Menu
CCMEXEC.COM – Enterprise Mobility
  • Home
  • General
  • Configuration Manager
  • Windows 10
  • Windows 11
  • Intune
  • GitHub
  • About
CCMEXEC.COM – Enterprise Mobility

MEMCM Cloud Management Gateway migration options

Posted on February 18, 2022February 23, 2022 by Jörgen Nilsson

Now that Cloud Management Gateway (Classic Service classic) is deprecated and will be removed in the future releases of Configuration Manager after 1 March 2022 we can now longer deploy a CMG using the cloud service (classic).

This is most likely due the fact that Classic VMs is being removed in Azure as the link below shows.
https://docs.microsoft.com/en-us/azure/virtual-machines/classic-vm-deprecation.
Which options do we have to migrate then?
It depends on the Cloud Management Gateway is configured today if it uses a custom DNS domain name or a *.cloudapp.net name. If a custom DNS name is being used the built-in wizard can be used to convert the Cloud Management Gateway to a Virtual Machine Scale set as I wrote a post on when it was in Technical Preview: https://ccmexec.com/2021/06/convert-cmg-to-vm-scale-set-memc-tp-2106/.

Important when migrating to a CMG Virtual Machine Scale set is that we configure the prereqs which differs from classic to virtual machine scale set.
In the Azure Subscription used we need to add the following Resource Providers that are required when using Virtual machine scale sets.

Azure Resource Groups

What if we used a *.cloudapp.net DNS name then? The challenge is that the DNS name has changed for Virtual Machine Scale Sets to *<Region>.cloudapp.azure.com, in my example that would be *.northeurope.cloudapp.azure.com.

Virtual Machine Scale Set DNS Name


When we run the migration wizard we cannot change the certificate used for the service which means that we cannot change the name, which makes perfect sense because all clients that are connected to the CMG will have no chance to get the new name of the service.

With the release of Configuration Manager 2107 we got a new option, we can now deploy a CMG cloud service (Classic) and a CMG that uses Virtual Machine Scale Set at the same time.
This was not possible before and this gives us a great migration option, simply deploy a new cloud management gateway using Virtual Machine Scale set in parallel with our classic one.

Two CMG

Remember that you need to have a second site system that we can install an additional Cloud Management Gateway Connector that you need.

Cloud management gateway connection point

If we look a client which is on the internet it picks up the new CMG as a DP really fast and after a while the new CMG as a MP as well.
Before the new CMG was installed:

Old CMG
Old CMG


The client rotates the Internet-based management point after a while or when we remove the old CMG.

New CMG
New CMG

Important: If co-management is used and we deploy the Configuration Manager client to Intune managed device the installation string needs to be updated with the correct one. The installation string sample under Cloud Attach updated itself with the new one as soon as I deployed the new CMG

Co-management settings

My sample CM Client Bootstrap LoB app in Intune which I needs to be updated manually to reflect the new CMG.

Intune CM bootstrap

I wrote above that we had two options to migrate, the other option would be to deploy a new CMG using a DNS Name and then migrate that to a Virtual Machine scale set. Which was the way we had to do it before MEMCM 2107 was released.
But now the option described above makes much more sense.


3 thoughts on “MEMCM Cloud Management Gateway migration options”

  1. Pingback: Microsoft Cloud ve Datacenter Management Mart 2022 Bülten – Sertaç Topal
  2. Situ says:
    February 13, 2023 at 5:11 pm

    We are using co-management and migrated our cmg from classic cloud to vm scale set . Will cmg migration impact the existing co-managemnt. Do we need to make any changes in the existing co-management after cmg migration.

    Reply
    1. admin says:
      February 14, 2023 at 12:12 pm

      No, the clients will get the new CMG address from the old on. the only thing needing updating is the install string for client installation for AzureAD only devices.
      Regards,
      Jörgen

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

My name is Jörgen Nilsson and I work as a Senior Consultant at Onevinn in Malmö, Sweden. This is my blog where I will share tips and stuff for my own and everyone elses use on Enterprise Mobility and Windows related topics.
All code is provided "AS-IS" with no warranties.

Recent Posts

  • Tip when troubleshooting unexpected reboots during Autopilot – event ID 2800
  • New settings in Intune Security Baseline Windows 11 24H2 -2504
  • Managing extensions in Visual Studio Code
  • Reinstall a required Win32app using remediation on demand
  • Administrator protection in Windows 11 – First look
©2025 CCMEXEC.COM – Enterprise Mobility | WordPress Theme by Superb Themes
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT