All assignments in Intune are based on Azure AD groups. I think you also already had the problem that you wanted to find out to which Intune Object a certain AAD group in already assigned, but there is no way in the portal to find this out. To solve this problem I have written a script that gives you exactly this output.
How does it work
- First we authenticate to the Azure AD to get an authentication token.
- After that we read in the group we want to searched for and check if it exists. If the group exist we get the group id. If the input does not exist, we list all groups and ask until the input is correct.
- After that we check all device configurations, ADMX, apps, compliance policies and scripts if there is an assignment or exclude for this group.
What you have to do
- First you need to download my script from my Git hub repository.
- Run the script and enter your UPN with sufficient permissions.
- Enter the name of an Azure AD group (If you want to list all groups press enter without content).
- That is it. Now you get all assignments and excludes of the group listed.
I hope I could help you with this script if you are looking for the Intune assignment of an Azure AD group in the future. If you are using the script in a larger environment it may take some time to run the script as it has to go through all the objects and look at the assignment. If you are missing a category in the script then let me know so I can add it.
Stay healthy, Cheers