Two separate things. 😊 You can put SCCM site roles in Azure IaaS (infrastructure as a service) where you create and manage the VM, just think of using Azure like another datacenter for your company. That’s the link you shared below. CMG and CDP use Azure PaaS (platform as a service) – SCCM creates the service in your Azure subscription but the VMs are completely managed, you should not need to access them. (there are some troubleshooting instances where it happens…kind of like saying when doing updates in SCCM you should never need to go into the WSUS console.)
Hope that helps Aaron From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of SCCM Admin Sent: Wednesday, 9 August, 2017 09:52 To: email@example.com Subject: Re: [mssms] Cloud Management Gateway https://docs.microsoft.com/en-us/sccm/core/understand/configuration-manager-on-azure#networking<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsccm%2Fcore%2Funderstand%2Fconfiguration-manager-on-azure%23networking&data=02%7C01%7Caaron.czechowski%40microsoft.com%7Cdf50fd549f8d49f2933708d4df47e287%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636378963574216698&sdata=xI4xVNL8qIWdxWUKTEa90GNRh3wxp3ZE1J3Mtn3B%2F8E%3D&reserved=0> On Wed, Aug 9, 2017 at 11:43 AM, Nemec, Dale <dale.ne...@tektronix.com<mailto:dale.ne...@tektronix.com>> wrote: My CMG’s are not domain joined and are working as expected. Do you have a link to the documentation that you are following/referencing? Dale Nemec | Global Architecture & Technology Ops (ESS) | Tektronix From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of SCCM Admin Sent: Tuesday, August 8, 2017 4:24 PM To: firstname.lastname@example.org<mailto:email@example.com> Subject: [mssms] Cloud Management Gateway We submitted our plans to implement CMG and after speaking with security they had issues with securing our site server in Azure since it has to be domain joined. Could we put that server in another trusted domain and apply a trust between the two. Also is there that much of a security threat to having a server in Azure as apposed on premises? ________________________________ Please be advised that this email may contain confidential information. If you are not the intended recipient, please notify us by email by replying to the sender and delete this message. The sender disclaims that the content of this email constitutes an offer to enter into, or the acceptance of, any agreement; provided that the foregoing does not invalidate the binding effect of any digital or other electronic reproduction of a manual signature that is included in any attachment.