Menu
CCMEXEC.COM – Enterprise Mobility
  • Home
  • General
  • Configuration Manager
  • Windows 10
  • Intune
  • GitHub
  • Windows 11
  • About the author
CCMEXEC.COM – Enterprise Mobility

MEMCM Cloud Management Gateway migration options

Posted on February 18, 2022February 23, 2022 by Jörgen Nilsson

Now that Cloud Management Gateway (Classic Service classic) is deprecated and will be removed in the future releases of Configuration Manager after 1 March 2022 we can now longer deploy a CMG using the cloud service (classic).

This is most likely due the fact that Classic VMs is being removed in Azure as the link below shows.
https://docs.microsoft.com/en-us/azure/virtual-machines/classic-vm-deprecation.
Which options do we have to migrate then?
It depends on the Cloud Management Gateway is configured today if it uses a custom DNS domain name or a *.cloudapp.net name. If a custom DNS name is being used the built-in wizard can be used to convert the Cloud Management Gateway to a Virtual Machine Scale set as I wrote a post on when it was in Technical Preview: https://ccmexec.com/2021/06/convert-cmg-to-vm-scale-set-memc-tp-2106/.

Important when migrating to a CMG Virtual Machine Scale set is that we configure the prereqs which differs from classic to virtual machine scale set.
In the Azure Subscription used we need to add the following Resource Providers that are required when using Virtual machine scale sets.

Azure Resource Groups

What if we used a *.cloudapp.net DNS name then? The challenge is that the DNS name has changed for Virtual Machine Scale Sets to *<Region>.cloudapp.azure.com, in my example that would be *.northeurope.cloudapp.azure.com.

Virtual Machine Scale Set DNS Name


When we run the migration wizard we cannot change the certificate used for the service which means that we cannot change the name, which makes perfect sense because all clients that are connected to the CMG will have no chance to get the new name of the service.

With the release of Configuration Manager 2107 we got a new option, we can now deploy a CMG cloud service (Classic) and a CMG that uses Virtual Machine Scale Set at the same time.
This was not possible before and this gives us a great migration option, simply deploy a new cloud management gateway using Virtual Machine Scale set in parallel with our classic one.

Two CMG

Remember that you need to have a second site system that we can install an additional Cloud Management Gateway Connector that you need.

Cloud management gateway connection point

If we look a client which is on the internet it picks up the new CMG as a DP really fast and after a while the new CMG as a MP as well.
Before the new CMG was installed:

Old CMG
Old CMG


The client rotates the Internet-based management point after a while or when we remove the old CMG.

New CMG
New CMG

Important: If co-management is used and we deploy the Configuration Manager client to Intune managed device the installation string needs to be updated with the correct one. The installation string sample under Cloud Attach updated itself with the new one as soon as I deployed the new CMG

Co-management settings

My sample CM Client Bootstrap LoB app in Intune which I needs to be updated manually to reflect the new CMG.

Intune CM bootstrap

I wrote above that we had two options to migrate, the other option would be to deploy a new CMG using a DNS Name and then migrate that to a Virtual Machine scale set. Which was the way we had to do it before MEMCM 2107 was released.
But now the option described above makes much more sense.


  • Cloud Management Gateway
  • CMG
  • Migrate CMG
  • Migrate Virtual Machine Scale set
  • Virtual Machine Scale Set
  • 1 thought on “MEMCM Cloud Management Gateway migration options”

    1. Pingback: Microsoft Cloud ve Datacenter Management Mart 2022 Bülten – Sertaç Topal

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    My name is Jörgen Nilsson and I work as a Senior Consultant at Onevinn in Malmö, Sweden. This is my blog where I will share tips and stuff for my own and everyone elses use on Enterprise Mobility and Windows related topics.
    All code is provided "AS-IS" with no warranties.

    Tweets by ccmexec

    Recent Posts

    • Configuring MS Edge Security Baseline v107 using Settings Catalog
    • Configuring Desktop App Installer using CSP and script?!
    • Customizing Taskbar and Start in Windows 11 22h2 with PowerShell
    • MMUGSE – physical event 2022-10-19 @Microsoft Reactor Stockholm.
    • Switch to Private Firewall profile on AAD joined when connected to specific network.

    ©2023 CCMEXEC.COM – Enterprise Mobility | WordPress Theme by Superb Themes
    This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
    Privacy & Cookies Policy

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT