Smart Lockout For Full Azure users is mandatory
We Implement Azure AD and Intune in our organization 600+ users some of them on hybrid and some of the Full AD join.
RIght now from a security perspective, there is an issue with SmartLockout feature, users can't be locked according to Microsoft support, in case they try to sign in with a bad password to their computer, which is very bad in case someone from outside will try to access company resources.
the answer was that it can be work only if we will disable user cache credentials and then in case of user don't have network access he will not able to login to his device.
Microsft must have a solution for that because it's not meet the basic standards of every security police.