Implementation guide on Intune,AIP in a hybrid enviornment

Anamika . (International Supplier) 1 Reputation point Microsoft Vendor

Dear Support,

End customer has onprem AD and has exchange online (ybrid) and hasnow opted for EMS

In an hybrid enviornment where ADFS is also implemented for Intune and AIP implementation what all checks and measure should be taken for successful implementation.

Kindly sare detailed documentation on implementation and pre-requisites too

Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,427 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
2,760 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Crystal-MSFT 26,051 Reputation points Microsoft Vendor

    @Anamika . (International Supplier) , From your description, I know you want to implement Intune in Hybrid environment.

    In General, Intune is a cloud-based service to help you manage the devices and apps. Before the device being managed by Intune, we need to enroll the devices into Intune. There are many enrollment methods we can choose. Here is a link list the enrollment methods for your reference:

    In your description, I know this is a Hybrid environment. For such environment, the enrollment methods we can choose for Windows are as below:
    Automatic enrollment via Group Policy: Mainly used for the existing domin joined device to enroll into Intune.
    Windows Autopilot with Hybrd Azure AD joined: Mainly used for the new devices to reduce business ready time.
    Co-management: Mainly used for the existing Configuration Manager managed devices to enroll into Intune to get the dual benefits of Intune and Configuration Manager.

    You can choose the methods according to your requirement.

    To let you better understand these enrollment methods, I have listed some links for your reference:

    Group Policy enrollment

    Windows Autopilot Hybrid Azure AD Joined


    For all these methods, Hybrid Azure AD join is one of the prerequisite. I notice ADFS is used. To configure Hybrid Azure AD join with Federated domains, you can refer to the following link:

    If you have more question with Hybrid Azure AD join with ADFS, you can add tag "azure-ad-hybrid-identity" and "adfs" tag to get more help.

    In addition, I notice you also want to get advice of AIP. As we are not familiar with AIP, we suggest open new thread and add "Azure-information-protection" to get help on it.

    Hope the above information can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.