Building a ConfigMgr Lab from Scratch: Step 15
Azure Services Connection
In the previous posts, we’ve created the Certificates required for CMG and looked at Azure to confirm we have things in place. We also confirmed we have the rights set up in Azure that is needed. Let’s start the process in the CM Console.
Disclaimer, I’m following along the
MS Docs page here, basically adding images.
At this point in the process, if you’re following along with the MS Docs, we’re right about
In the Console, we’re in the Administration Node -> Cloud Services. Right Clicking on Azure Services and running the wizard to Configure Azure Service.
Here we are going to choose Cloud Management
When we choose Public Cloud and click Browse on Web app:
When you click Browse, you’ll see a list.. which will probably be blank, so click “Create” which launches this dialog box above.
Create a Unique Name for the Server App, this will be used in Azure. I also change the URLs to something custom for easier troubleshooting in logs. Also, 2 years… I wish I could go more. Then click sign in, and sign in with the account with the permissions, as we talked about in the previous post.
As long as everything is set up properly on the Azure side, you should see “Signed in successfully!” then it will populate your Tenant’s name.
In the Server App List, you’ll see the App you’ve just created. I have several because… I made several mistakes and there isn’t a way to get rid of them (in the console).
Now on to the Native Client App
A similar process, but fewer options than before, but basically you set a unique name and sign in.
And when you sign in, you’ll hopefully see success
You’ll then see your new app in the Client App area
Ok, this is looking good. Now we’ll move on.
Let’s check these boxes, and continue
And here we see the Cloud Management Connection and the information with it.
When I look at the Azure Active Directory Tenants in the console, I see this. You can see I’ve got a lot going on, and that’s because I made a few mistakes before I got it working right. But you can see the Server & Client apps we just set up.
At this point, we need to move over to the Azure Portal to confirm and set some additional permissions.
Now, in Azure, we can see that the 2 Apps have been created and registered. Click on the Client App so we can add some permissions.
Click “View API permissions”
Now you’ll need to click the “Grant admin consent”
Yes to Agree to provide the permissions
Repeat on the Server App, you’ll see that they were successfully granted. Conclusion: Step 15 – Azure Services Connection
Ok, we’ve set up the Azure Services Connect and added the permissions in the console. In the next post, we move back into the CM Console to set up the CMG.
Building a ConfigMgr Lab from Scratch Series
Series Introduction –
Building a CM Lab from Scratch
Setting up your Domain Controller
Creating a Router for your Lab using Windows Server
Certificate Authority – On Domain Controller [Optional]
ConfigMgr Server Pre-Reqs (Windows Features)
Configuration Settings (AD & GPOs)
Source Server (File Share)
ConfigMgr SQL Install
ConfigMgr Basic Settings
ConfigMgr Collections & App Deployment
ConfigMgr Reporting Services
Cloud Management Gateway (CMG) – Certs PreReq
Cloud Management Gateway (CMG) – Azure Subscription
Azure Services Connection – You are Here
Setting up CMG in the Console
Cloud Management Gateway (CMG) – Post CMG Config
Cloud Management Gateway – Client CMG Endpoints