Systems Management

Building a ConfigMgr Lab from Scratch: Step 15 – Azure Services Connection

Topics: Systems Management

Building a ConfigMgr Lab from Scratch: Step 15

Azure Services Connection

In the previous posts, we’ve created the Certificates required for CMG and looked at Azure to confirm we have things in place. We also confirmed we have the rights set up in Azure that is needed. Let’s start the process in the CM Console.

Disclaimer, I’m following along the MS Docs page here, basically adding images.

At this point in the process, if you’re following along with the MS Docs, we’re right about HERE

In the Console, we’re in the Administration Node -> Cloud Services. Right Clicking on Azure Services and running the wizard to Configure Azure Service.

Here we are going to choose Cloud Management
When we choose Public Cloud and click Browse on Web app:
When you click Browse, you’ll see a list.. which will probably be blank, so click “Create” which launches this dialog box above.
Create a Unique Name for the Server App, this will be used in Azure.  I also change the URLs to something custom for easier troubleshooting in logs. Also, 2 years… I wish I could go more.  Then click sign in, and sign in with the account with the permissions, as we talked about in the previous post.
As long as everything is set up properly on the Azure side, you should see “Signed in successfully!” then it will populate your Tenant’s name.
In the Server App List, you’ll see the App you’ve just created.  I have several because… I made several mistakes and there isn’t a way to get rid of them (in the console).
Now on to the Native Client App
A similar process, but fewer options than before, but basically you set a unique name and sign in.
And when you sign in, you’ll hopefully see success
You’ll then see your new app in the Client App area
Ok, this is looking good.  Now we’ll move on.
Let’s check these boxes, and continue
And success!
And here we see the Cloud Management Connection and the information with it.
When I look at the Azure Active Directory Tenants in the console, I see this. You can see I’ve got a lot going on, and that’s because I made a few mistakes before I got it working right. But you can see the Server & Client apps we just set up.

At this point, we need to move over to the Azure Portal to confirm and set some additional permissions.

Now, in Azure, we can see that the 2 Apps have been created and registered. Click on the Client App so we can add some permissions.
Click “View API permissions”
Now you’ll need to click the “Grant admin consent”
Yes to Agree to provide the permissions
Repeat on the Server App, you’ll see that they were successfully granted.

‍Conclusion: Step 15 – Azure Services Connection

Ok, we’ve set up the Azure Services Connect and added the permissions in the console. In the next post, we move back into the CM Console to set up the CMG.

Building a ConfigMgr Lab from Scratch Series

Series Introduction – Building a CM Lab from Scratch

  1. Setting up your Domain Controller
  2. Creating a Router for your Lab using Windows Server 
  3. Certificate Authority – On Domain Controller [Optional]
  4. ConfigMgr Server Pre-Reqs (Windows Features)
  5. Configuration Settings (AD & GPOs)
  6. Source Server (File Share)
  7. ConfigMgr SQL Install
  8. ConfigMgr Install
  9. ConfigMgr Basic Settings
  10. ConfigMgr Collections & App Deployment
  11. ConfigMgr OSD
  12. ConfigMgr Reporting Services
  13. Cloud Management Gateway (CMG) – Certs PreReq
  14. Cloud Management Gateway (CMG) – Azure Subscription
  15. Azure Services Connection – You are Here
  16. Setting up CMG in the Console
  17. Cloud Management Gateway (CMG) – Post CMG Config
  18. Cloud Management Gateway – Client CMG Endpoints
Back to Top