We disabled WFB when we first rolled out autopilot because we are not ready to deploy and support passwordless at the time. Now we’ve started testing WFB I’m running into an issue of not being able to access domain file shares and web servers. Below are links about the issue and different options for the three different trust types.
Azure AD and Windows Hello: SSO to on-premises resources | Katy’s Tech Blog (katystech.blog)
Windows Hello for Business Deployment Known Issues | Microsoft Learn
On-prem access from an aad joined device with Windows Hello for Business – Microsoft Community Hub
On-premise access from Azure with Windows Hello for Business — Rubix (getrubix.com)
Windows Hello for Business Deployment Prerequisite Overview | Microsoft Learn
Windows Hello for Business cloud Kerberos trust deployment | Microsoft Learn