At the time of writing there doesn’t seem to be any clear way to create a device group within Microsoft Intune, you may wish to create groups to separate your devices for the purpose of applying policies, a bit like an OU in Active Directory.
I’ve put together a little tutorial on how i’ve created device groups in order to apply a Powershell script only intended for Staff Laptops.
Step 1: Open up Microsoft Endpoint Manager from your Office365 admin tenant and click ‘Devices > Device Categories‘
Step 2: Create a new device category based on your requirements, in this case i’ll call it ‘Staff Devices‘, you can add a description, leave the scope blank and create.
Step 3: The next step is to head over to groups in the Endpoint Manager admin and create ‘New Group’
Fill the group details in as follows, naming it how you like. the group type should be Security and the membership type should be Dynamic Device
Click Add Dynamic query and select ‘deviceCategory‘ ‘Equals‘ and for the value enter your category name from step 2.
Step 4: now to assign the device you should find your device in the ‘All Devices’ section of Microsoft Endpoint Manager, click the device and select ‘Properties‘
From here you can change the device device category, for example Staff Devices