You can easily setup ConfigMgr LAB Infrastructure in Azure IaaS. In this post, I will try to help you set up an SCCM LAB in Azure (Setup ConfigMgr LAB Infrastructure).
It would help to have a valid Azure subscription to build the EndPoint Manager LAB environment in Azure.
I think this is the best representation of my SCCM LAB architecture. I have built the following components:
- Resource Group
- Virtual Networks
- MEMCM Subnet
- Domain Server, SQL Server, SCCM Server, and Windows 10 Clients
- Azure Bastion Subnet for the Remote access for SCCM LAB Infra
Prerequisites (Setup ConfigMgr LAB Infrastructure)
There are some prerequisites (Of course!) before you can start building ConfigMgr LAB infrastructure in Azure.
- Valid Azure Subscription with appropriate credits or pay as you go!
- Appropriate Access Rights on Subscription – Add the admin user as Co-Administrator is one of the options to provide reasonable access
- SCCM Prerequisites mentioned in the following blog post to setup SCCM LAB Infrastructure (Releasing Soon)
Create Resource Group
A resource group is a container with related resources for an Azure solution. The Azure resource group includes those resources that you want to manage as a group. See more details about Resource groups.
- Login to Azure Portal
- Search for “Resource Group“
Click on ADD button to create the resource group.
Before proceeding, please ensure the Azure Region is set to (US) East US 2. Select the appropriate Azure Subscription, specify the Resource Group Name as MEMCM, and click “Review + Create”. Once the validation has passed, proceed by clicking on “Create”.
- Select Azure Region ==> (US) East US 2
- Project Details
- Select the Azure Subscription
- Resource Group Name => MEMCM
- Resource Details
- Region => (US) East US 2
- Click on Review + Create
- Validation passed
- Click on Create
Successfully created Resource Group
Create Virtual Networks & Subnet
- Create Virtual Networks for Setup ConfigMgr LAB Infrastructure
- Search for Virtual Networks
- Click on Virtual Networks
Under Virtual network, Click +Add
- Name of the Virtual Networks – Enter MEMCMNet.
- Address space – Enter 10.1.0.0/16.
- Subscription – Select the Azure Subscription you want to use.
- Resource group – Select MEMCM from the drop-down option.
- Location – Select East US 2.
- Subnet Name – Enter MEMCM.
- Subnet – Address range- Enter 10.1.0.0/24.
- DDoS protection – Select Basic
- Service Endpoints – Select Disabled
- Firewall – Disabled (You can enable it as per your requirements)
- Click on Create button to start the creation process of Azure Virtual Networks for Setting up ConfigMgr LAB Infrastructure.
Successfully created the Virtual Network Azure
Build Virtual Machines
Let’s build Domain, SQL, and SCCM servers in Azure IaaS. Microsoft Documentation for creating and managing Windows virtual machines in Azure.
- Search “Virtual Machines” from Azure Portal
- Click on Virtual click Machines
Click on +Add to create new Windows VMs
Basic Configuration of Virtual Machine
When setting up the Azure subscription, ensure to select the “MEMCM” Resource Group. For the Instance Details, input “ADMEMCM” as the Virtual Machine Name and choose “East US 2” as the Region. Ensure no infrastructure redundancy is needed and select “Windows Server 2019 Datacenter” as the Operating System Image.
Choose “NO” for Azure Spot Instance and “Standard DS1 v2” as the preferred size. Use “DomainUser” as the Username for the Administrator Account and configure the inbound port rules appropriately. Then, confirm that a Windows Server License is not already available and proceed to the next step by clicking “Next—Disks.”
- Subscription – Select the Azure Subscription you want
- Resource Group – Select the Resource Group Name we created – MEMCM
- Instance Details
- Virtual Machine Name – Enter the AD Server Name – ADMEMCM
- Region – Select the Region as (US) East US 2
- Availability Options – No Infrastructure redundancy is required
- Image – Select the Operating System Image as Windows Server 2019 Datacenter
- Azure Spot Instance – Select the option NO
- Size – Select the best-preferred size for you – Standard DS1 v2
- Administrator Account
- Username – DomainUser
- Password –
- Confirm Password –
- Inbound port rules – Select the virtual machine network ports accessible from the public internet.
- Public inbound ports – Select the option called None
- Save Money
- Already have a Windows Server License – Select the option – NO
- Click Next – Disks >
Disk Configurations
Let’s configure the Disk for the virtual machine. You should add additional disks to install SQL and SCCM on other Disks for your SQL and SCCM virtual servers.
- Disk Options
- OS Disk Type – Select Premium SSD for better performance
- Enable Ultra Disk compatibility – Select NO
- Ultra Disk compatibility is not available for this VM size and location.
- Enable Ultra Disk compatibility – Select NO
- OS Disk Type – Select Premium SSD for better performance
- Data disks – Add Additional Data Disks – You can add and configure additional data disks for your virtual machine or attach existing disks. This VM also comes with a temporary disk.
- Click to Create and Attach a New Disk
- Create a new disk
- Create a new disk to store applications and data on your VM. Disk pricing varies based on disk size, storage type, and the number of transactions. Learn more about Azure Managed Disks
- Name – Enter the name of the Data Disk – ADMEMCM_DataDisk_0
- Source Type – Select None (Empty Disk)
- Size – Select the size of the data disk 64 GiB…
- Premium SSD
- Click OK to continue
- Click on Next: Networking>
Select Network Configuration
Define network connectivity for your virtual machine by configuring network interface card (NIC) settings. You can control ports and inbound and outbound connectivity with security group rules or place them behind an existing load-balancing solution. Learn more Network interface.
- Network interface
- Virtual Network – Select the virtual network – MEMCM
- Subnet – Select the Subnet where all the other virtual machines of SCCM LAB shall be part of – MEMCM (10.1.0.0/24)
- Public IP – Select the option NONE
- NIC network security group – Select the option None
- Public inbound ports – Select the option None
- Accelerated networking – Select the option Off
- The selected VM size does not support accelerated networking.
- Load balancing
- You can place this virtual machine in the backend pool of an existing Azure load-balancing solution. Learn more
- Place this virtual machine behind an existing load-balancing solution. – Select the NO option
- Click on the Next: Management button to continue.
Virtual Server Management Options
The following are the management configurations I prefer for SCCM | ConfigMgr LAB Infrastructure. You can customize all these settings according to your requirements.
- Monitoring
- Boot diagnostics – Select the option On
- OS guest diagnostics – Select the option Off
- Identity
- System assigned managed identity – Select the option – Off
- Azure Active Directory
- Login with AAD credentials (Preview) – Off
- Auto-shutdown
- Enable auto-shutdown – Select ON if you want to save some money
- Backup
- Enable backup – Select the option – OFF
- Click on Next: Advanced to continue
Advanced and Tags
I have selected the default options for the Advanced and Tags tab during the virtual machine configuration options.
- Click on Next: Tags
- Click on the Review + Create button to review the virtual machine’s configuration.
- Once the Validation is Passed
- Click on CREATE button to launch the build process
Successfully Created VM
Domain Server is created successfully.
- Repeat the above steps mentioned under the “Build Virtual Machines” section to create virtual machines for SQL and SCCM servers.
Tips
You might need to change the DNS configuration of Virtual Networks to get domain join working for SQL and SCCM servers. Make sure the DNS configuration is as follows:
- Open Virtual Networks – MECMNet
- Click on DNS Servers
- Click on Custom
- Add 10.1.0.4 – Internal DNS Server IP
- Add Azure DNS IP – 168.63.129.16
Resources
We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Can you post the creation of an sql server in azure please?
It’s same process as this but install sql instead of SCcm . but I can post later whenever get time .
Also if you just need a sql server then sql template is available in azure you can use that. However this might not work for SCCM sql server
Can you please post the Step by Step process of migrating SCCM server to Azure.
Can you please suggest how to effectively use Azure subscription (in terms of charges) for sccm lab for long duration?
May i know the cost for this setup in azure portal ?
It’s free for a month. After that it depends on how many VMs you have tec… so it’s very difficult to project like this…
We want to setup MEMCM on Azure and wanted to do patch deployment and compliance report only for servers machines. can you please suggest a link where we can setup MEMCM on Azure step by step
OK so since your initial setup ,I’ll assume its been a few months now ,after your free month, how much approx is this costing you per month ?Is just a case of de-allocating VM’s whilst not is use to save money ?and only spin them whilst testing ?
Deallocation helps ..but the storage costs will still be there.
Can we connect a different virtual network and different resource group in the same lab
We need to use Vnet peering to have this communication