How To Setup Cloud Management Gateway (CMG) in Microsoft SCCM - Video Guide

Overview

This guide is also available on my personal blog:  https://setupconfigmgr.com/how-to-setup-cloud-management-gateway-cmg-in-microsoft-sccm

In this video guide, we will be covering how you can set up the cloud management gateway in Configuration Manager to manage clients on the internet. This guide covers essential aspects of CMG such as certificates, site system roles, Azure prerequisites and much more!

Video Guide

Topics in Video

• CMG Vs. IBCM – https://youtu.be/kTOPhVHyZtE?t=42
• Certificates needed for Cloud Management Gateway – https://youtu.be/kTOPhVHyZtE?t=186
• Create Web Server CMG Certificate Template – https://youtu.be/kTOPhVHyZtE?t=289
• Review Client Communication Settings- https://youtu.be/kTOPhVHyZtE?t=401
• Request Server/Web Server Certificate for CMG – https://youtu.be/kTOPhVHyZtE?t=446
• Export Internal Root CA Certificate to use in CMG – https://youtu.be/kTOPhVHyZtE?t=583
• Allow Client to Use Cloud DP and CMG – https://youtu.be/kTOPhVHyZtE?t=622
• Configure Azure Subscription – https://youtu.be/kTOPhVHyZtE?t=658
• Give App Registrations Permissions in Azure – https://youtu.be/kTOPhVHyZtE?t=821
• Create Cloud Management Gateway – https://youtu.be/kTOPhVHyZtE?t=884
• Install Cloud Management Gateway Connection Point Role – https://youtu.be/kTOPhVHyZtE?t=1600
• Set Management Point and Software Update Point to Allow CMG Traffic – https://youtu.be/kTOPhVHyZtE?t=1660
• Distribute Content to CMG – https://youtu.be/kTOPhVHyZtE?t=1755
• Enable RDP for the Azure CMG Server – https://youtu.be/kTOPhVHyZtE?t=1869
• Verify Client Receive CMG Server for IBCM Mangement Point – https://youtu.be/kTOPhVHyZtE?t=2154
• Verify Client Notifications Work on Internet Client – https://youtu.be/kTOPhVHyZtE?t=2372
• Verify App Deployment Works from Internet Client using CMG – https://youtu.be/kTOPhVHyZtE?t=2491
• Verify Software Updates Works from Internet Client using CMG – https://youtu.be/kTOPhVHyZtE?t=2523
• Verify Hardware Inventory from Client Notification Channel Works – https://youtu.be/kTOPhVHyZtE?t=2650

Helpful Resources:

• Plan for the cloud management gateway in Configuration Manager – /en-us/sccm/core/clients/manage/cmg/plan-cloud-management-gateway
• IBCM Vs. CMG – /en-us/sccm/core/clients/manage/manage-clients-internet
• Set up cloud management gateway for Configuration Manager- /en-us/sccm/core/clients/manage/cmg/setup-cloud-management-gateway
• Support for Configuration Manager features from CMG – /en-us/sccm/core/clients/manage/cmg/plan-cloud-management-gateway#support-for-configuration-manager-features
• Cloud Management Gateway Performance and scale – /en-us/sccm/core/clients/manage/cmg/plan-cloud-management-gateway#performance-and-scale
• Ports and data flow – /en-us/sccm/core/clients/manage/cmg/plan-cloud-management-gateway#ports-and-data-flow
• Required ports – /en-us/sccm/core/clients/manage/cmg/plan-cloud-management-gateway#required-ports
• Publish the certificate revocation list – /en-us/sccm/core/clients/manage/cmg/security-and-privacy-for-cloud-management-gateway#publish-the-certificate-revocation-list
• Plan for PKI certificate revocation – /en-us/sccm/core/plan-design/security/plan-for-security#BKMK_PlanningForCRLs
• Certificates for the cloud management gateway – /en-us/sccm/core/clients/manage/cmg/certificates-for-cloud-management-gateway
• CMG server authentication certificate – /en-us/sccm/core/clients/manage/cmg/certificates-for-cloud-management-gateway#cmg-server-authentication-certificate
• CMG trusted root certificate to clients – /en-us/sccm/core/clients/manage/cmg/certificates-for-cloud-management-gateway#cmg-trusted-root-certificate-to-clients
• Enable management point for HTTPS – /en-us/sccm/core/clients/manage/cmg/certificates-for-cloud-management-gateway#enable-management-point-for-https
• Classic Servier Deployment | Create Management Certificate  – /en-us/azure/cloud-services/cloud-services-certs-create
• Classic Servier Deployment | Upload your service certificate to the Azure portal – /en-us/azure/azure-api-management-certs