Microsoft Entra ID Group Rules

Create rules for Microsoft Entra ID user groups and assign security control rules with Entra ID Groups. Remember, to Add or Edit Microsoft Entra ID itself, please use the Microsoft Entra ID console. The following instructions are for Application Control.

All standard Console functionality expected of a Group Rule is supported:

• Basic rule display and interaction

• Add & Edit will be performed via selection from a Group picker. No manual entry will be supported

• Configuration Profiler

• Snippet Import

• Search

• Undo/Redo

• Signature rescan

• Library Group in-use checking

• Cut/Copy/Paste between rule items within this new rule type.

Other Notes

• Rules based on Entra ID Groups will apply at the endpoint.

• Entra ID Joined and Hybrid Entra ID Joined machines will be supported.

• Changes to User Group Assignment in Entra ID will apply ONLY at user logon.

• Last known Groups should apply when network connection unavailable at logon.