SCCM Cloud Management Gateway (CMG) is an Internet client management feature introduced by Microsoft as a pre-release feature in ConfigMgr CB 1610. This feature not only simplifies the management but also reduces the complex configuration involved in the implementation of Internet-based client management (IBCM with reverse proxy). With the release of Co-Management feature in ConfigMgr CB 1710, Cloud Management gateway plays an important role in transitioning from traditional management to modern management.
Related Co-Management Posts
Overview Windows 10 Co-Management with Intune and SCCM Custom Report to Identify Machines Connected via SCCM CMG (This Post) How to Setup Co-Management - Introduction - Prerequisites Part 1 How to Setup Co-Management - Firewall Ports Proxy Requirements Part 2 Setup Co-Management - AAD Connect UPN Suffix Part 3 Setup Co-Management - CA PKI & Certificates Part 4 Setup Co-Management Cloud DP Azure Blob Storage Part 5 Setup Co-Management Azure Cloud Services CMG Part 6 SCCM Configure Settings for Client PKI certificates Part 7 How to Setup SCCM Co-Management to Offload Workloads to Intune - Part 8 How to Deploy SCCM Client from Intune - Co-Management - Part 9 End User Experience of Windows 10 Co-Management - Part 10
Topics covered in this post:-
SCCM CMG Related Operational Question? How to Create Collection to Find out CMG Connected Devices How to Create the SSRS or SQL reports to Find Out CMG connected Devices
SCCM CMG Related Operational Question?
One of the major questions which came up after the successful implementation of Cloud Management Gateway was “How to identify the machines connected via SCCM Cloud Management Gateway?“. It’s really difficult to Identify the machines connected from the internet via Cloud Management Gateway. Initially, the machines were identified by querying the last update of the scan package source location using below query.
select count(*) as count,LastScanPackageLocation from v_updatescanstatus group by LastScanPackageLocation
This query gives the machines which have scanned SUP from intranet and internet. But still we will not be able to find the last time these machines were online and when the machines were connected via cloud management gateway.
Microsoft, with the release of ConfigMgr CB 1710, updated the schema to include the status of machines which are connected via Cloud Management Gateway. Similar to the client online/offline status, a new status is available for the client machines to monitor the Internet status and online Management Point name.
Add respective fields (Device Online From Internet & Device Online Management Point)
Collection Members view after adding the above-mentioned fields.
How to Create Collection to Find out CMG Connected Devices
Well, this information is more helpful when we can create a collection based on Device Online from Internet criteria. Use the below WQL query to create a collection based on Device Online from Internet status.
select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name, SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup, SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.ResourceId in (select resourceid from SMS_CollectionMemberClientBaselineStatus where SMS_CollectionMemberClientBaselineStatus.CNIsOnInternet = 1)
Create the collection with Incremental Updates so that the collection will be updated automatically as and when the machines connect from intranet/internet.
Once the collection is ready and if the admins want to restart the machines connected via cloud management gateway then they can use the latest feature introduced in ConfigMgr 1710. Restart works on machines connected via SCCM cloud management gateway perfectly.
How to Create the SSRS or SQL reports to Find Out CMG Connected Devices
The same information can be queried from the CM database as well. If your management is asking for a report of online machines from the Internet, then an SSRS report can be created to pull this information. Use the below SQL query to pull the information.
select Name, SiteCode, ClientVersion, LastPolicyRequest, LastDDR as [Last Heartbeat], LastHardwareScan, max(CNLastOnlinetime) as [Last Online Time], max(CNLastOfflineTime) as [Last Offline Time], CNAccessMP as [Internet Access MP] from v_CollectionMemberClientBaselineStatus Where CNIsOnInternet =1 group by Name, SiteCode, ClientVersion, LastPolicyRequest, LastDDR, LastHardwareScan, CNLastOnlinetime, CNLastOfflineTime, CNAccessMP order by CNLastOnlineTime desc