Allow Exclusion Assignment Option for Powershell Scripts
When assigning a powershell script through the device configuration blade, there is no way to create exclusion rules as there is in application deployments.
As there is no support for exclusion logic for groups in AAD, this leaves you with no way to control deployment of scripts via dynamic groups. My test scenario involved having a group of "unmanaged devices" and a dynamic group that contained all devices with windows 10 1709 installed.
I wanted to deploy the script to all devices in the dynamic group but also exclude any that were also a member of the "unmanaged devices" group.
At a base level I am hoping for feature parity for all areas of the same product!!!
Rob de Roos commented
I would like this also. But do you have powershell scripts assigned to devices? Because in the article https://docs.microsoft.com/en-us/intune/intune-management-extension it is stated that:
PowerShell scripts can't be applied to computer groups.
PowerShell scripts are executed on devices only when an Azure Active Directory (AD) user is signed in to the device.
Otherwise another thing would be to make that possible at first.
James Farmer commented
I second this!!