Now Azure Machines can be Managed via ConfigMgr 2012 SP1 and Above

This is interesting stuff, Now Microsoft Azure Virtual machines (windows and Linux) can be managed through on premises ConfigMgr SCCM 2012 SP1 and above. The Endpoint protection 2012 SP1 can be used for Azure Vms. Microsoft has released a KB article on the support scenarios. Read more from here (kb/2889321).

Two supported scenarios here….

1. Use an existing on-premises Configuration Manager infrastructure to manage Windows Azure Virtual Machines that are running Windows Server or Linux through a secure site-to-Site connection.

2. Set up a single stand-alone Primary site in the Windows Azure Virtual Machines environment to manage Windows Azure Virtual Machines that are running Windows Server or Linux in the same virtual network.

About Author 

Anoop is Microsoft MVP and Veeam Vanguard ! He is a Solution Architect on enterprise client management with more than 13 years of experience (calculation done on the year 2014) in IT. He is Blogger, Speaker and Local User Group Community leader. His main focus is on Device Management technologies like SCCM 2012,Current Branch, Intune. He writes about the technologies like SCCM, SCOM, Windows 10, Azure AD, Microsoft Intune, RMS, Hyper-V etc...

    Find more about me on:
  • googleplus
  • twitter
  • facebook
  • linkedin
  • youtube
Posted in: Azure, CM2012, ConfigMgr (SCCM), SCCM, SCCM 2012


  1. Paul Sanders says:

    Are you able to manage these devices using what used to be called IBCM? Rather than needing dedicated VPNs etc?

  2. Ravi Sharma says:

    Hello Anoop,
    Wanted to check if this scenario is supported? If yes, is there some additional configuration required for this.
    — CAS on Azure.
    — 3-4 Primary sites on premises(in customer datacenter) in different regions.
    — Clients report to these Primaries.

    Any suggestion would be valuable. Many Thanks.

    — Ravi

    • Anoop says:

      Hi Ravi ! – This is interesting. Why do you need CAS on Azure? Any specific reason. I’m not sure whether this is supported scenario or not. However, what I can tell you is worth checking the Firewall ports which you need to open between on premises servers and clients with CAS server in Azure. Would Microsoft be able to open SQL and other required ports?

      Please let us know !


      • Ravi Sharma says:

        Hey Anoop,

        Honestly not very sure why my client wants to put the top site in Azure??? 😛
        As far as I know, we can define the port configurations. We can decide which ports needs to be opened. But will definitely double check on that…!!

        Many thanks.

      • Anoop says:

        Sure Ravi ! Really interested to know the outcome. Have you thought about SCCM + Intune – hybrid solution?

Leave a Comment and Contact Anoop