do you need to ad join devices for intune to work

Brass Contributor


I currently have devices joined on prem and managed by gpo and would like to manage them by intune.

I think best path is hybrid ad joined.


All users either use VPN or are directly on prem.

Will configuring a SCP and gpo to make them hybrid join require SSO? They will all authenticate to the domain controller. So why would i need SSO?

After I get them hybrid joined, do i need to install intune connector too? right now they are registered to azure ad and password hashes are synched, and i dont care if users are promted for a password to use 0365.


2 Replies
You can get your current devices in Intune by hybrid join, and you can even redeploy them outside the office if you have a supported VPN solution. And the Intune connector will be needed if you reset the devices, it enrolls the Computer Account in AD
Did that help?