Limit policy to smart user group?

Just to clarify, you're talking about the Limitations tab in the policy scope, which typically gives you the option for Network Segments or iBeacons?

If you're not, I have complex Smart Groups which involve things such as "member of static group" AND "does not have x installed", and further scope those by Network Segment...

Yes, I am talking about the limitations in the policy scope. I am trying to create a static user group under the users tab in the JSS and I would like to limit policies based on that user group. I am trying to create a "early adopters" group where anyone in that group could log into self service and have access to additional policies that normally their machine would not see.

Create the Static Group THEN a separate Smart Group. Under the Smart Group's criteria, among other options, have Group Membership point to that Static Group?

If you want to change to production, just edit the Smart Group and remove the criteria?

This brings out how it's a PITA to edit complex Smart Group criteria (this AND this AND this), which I would hope JAMF will eventually enhance, but this seems do-able...

There are many ways to accomplish this depending on how you mange your current SMART groups, EAs and/or static groups. You're right though, it is tedious. I tend not to like static groupings for multiple reasons but sometimes find them necessary. Also, just so you know there are feature request under review asking for the ability to set policy scopes by LDAP group/user privs.

I am also interested in this, I would like to apply an OS X policy with software restrictions, but only for certain users. I cannot see how to do this as you can't see to scope policies to user smart or user static groups...

Thanks