Everyone's endpoint management journey is unique. Start yours here.
All Blogs
Systems Management

Building a CM Lab – Setting up CMG in the Console [16]

Author Photo Gary Blok
Published on: May 5, 2020

Receive notification right in your inbox whenever new content like this is released & sign up for our email list!

We’ll send you the latest updates, how-to’s, and solutions to empower you at every endpoint.

By signing up you agree to our Privacy Policy.

Trending Topics

Q & A with SysAdmin Superstars – Jörgen Nilsson

5 Ways Right Click Tools Enterprise Saves Organizational Resources

Your Remaining Questions – Version 5.0 Webinar

Recast Software Releases Version 5.0

We’re four posts into our CMG Sub Series here, and we’re finally getting to the CMG setup, we’re going to go through the CMG Setup in the Console. Looking back, we needed to create our Certs (Note, if you’re not using an internal CA but a cert from a Cert Provider then you didn’t need to worry about that, but I’m not covering that setup, but merely an overview of how I set it up for our lab and hopefully it will be of use) and we’ll need our Azure Services already setup.

If you’re also following along in MS Docs, we’re up to this Point in the docs.

Let’s go ahead and set up our CMG in the Console

From the Administration Node -> Cloud Services -> Cloud Management Gateway -> Right Click -> Create Cloud Management Gateway
Here we Sign in with our Azure Account that has the proper permissions, as we talked about previously.
Once you sign in, if you have more than one subscription choose the proper one, and the rest should auto-populate.
Now we get to a fun part, lots of stuff to fill in. First, you’ll need to add that Certificate we created in an earlier post.
Browse and select our CMG Cert
It then prompts for the Password we placed on the certificate.
Once it imports, it creates this warning, since I created it with a wildcard since I wasn’t sure at the time what name I was going to use.  Let’s go ahead and finish filling it out
I’ve decided to go with recastdevcmg as the name.  The name you pick will automatically be placed into the box after it. You’ll see that MS uses its own domain behind the scenes (cloudapp.net).

NOTE… YOU NEED TO SETUP A DNS ALIAS for your custom CMG Name [recastdevcmg.dev.recastsoftware.com] to the Microsoft backend name [recastdevcmg.cloudapp.net]. If you don’t have that in place, your clients and servers will not be able to communicate with the CMG in Azure.

alright, going back to that last image, I found it easiest to have the wizard create a new Resource Group in Azure.  I made sure it was a unique name, and one pretty easy to know what it was when you’re in the Azure Portal. Also please note, that you’re going to want to uncheck that box for “Verify Client Certificate Revocation” unless you don’t.. but if you’re not sure, then you’ll want to uncheck it. [MS Docs] (as shown below).. sorry I didn’t do that when I first set it up and was grabbing the screen captures, and I found it caused some issues. But it wasn’t really practical, but thankfully some of these settings you can change after the fact… like that one. I also checked the box to all the CMG to function as a cloud DP, which is pretty cool, and I’ve been doing tests with my client that doesn’t have a VPN connection back to the lab, and it’s great that I can install applications from the software center without being on the network. But I’m getting ahead of myself. While you’re still on the screen in the wizard you’ll need to load your CA Cert, which I’ll show below too.

Make sure you uncheck that box in the wizard above, as I forgot originally. More info about this in the MS Docs if you want to understand what that box does.
This shows what you see when you click on the Certificates button, it will show any certs you already have in there, I didn’t have any, so I clicked add, then browsed to my root CA cert and added.
It will then pull the Cert in, and you can specify which Store, you’ll want to make sure it’s the Trusted Root Certificate Authorities store.
On the next page, I just left the defaults.
And Complete! Success!

We now see our CMG service set up in the console, and its status is provisioning.

Going into Azure Portal, in the Resource Groups, I see the Resource Group that was created by the wizard.
Digging into the Resource Group I can see that is being deployed right now.
And here we are, my CMG is set up in that Group, and you can see the MS Provided URL

Ok, so now we have our CMG, in the next post(s) we’ll go over how to leverage this new CMG. We still have a few more things to set up in the Console before it’s useable.

So we’re getting close, so hang in there team!

Related Blog Posts:

Cloud Management Gateway (CMG) – Certs PreReq [13]

Cloud Management Gateway (CMG) – Azure Subscription [14]

Cloud Management Gateway (CMG) – Azure Services Connection[15]

Cloud Management Gateway (CMG) – Post CMG Config [17]

Cloud Management Gateway (CMG) – Client CMG Endpoints [18]

Related Resources

Featured Image
Building a CM Lab

Building a ConfigMgr Lab- Series Intro

Author Photo
Gary Blok
May 21, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Domain Controller VM [1]

Author Photo
Gary Blok
May 20, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Gateway VM [2]

Author Photo
Gary Blok
May 19, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Certificate Authority [3]

Author Photo
Gary Blok
May 18, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr [MEMCM] Server Pre-Reqs [4]

Author Photo
Gary Blok
May 17, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Configuration Settings (AD / GPO) [5]

Author Photo
Gary Blok
May 16, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr Source Share [6]

Author Photo
Gary Blok
May 15, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr [MEMCM] Installing SQL [7]

Author Photo
Gary Blok
May 14, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr Install [8]

Author Photo
Gary Blok
May 13, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr Settings Setup [9]

Author Photo
Gary Blok
May 12, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr Collections/App Deployments [10]

Author Photo
Gary Blok
May 11, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Operating System Deployment [11]

Author Photo
Gary Blok
May 10, 2020
Featured Image
Building a CM Lab

Building a CM Lab – SQL Reporting Services (SSRS) [12]

Author Photo
Gary Blok
May 9, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Cloud Management Gateway (CMG) – Certs PreReq [13]

Author Photo
Gary Blok
May 8, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Cloud Management Gateway (CMG) – Azure Subscription [14]

Author Photo
Gary Blok
May 7, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Azure Services Connection[15]

Author Photo
Gary Blok
May 6, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Cloud Management Gateway (CMG) – Post CMG Config [17]

Author Photo
Gary Blok
May 4, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Cloud Management Gateway – Client CMG Endpoints [18]

Author Photo
Gary Blok
May 3, 2020

Support

  • This field is for validation purposes and should be left unchanged.

Contact

  • This field is for validation purposes and should be left unchanged.

By submitting this form, you understand that Recast Software may process your data as described in the Recast Software Privacy Policy.