CMG-enabling remote SCCM clients

%3CLINGO-SUB%20id%3D%22lingo-sub-1852703%22%20slang%3D%22en-US%22%3ECMG-enabling%20remote%20SCCM%20clients%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1852703%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all%2C%3C%2FP%3E%3CP%3EWhat's%20the%20best%20way%20to%20attach%20SCCM%20clients%20to%20a%20new%20CMG%20when%20they're%20unable%20to%20come%20into%20the%20office%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECurrent%20scenario%3A%3CBR%20%2F%3E-%20On-prem%20SCCM%20server%3CBR%20%2F%3E-%20SCCM-managed%20Win10%20devices%2C%20orphaned%20for%20now%20because%20of%20enforced%20remote%20working%3CBR%20%2F%3E-%20Working%20on%20implementing%20co-management%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20options%20I%20see%20at%20the%20moment%3A%3CBR%20%2F%3E1.%20VPN%20-%20need%20to%20get%20Always-On%20with%20device%20channel%20working%3F%3CBR%20%2F%3E2.%20Auto-enrol%20in%20Intune%20and%20leverage%20Intune%20to%20modify%20SCCM%20client%20config%20(would%20lead%20to%20temporary%20co-existence%20with%20SCCM%2FIntune%20which%20I%20think%20is%20unsupported)%3C%2FP%3E%3CP%3EI'd%20prefer%20option%202%20if%20possible.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethanks%20in%20advance.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1852703%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECMG%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECMG%20SCCM%20ConfigMgr%20MEM%20MEMCM%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECo-management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1906277%22%20slang%3D%22en-US%22%3ERe%3A%20CMG-enabling%20remote%20SCCM%20clients%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1906277%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F233141%22%20target%3D%22_blank%22%3E%40Fergus%20Strachan%3C%2FA%3E%26nbsp%3BSee%26nbsp%3B%3CA%20title%3D%22Configure%20clients%20for%20cloud%20management%20gateway%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fconfigmgr%2Fcore%2Fclients%2Fmanage%2Fcmg%2Fconfigure-clients%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EConfigure%20clients%20for%20cloud%20management%20gateway%3C%2FA%3E%26nbsp%3Bfor%20suggestions%20on%20how%20to%20install%2Fconfigure%20off-premise%20clients%20for%20a%20CMG.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1914413%22%20slang%3D%22en-US%22%3ERe%3A%20CMG-enabling%20remote%20SCCM%20clients%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1914413%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F233141%22%20target%3D%22_blank%22%3E%40Fergus%20Strachan%3C%2FA%3E%26nbsp%3BI%20haven't%20used%20this%20system%2C%20but%20maybe%20this%20is%20an%20option%20-%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fconfigmgr%2Fcore%2Fclients%2Fdeploy%2Fdeploy-clients-cmg-token%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fconfigmgr%2Fcore%2Fclients%2Fdeploy%2Fdeploy-clients-cmg-token%3C%2FA%3E%3C%2FP%3E%3CP%3Eyou%20still%20need%20to%20install%20a%20client%20on%20the%20remote%20machines%20though.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eit%20refers%20to%20using%20Azure%20to%20do%20the%20install%20-%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fconfigmgr%2Fcore%2Fclients%2Fdeploy%2Fdeploy-clients-cmg-azure%23install-and-register-the-client-using-azure-ad-identity%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fconfigmgr%2Fcore%2Fclients%2Fdeploy%2Fdeploy-clients-cmg-azure%23install-and-register-the-client-using-azure-ad-identity%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi all,

What's the best way to attach SCCM clients to a new CMG when they're unable to come into the office?

 

Current scenario:
- On-prem SCCM server
- SCCM-managed Win10 devices, orphaned for now because of enforced remote working
- Working on implementing co-management

 

The options I see at the moment:
1. VPN - need to get Always-On with device channel working?
2. Auto-enrol in Intune and leverage Intune to modify SCCM client config (would lead to temporary co-existence with SCCM/Intune which I think is unsupported)

I'd prefer option 2 if possible.

 

thanks in advance.

2 Replies

@Fergus Strachan See Configure clients for cloud management gateway for suggestions on how to install/configure off-premise clients for a CMG.

@Fergus Strachan I haven't used this system, but maybe this is an option - https://docs.microsoft.com/en-us/mem/configmgr/core/clients/deploy/deploy-clients-cmg-token

you still need to install a client on the remote machines though.  

 

it refers to using Azure to do the install - https://docs.microsoft.com/en-us/mem/configmgr/core/clients/deploy/deploy-clients-cmg-azure#install-...