CMG with just One Cert

You read it correct! Cloud Management Gateway has evolved and its now easier than ever to deploy one. All you need is a single Web Server Authentication Certificate from a public CA. What changed? Primarily the introduction of a new feature in ConfigMgr 1806 called Enhanced HTTP Site System which replaces the requirement of an…

6

Step-By-Step: Cloud Management Gateway on ARM

Introduction Starting ConfigMgr 1802 Cloud Management Gateway is NO longer a Pre-release feature and introduced the option of Azure Resource Manager [ARM] deployment. This removes the requirement of the traditional Azure Management Certificate and relies on Azure AD auth. to create the modern resources. Note – The CMG deployment with ARM continues to use the…

8

CMG Tip – Why you shouldn’t disable CMG from the default client setting

If you are planning to use the Default Client Settings from 1706 to disable cloud management gateway which is enabled by default, you should reconsider your decision if you’d like to perform client installation over internet because the client will never receive the custom device settings. Finding If you end up in the above situation,…

0

Feature Updates for Windows 10 via CMG

In my last blog post, I highlighted the option to install the ConfigMgr client over Internet for Windows 10 AAD joined machine, the next challenge is to perform Windows 10 Servicing to ensure the managed device is running a supported OS. A similar challenge is for Domain-Joined Windows 10 clients who are rarely on the…

0

Client Installation over Internet

System Center Configuration Manager 1706 simplified the capability to install (bootstrap) the client over internet, this blog post walks through two scenarios – AAD joined device – Modern management of Windows 10 devices leveraging Azure. Workgroup device – Servers on DMZ without corporate network access Prerequisites The table below lists the requirements for each scenario…

6

Modern Management of Internet Clients

The release of ConfigMgr Tech Preview – 1705 introduced new cloud based client management capabilities like on-boarding Azure AD users and deploying ConfigMgr client over Internet. Common scenarios like BYOD or Un-Managed/Workgroup devices in the field can now join Azure-AD which gets enrolled into Intune & automatically pushes the ConfigMgr agent for full management. The…

10

Step-By-Step: Cloud Management Gateway

Introduction ConfigMgr 1610 introduced the Cloud Management Gateway, an Azure based solution to manage clients on internet. The benefit is that you don’t expose your infrastructure on the internet. The Azure VM(s) running behind the Cloud Management Gateway (Azure web service) are managed by Microsoft. At a high level, the clients communicate to an Azure…

42