Starting with Windows 10 1803 a policy configuration service provider (CSP) called “ControlPolicyConflict/MDMWinsOverGP” was born by to handle policy conflicts when a Windows 10 device was hybrid Azure AD Joined. As default starting from Windows 10 1803 local group policies would be applied to a device. So now we are able to create a custom device configuration profile and add a Uniform Resource Identifier (OMA-URI) that blocks local om-prem domain polices and lets the MDM policies flow.
So if Microsoft Intune don´t have a GUI bottom for the setting? Make a custom Uniform Resource Identifier (OMA-URI) custom profile and deploy it to the Windows 10 device from Microsoft Intune.
The string and value setting for this CSP, are:
Read more about the policy here -> https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-controlpolicyconflict#controlpolicyconflict-mdmwinsovergp
To learn more about user and device scopes please visit: https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider#policy-scope
This video shows how to create a custom profile with the specific OMA-URI setting that blocks GPs.
Or skip this video and follow the blog post down below for a traditional text and picture guideline.