Device Dynamic group to query TPM version
Please allow to use Device Dynamic group to query TPM version.
This could be very useful for configuration deployment when required to have TPM 2.0 version
When you select a dynamic user/device anything related to it should appear in there, unfortunately, selecting a dynamic devices doesn't show options related to hardware specifications.
That is really required and would save much headaches and manually procedures.
Joan Delgado commented
Hi, for my organization and customers this is a important thing because we use different policies that we need to apply with different configuration to Devices with TPM o WithOut TPM o maybe for diferent versions.
Now, we need to create and manage this computers by groups and manage manually the membership. This is not a good scenario.
It doesn't necessarily need to be a dynamic group, but surfacing the TPM that a device has somewhere in Intune would be helpful. There are many reasons, but one in particular is there is hardware out there that supports TPM 1.2 AND 2.0 (via firmware changes). We need a way to identify which mode the hardware is in so we can plan to flash the ones that are in 1.2 mode.
Martin de Wit commented
Also useful for compliance checks. Secure boot check on TPM1.2 is not allowed.