Overview of Groups

New
  • Updated on Apr 28, 2025
  • Published on Apr 1, 2025
  • 2 minute(s) read
  • s
 Prev Next

Introduction

The Groups module in the HP Workforce Experience Platform (WXP) provides a structured way to organize devices for policy enforcement, compliance, and remediations. It reduces manual effort by enabling automated and consistent grouping, helping IT teams manage devices efficiently at scale.

Groups do not perform actions directly. Instead, they define which devices should be included in targeted IT operations. This allows IT administrators to apply policies, remediations, and configurations based on group membership.

Types of groups: The platform supports the following types of groups:

  • Dynamic groups (automated membership updates): Update group membership automatically based on defined rules using properties, such as manufacturer, device model, device name, operating system, or serial number. With Dynamic Groups, you can:

    • Add or remove devices dynamically based on properties.
    • Apply policies and remediations automatically when devices enter or leave a group.
    • Execute scripts and automate tasks.

  • Static groups (fixed membership with manual control): Allow you to manually define a set of devices for policy application. With Dynamic Groups, you can:

    • Support controlled assignments, such as:
      • Pilot testing of new firmware updates
      • Tracking legacy devices where automated inclusion is not feasible
      • Deploying configurations to a specific set of devices.
    • Providie stable group structures where changes are intentional rather than automated.

  • Entra ID groups (identity-based integration): Synchronize device groups from Microsoft Entra ID (formerly Azure AD). With Entra ID groups, you can:

    • Apply policies and remediations based on role-based organizational groupings.
    • Enforce consistent security and access policies across organizational units.

Target Audience

Primary audience:

  • IT administrators who create and manage groups for policies and remediations.
  • HP Partners who use the platform to manage their customers
  • Help desk and IT technicians who organize devices for troubleshooting and testing.

Secondary audience:

  • Security and compliance teams who enforce consistent device security settings.
  • Decision-makers, such as product managers, sales team members, and C-suite executives

Key Features

  1. Automated membership management with Dynamic Groups: Automatic update of groups based on real-time device properties. This helps to ensure continuous compliance without IT intervention.

  2. Structured manual grouping with static groups: Manually curate device sets for specific deployments to support controlled rollouts, remediations, and monitoring.

  3. Rule-Based Criteria for Dynamic Groups: Create membership rules based on manufacturer, device model, device name, operating system, or serial number.

  4. CSV Upload for Bulk Assignments in Static Groups: Use .csv template to add device groups in bulk.

  5. Group Insights and Filtering: Filter groups by type, name, or date for better visibility.

Use Cases

  1. Automatic enforcement of security policy (dynamic groups)

    • Scenario: An IT administrator wants to ensure that Windows Defender is active on all corporate Windows 11 laptops.
    • Solution: Create a dynamic group for devices running Windows 11 and automatically apply a Windows Defender policy. Any new Windows 11 devices are automatically included in the policy scope.

  2. Controlled rollouts and pilot testing (static groups)

    • Scenario: The company plans to test a BIOS update before a company-wide deployment.
    • Solution: Create a static group and select test devices manually or upload a .csv file. Then, apply the BIOS update to the selected devices. Finally, evaluate success before proceeding with a full rollout.

  3. Identity-based policy application (Entra ID groups)

    • Scenario: The security team wants to apply multi-factor authentication (MFA) only to devices in a specific department in Microsoft Entra ID.
    • Solution: Integrate an Entra ID group to sync organizational groups from Entra ID and assign MFA policies to the target group to ensure alignment with security policies.

Related Resources

For more information, see the following articles:

Contact Us

For assistance, create a support case or email [email protected].

Related articles