This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 7.000000000000001%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
Looking for best practices and approaches for multiple domain workstations enroll to intune.
We have an environment with around 10 domains all are on-premises AD. Now we have a single Intune tenant. the condition needs to follow the hostname naming convention.
Could you guide me what is the best practices to implement the autoenrollment from Intune and mass/bulk enrollment for existing machines.
Thank you for asking this question on the Microsoft Q&A Platform.
If those domains are in the same Domain Controller You should install Azure AD Connect on your server https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-azure-ad-connect
Azure AD Connect is an on-premises Microsoft application that's designed to meet and accomplish your hybrid identity goals.
You can follow these steps https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-express
If those domains are in multiple domain controllers, you should follow any of the topologies described here --> https://learn.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies#multiple-forests-single-sync-server-users-are-represented-in-only-one-directory
Hope this helps!
Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
NOTE: To answer you as quickly as possible, please mention me in your reply.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Vij, Thanks for posting in Q&A.
From Intune side, for these existing machines, if they can do Hybrid Azure AD joined successfully with AzureAdJoined, DomainJoined and AzureAdPrt as yes under "dsregcmd /status", then you can choose GPO to do the enrollment in a bulk.
Here is a link with more details in the following link:
Hope it can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.