This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 15%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I have the requirement of deploying an iOS Store application with the following requirement:
App A should be deployed as Required for Corporate ownership devices. Same app should be deployed as Available for Personal ownership devices.
User A has 2 devices - Device A(Corporate Owned) and Device B(Personal Owned) App A should be deployed as Required to Device A App A should be made Available to Device B.
I tried to create 2 filters:
For Personal owned devices
For Corporate Owned devices
For the below configuration, the application is getting deployed as Required to my Personal owned device as well:
Note: User is present in both the targeted groups.
I am struggling to find a correct combination of filters to achieve my objective.
Thanks for reaching out, Its been a while since I looked at this but my gut feeling here is that if it does not work as you expect its probably due to the User being members of both assignments. Have you tried to deploy App A to Device A instead ? Meaning that if you do Required installation to a group that contains devices instead of users you might get the expected result you describe. But you keep the assignment to User for the personal device scenario. Hope this makes sense.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
@Alex, Thanks for posting in Q&A.
From your description, I know you want to have different assignments for iOS apps based on the Ownership of the device.
Based on my testing, filters are only available for devices and apps, and one device group cannot be assigned to both as Required and as Available for enrolled devices, if you assign one group to both Required and Available for enrolled devices, it will include one assignment and exclude other one assignment.
Therefore, it is not suggested that using filters to filter different ownership and deploy apps, however, we can create two dynamic groups, one includes Personal owned iOS devices, and the other include Corporate owned iOS devices, then we can deploy Corporate device group as Required, and deploy Personal device group as Available for enrolled devices.
https://learn.microsoft.com/en-us/entra/identity/users/groups-dynamic-membership#rules-for-devices
Hope above information can helpful, if there is any unclear, feel free to let us know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@Alex, Hope things going well.
May I know the above information is helpful? If there is any update, feel free to contact us.