a category, such as “Critical Updates”. You should get something that looks like this:


This is listing of all of the updates available for approval. When you select one, you notice that the description, publisher, KB article, and information about the OS for this update appears. At the top of the windows, you can also a filter that can be helpful, especially since I am currently seeing 1000+ updates. Seeing that many updates illustrates the point of only searching for what you need, so if you see a large number, go back and redefine your list of products.

After you find an update that needs to be deployed, select it (or multiple updates) and click on the “Approve” button at the top. You will be asked which group to deploy it too. After that, you can define whether to install it required or available, and also define a deadline.


At the bottom, you are also given information about whether or not the update requires a restart:


After you have defined approval and deadline, click Finish to deploy the update. After approval, you can check and see that it has been changed to approved:



All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistant.



Contact Us

On Key

More Posts

WME Cybersecurity Briefings No. 005
Cyber Security

WME Security Briefing 15 April 2024

E-Commerce Security Alert: Unveiling Magecart’s Persistent Backdoor Overview Malicious activities by Magecart attackers have been reported. They are targeting Shopify’s content delivery network (CDN) by creating fake Shopify stores. The backdoor method has enabled them to

Read More »
WME Cybersecurity Briefings No. 004
Cyber Security

WME Security Briefing 11 April 2024

Mispadu Trojan Exploits Windows Vulnerability to Target Financial Data Overview The Mispadu banking trojan has intensified its operations as it’s exploiting an already patched Windows SmartScreen flaw. Since its initial identification in 2019, Mispadu has primarily preyed on

Read More »
WME Cybersecurity Briefings No. 003
Cyber Security

WME Security Briefing 29 March 2024

Russian hackers escalating their cyber warfare, deploying TinyTurla-NG to breach European NGOs. Cisco Talos reveals a targeted attack against organizations advocating democracy and supporting Ukraine. With their sophisticated methods, these cyber attackers are bypassing antivirus defenses

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.