Windows Update for Business deployment service + Intune: the latest and greatest

That's actually a very interesting question, and one that causes a lot of confusion, so I'll do my best to make it simple. The co-management slider primarily controls whether the Update Rings profiles are able to set policy on the device. If the WU co-management slider is set to Config Manager, then config manager has the authority to configure the Windows Update policies on the device (via GP). If the slider is set to Intune, then Intune has the authority to configure Windows Update policies on the device (via MDM). The Feature update profiles do not use MDM, they use the cloud-based Windows Update for Business deployment service instead. And so they do not depend on the co-management slider setting. What they DO depend on is that the device is configured to get updates from Windows Update in the Internet... so if the device is set to scan for updates from WSUS, or DisableDualScan is enabled, or the new scan source policy for feature update is set to WSUS, then the device won't talk to Windows Update in the Internet, and so the Feature Update profiles in Intune can't manage which updates and when. That said, a best practice is to go ahead and move the slider, after you set up your policies in Intune, and manage the client policies from Intune as well... but there is some flexibility in exactly how you get there. I hope this helps!