Add Condition Dialog Box
The fields on the Add Condition dialog box depend upon the type of condition you are adding:
You can add AD and Entra ID users/groups, as well as Organizational Units (OU) or Administrative Units (AU), at the same time. Categories are displayed to users based on their AD or Entra ID attributes configured with the respective user type.
Add Condition Dialog Box / “Group and OU” Condition
When you are creating a condition to apply include or exclude conditions to a role based on security group membership (AD group membership or OU container), the Add Condition dialog box has the following configuration:
The Add Condition / Group and OU dialog box includes the following properties:
| Property | Description |
|---|---|
| Domain List | Select the domain that you want to search. |
| Search Groups / Search OUs | Set the search focus to one of the following: To search for AD groups, leave the search focus set to Search Groups . To search for OUs, set the search focus to Search OUs . |
| Search | In the condition search box, enter the name of the group, such as Admin . |
| Include Groups / Exclude Groups | Select one of these options to determine whether to add an include or exclude condition. |
| Search Results | Lists the results of the search for AD groups or OUs. |
| Select | Click to add the selected security groups to the condition. |
Add Condition Dialog Box / “AD Property” Condition
When you are creating a condition to apply include or exclude conditions to a role based on AD properties, the Add Condition dialog box has the following configuration:
The Add Condition / AD Property dialog box includes the following properties:
| Property | Description |
|---|---|
| AD Property | Select the AD Property that you want to search. |
| Search | In the condition search box, search for the desired value of the AD property. |
| Include Properties / Exclude Properties | Select one of these options to determine whether to add an include properties or exclude properties condition. |
| Search Results | Lists the results of the search for AD properties. |
| Select | Click to add the selected AD property values to the condition. |
Add Condition Dialog Box / “Collections” Condition
When you are creating a condition to apply include or exclude conditions to a role based on System Center Configuration Manager collections, the Add Condition dialog box has the following configuration:
The Add Condition / Collections dialog box includes the following properties:
| Property | Description |
|---|---|
| Search | In the condition search box, search for the desired System Center Configuration Manager collection, and Intune Groups. |
| Include Collections / Exclude Collections | Select one of these options to determine whether to add an include collections or exclude collections condition. |
| Search Results | Lists the results of the search for collections. |
| Select | Click to add the selected collections to the condition. |