Active Directory OU Based Collection Creation


What do you mean by SCCM Device Collections?
Device Collections are a group of devices or machines, it can use be used for various tasks like managing applications, software updates and deploying compliance settings.
We have various ways of creating a collection based on our requirements and to the needs. In SCCM we have different types of rules that we can apply to create collections as per our requirements. We have five types and listed as below.

》Direct rule
》Query rule
》Device category rule
》Include collection rule
》Exclude collection rule

In this post we will be looking onto the creation of SCCM device collections using a query rule, based on the Active Directory OU (Organizational Unit). When we create a collection using a query rule based on the OU (Organizational Unit), all the devices in the Active Directory under that OU will be retrieved in the collection post updating the membership rules.

Below is the procedure and steps to be followed to create Device Collection using a query rule based on Active Directory OU


  • Need to have the details of OU (Organizational Unit) path based on which we are creating a collection.
  • Add the OU (Organizational Unit) path under the Active Directory system discovery in SCCM.
  • Necessary Rights and permissions in SCCM to create collections.

Once all the pre-requisites are completed, Proceed with collection creation. Below steps needs to performed


Below steps will guide to create collection based on AD OU path

  • In SCCM console navigate to Asset and Compliance tab –>Overview ( Device Collection (Navigate to the respective folder where you want the collection to be created).
  • Right click and select “Create Device Collection”
  • In the General page specify the collection name and any comments if required it’s optional.
  • In Limiting collection option ( Click Browse and select “All Systems” and click next.
  • In Membership rules page click “add rule”
  • Select “Query Rule”
  • After Selecting “Query Rule” The properties will open ( give the Name for the Query as per your convention here we are proceeding with the collection name itself.
  • Make sure the resource class is selected as “System Resource” if not select the same from the dropdown.
  • Next step Click on the “Edit Query Statement”
  • Post Clicking “Edit Query Statement” a new tab will open “OU based collection query properties.
  • In the Properties select the “Criteria” tab and click the yellow icon.
  • In the Criterion properties first click “select”
  • Make attribute class as “System Resource” if we require “alias” we can select from the drop down, here I am skipping “alias” leaving it default
  • Select the Attribute as “System OU Name” and click OK.

  • After clicking OK it will navigate to the Criterion properties. Choose the “operator” from the drop down as per your requirement here we have selected “is equal to”.
  • Click on “Value”.
  • Next, Values window will open ( select the Active Directory OU (Organizational Unit) according the requirement and it will include all the devices which are under that OU.
  • Click OK after selecting the Active Directory OU.
  • It will now navigate to criterion properties, we can view the query we have created ( Click OK.
  • Click “Next” in the “Query Based Properties Window”
  • Next “Summary Tab” ( Click again “Next”
  • Device Collection using a query rule based on Active Directory OU is created.
  • In the SCCM console navigate to device collection we can see the new collection we have created.
  • Right Click on the collection and select “Update Membership” option if you don’t see any devices in the collection.

1 thought on “Active Directory OU Based Collection Creation”

Leave a Comment