![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 79%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAI%3C/text%3E%3C/svg%3E)
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,881 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Anamika . (International Supplier) , From your description, I know you want to implement Intune in Hybrid environment.
In General, Intune is a cloud-based service to help you manage the devices and apps. Before the device being managed by Intune, we need to enroll the devices into Intune. There are many enrollment methods we can choose. Here is a link list the enrollment methods for your reference:
https://learn.microsoft.com/en-us/mem/intune/enrollment/device-enrollment#windows-enrollment-methods
In your description, I know this is a Hybrid environment. For such environment, the enrollment methods we can choose for Windows are as below:
Automatic enrollment via Group Policy: Mainly used for the existing domin joined device to enroll into Intune.
Windows Autopilot with Hybrd Azure AD joined: Mainly used for the new devices to reduce business ready time.
Co-management: Mainly used for the existing Configuration Manager managed devices to enroll into Intune to get the dual benefits of Intune and Configuration Manager.
You can choose the methods according to your requirement.
To let you better understand these enrollment methods, I have listed some links for your reference:
Group Policy enrollment
https://learn.microsoft.com/en-us/windows/client-management/enroll-a-windows-10-device-automatically-using-group-policy
Windows Autopilot Hybrid Azure AD Joined
https://learn.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid
Co-management:
https://learn.microsoft.com/en-us/mem/configmgr/comanage/overview
For all these methods, Hybrid Azure AD join is one of the prerequisite. I notice ADFS is used. To configure Hybrid Azure AD join with Federated domains, you can refer to the following link:
https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-azure-ad-join#federated-domains
If you have more question with Hybrid Azure AD join with ADFS, you can add tag "azure-ad-hybrid-identity" and "adfs" tag to get more help.
In addition, I notice you also want to get advice of AIP. As we are not familiar with AIP, we suggest open new thread and add "Azure-information-protection" to get help on it.
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.