Event banner
Event details
What is the best way to managed devices centrally in the cloud when we have 20 different AD domains and we have several offsite users?
Confirming and building on Jason_Sandys comment:
You should seriously consider disconnecting all PCs from their local ADs and JOIN them to Entra/Intune/M365 only. Whether by manually disconnecting each PC and then re-joining (I doubt this is a good method for you) or re-deploying them fresh from the cloud remains to be seen.Hybrid management does not simplify things in our experience, it makes it worse. You have TWO environments to deal with now: AD + Entra/Intune. While ensuring they play nice with each other.
These days, MSFT recommends Entra/Intune joined PCs only - not hybrid joined, if any way possible.
Even with Entra join only, you will still have access to AD-based resources, but management will be fully centralized.As an MSP, I would strongly advise against a hybrid configuration.
I believe you'll be very pleasantly surprised at the new abilities you gain with cloud-only endpoint management.
- Jason_Sandys
Microsoft
It kind of depends on your goals and purpose of these 20 distinct domains as well as your current management state. Assuming a lot of things not in evidence here, you can sync your multiple on-prem AD domains successfully to a single Entra tenant which Intune will be linked to. The devices from these domains can then be either hybrid joined to this tenant or reprovisioned to be Entra joined to this tenant. In both cases, this will enable the devices to be managed by Intune.
