Let us learn about How to Setup SCCM Cloud Management Gateway as cloud DP. SCCM 1806 onwards, you can eliminate Cloud DP from your SCCM infrThishis p, I will explain the process to configure SCCM CMG into Cloud DP.
Learn how to Setup Cloud Management Gateway as cloud DP. You can learn how to download content using Cloud Management Gateway.
What are the advantages of using Cloud Management Gateway as Cloud DP?
You don’t need Cloud DP for SCCM 1806 or later infra. You can reduce the cost of extra PaaS server in Azure and also certificates.
SCCM CMG (Cloud Management Gateway) can serve the package content for clients. A CMG can now also serve content to clients.
Azure blob storage charges are still applicable for SCCM CMG content storage. Also, all the prerequisites for Cloud DP should be in place for CMG. When you setup CMG as Cloud DP, you should make sure that all the CDP prerequisites are already in place for CMG.
The CNAME is required to when you use public certs (not internal PKI certs with cloudapp.net). CNAME is required when you want a redirection from CMGName.domain.com to CMGName.cloudapp.net
[Related Post – Setup SCCM CMG & Azure Cloud Services]
Video Tutorial – Download Content Using Cloud Management Gateway
In the following video, you shall learn how to remove or delete cloud DP and download content using Cloud Management Gateway.
I won’t recommend removing Cloud DP from any the production environment before configuring SCCM CMG for content download.
Use cloud DP and CMG for the testing purpose, and once you are comfortable with CMG, you can remove cloud DP.
Setup SCCM CMG to Serve Content to Clients
In this set, you will learn how to configure SCCM CMG to serve content to SCCM clients. There are two options to setup SCCM CMG to server content to clients.
- Configure SCCM Cloud Management Gateway(CMG) from CMG wizard
- Configure SCCM Cloud Management Gateway(CMG) from CMG properties
You can follow the steps to enable SCCM CMG (#2) to allow clients to download the content from CMG.
- Navigate to \Administration\Overview\Cloud Services\Cloud Management Gateway
- Go to properties of SCCM CMG – ACMCMG01.cloudapp.net
- Go to the settings tab of CMG properties
- Click on Checkbox – Allow CMG to Function as a Cloud Distribution Point and Serve content from Azure Storage
- Click OK to finish to close the SCCM CMG window and now on the client can download content using Cloud Management Gateway
[Related Post – Setup SCCM CMG & Azure Cloud Services]
How to Verify SCCM CMG working as Cloud DP
There is four (4) approach to verify SCCM CMG working as cloud DP. Make sure SCCM CMG as Cloud DP as functional using any of the following methods.
- Verify pkgxfermgr.log
- SCCM CMG Properties
- Distribution Points status properties & Monitoring Workspace
- Deploy a package to Internet managed SCCM client device
Verify pkgxfermgr.log
You can verify replication of the default packages to SCCM CMG using pkgxfermgr.log. The default packages are distributed automatically to SCCM CMG once we’ve enabled the functionality client can download content using Cloud Management Gateway.
SCCM CMG properties
The second option is to check the properties of SCCM CMG to confirm whether CMG as cloud DP replication is working as expected.
- Navigate to \Administration\Overview\Cloud Services\Cloud Management Gateway
- Go to properties of SCCM CMG – ACMCMG01.cloudapp.net
- Go to the Content tab and verify whether the packages are listed there or not
Distribution Points status properties & Monitoring Workspace
The third option is to verify the SCCM CMG package replication from Distribution Point status or Monitoring workspace.
Deploy a package to Internet managed SCCM client device
Deploy an application package to an internet managed device to verify whether the client device can download the application content from new SCCM CMG.
[Related Post – Setup SCCM CMG & Azure Cloud Services]
Hello,
Thank you for you demonstration, i have a problem when i pass clients to internet when i want using software center to install application i have these error : The software change returned error code 0x87D00607(-2016410105).
Can you please ensure you followed all the points mentioned in the post
https://www.anoopcnair.com/new-sccm-cmg-setup-guide-ehttp/
I dont use the E-HTTP i use PKI, i can distribute contents to my CMG and in azure portal on Storage account i can see the package of my application.
The problem is when i wan’t install application from software center i have these error.
Do you think that problem have relationship because i use PKI ??
Hello,
I dont use the E-HTTP i use PKI, i can distribute contents to my CMG and in azure portal on Storage account i can see the package of my application.
The problem is when i wan’t install application from software center i have these error.
Do you think that problem have relationship because i use PKI ??
In that case you might need to make sure you have Azure AD and PKI certs on the client side to communicate successfully with CDP and CMG.
Hello
In the wizard of CMG setup i have entred the root certificate and the CMG certificate. On the clients i have imported the root certificate.
The are onother certificates to added ??
Azure AD based cert as I mentioned above … to communicate with CMG…
Also make sure the device is either Azure AD joined or hybrid azure ad joined to get that cert
Hello,
If i use PKI the Azure AD Joined or Hybrid Joined is not requirement for CMG ?
on locationservices.log i have :
Raising event:
instance of CCM_CcmHttp_Status
{
ClientID = “GUID:CB31E04E-03F0-4C12-AC7A-91C88B39D46E”;
DateTime = “20191017092146.726000+000”;
HostName = “CMGWAAZITCDP.CLOUDAPP.NET”;
HRESULT = “0x87d0027e”;
ProcessID = 6604;
StatusCode = 401;
ThreadID = 6740;
};
i have find a solution i have checked Verify Client Certificate Revocation checkbox in the CMG wizard so when i unchecked and restartd the CMG in SCCM thats working fine for me.
Firstly, this is the first time I have posted on your website and I wanted to thank you for all your documentation! It has saved me more times than I can count! I appreciate you!
I am encountering an issue where an upgrade OS package seemingly refuses to distribute to the CMG. It was distributed previously however my client was receiving ‘Empty DP list for content’ for this package even after updating and validating the package so I removed the content via DP content tab. (I can confirm the CMG is functioning because it successfully downloaded all of the other referenced Task Sequence content from the CMG). Now when I try to distribute the package the distmgr.log shows that the content was successfully removed from the CMG but then it never actually tries to distribute content. Not sure what I am missing. Any insight would be greatly appreciated!
Distmgr.log – This recurs every time I distribute the OS Package (CM100125) to CMG. I doesn’t actually begin distributing content.
Attempting to remove package CM100125 from distribution point [“Display=\\AmwinsCMG01.amwins.com\”]MSWNET:[“SMS_SITE=CM1”]\\AmwinsCMG01.amwins.com\
[“Display=\\AmwinsCMG01.amwins.com\”]MSWNET:[“SMS_SITE=CM1”]\\AmwinsCMG01.amwins.com\ doesn’t have the package installed yet as no pkgstatus entry found
Successfully removed the package CM100125 from server [“Display=\\AmwinsCMG01.amwins.com\”]MSWNET:[“SMS_SITE=CM1″]\\AmwinsCMG01.amwins.com\
STATMSG: ID=2331 SEV=I LEV=M SOURCE=”SMS Server” COMP=”SMS_DISTRIBUTION_MANAGER” SYS=P10SCCMPS01.AMWINS.LOCAL SITE=CM1 PID=5704 TID=12960 GMTDATE=Mon Mar 23 20:09:03.892 2020 ISTR0=”CM100125″ ISTR1=”[“Display=\\AmwinsCMG01.amwins.com\”]MSWNET:[“SMS_SITE=CM1″]\\AmwinsCMG01.amwins.com\” ISTR2=”” ISTR3=”” ISTR4=”” ISTR5=”” ISTR6=”” ISTR7=”” ISTR8=”” ISTR9=”” NUMATTRS=2 AID0=400 AVAL0=”CM100125″ AID1=404 AVAL1=”[“Display=\\AmwinsCMG01.amwins.com\”]MSWNET:[“SMS_SITE=CM1″]\\AmwinsCMG01.amwins.com\”
We have built some client automation that uses the packageID of the OS so I really really don’t want to have to create a new OS Upgrade Package. MS isn’t offering much help either.