Jump to content

Exclude from dynamic group

Recommended Posts

Hello everyone!

I ran into the problem of missing exceptions or filters to create exceptions. Maybe there is a solution, let me know please.


There is a dynamic group that, when a computer enters there, applies a number of policies to the object.

There is a static group to which I want the PC to be removed from the dynamic group and thus the policies set for the dynamic group are not applied to it, but those that are set for the static group are applied.

I did not find an option to set the filter for a dynamic group to exclude if the object is in a static group. Also, I did not find any options for setting policy enforcement exceptions. Are there any options how to implement this? I found only an option with duplication of all policies and forced application of parameters, but this is not an option. I then need to duplicate both the policies themselves and then making any change to duplicate each setting.

Link to comment
Share on other sites

  • Administrators

There are no such exceptions possible. However, if you give a concrete example of what you would like to achieve, maybe we could suggest a way how to accomplish it, e.g. using parent and child groups somehow.

Link to comment
Share on other sites

The main idea behind this implementation is the requirement to clear policies before deleting a device. According to the steps:
1. Reset Endpoint settings
2. Stop computer management

3. Remove computer from database
Therefore, to implement the first point, I would like to come up with some kind of container where I would move computers before deleting them. The fact is that the second step is not performed for me, if I do not take the first one, the task hangs endlessly in work and does nothing. I tried to ignore the first two steps and go straight to the third one, but then the next time the device is connected to the network, it again appears in my console as a new but not activated device. Maybe if the options are how to perform the first step in a different way?

Link to comment
Share on other sites

  • 3 weeks later...
  • Administrators

It is not possible to create exclusions from dynamic groups. However, you can use nested dynamic groups and let the policies from the parent and other superior dynamic groups propagate to lower level groups.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...