How to Enable Remote Desktop on SCCM CMG | RDP CMG

In this article, I will show you how to enable remote desktop on SCCM CMG. You can use RDP to access a CMG after you’ve configured it and enabled remote desktop.

To enable the remote desktop on a Cloud Management Gateway server hosted in Azure, you must first set up a cloud management gateway correctly. Use the CMG step-by-step guide to set up the Cloud Management Gateway for your organization.

Starting with SCCM version 1806, a CMG can act as a cloud distribution point to serve content to clients. This is really a good functionality because it reduces the required certificates and cost of Azure VMs.

We know that CMG uses Azure Cloud Services as a PaaS. This service uses virtual machines (VMs) that will incur compute costs. By default, the CMG uses a Standard A2 V2 VM. When you create a CMG, you select how many VM instances support the CMG. By default, the range is between 1 and 16.

When do you enable Remote Desktop on SCCM CMG? The answer is that if you want to access the IIS log files from the CMG Virtual Machine that runs the cloud service, enabling remote desktop makes sense. This also helps when you intend to troubleshoot the Cloud Management Gateway (CMG) issues.

If you are new to concept of Cloud Management Gateway, here are some guides for getting started with CMG:

How to Enable Remote Desktop on SCCM CMG

To enable remote desktop on SCCM CMG:

  • Login to the Azure Portal.
  • Navigate to Cloud Services (classic) and select the Cloud Management Gateway service.
  • Under Settings, select Remote Desktop and notice that RDP is disabled.
  • To enable Remote Desktop, click Enabled.
How to Enable Remote Desktop on SCCM CMG
How to Enable Remote Desktop on SCCM CMG

After you click Enabled, create a user name and password to access the CMG. Choose an encryption certificate and click “Save.”

How to Enable Remote Desktop on SCCM CMG
How to Enable Remote Desktop on SCCM CMG

Look for the notification which says Successfully saved Remote Desktop settings.

How to Enable Remote Desktop on SCCM CMG
How to Enable Remote Desktop on SCCM CMG

Connect to CMG via RDP

In this section, I will show you how to RDP CMG, i.e. connect to CMG via RDP. After the Remote Desktop Services have been activated on CMG, you can connect to the virtual machine. Click on Roles and Instances and click on ProxyService (ProxyService_IN_0).

Connect to CMG Instance
Connect to CMG via RDP

When you click ProxyService (ProxyService_IN_0). On the right pane you got three options.

  • Connect – Downloads ProxyService_IN_0.rdp file. Using this RDP file you can connect to this virtual machine.
  • Reboot – Restarts the virtual machine.
  • Reimage – I haven’t used this option yet. It seems like the whole role instance is re-imaged and the local data will be lost.

Now click Connect to download the Remote Desktop file – ProxyService_IN_0.rdp.

Connect to CMG via RDP
Connect to CMG via RDP

Double-click the RDP file, then select Connect from the RDP box. You may also save the RDP file on your computer so that you can access the CMG VM whenever required.

Connect to CMG via RDP
Connect to CMG via RDP

After you log in to this CMG virtual machine, open the registry editor using the regedit command. In the registry edition, navigate to HKLM\SOFTWARE\Microsoft\SMS\Tracing\CMGSetup. The registry key “TraceFilename” reveals the location or path of CMG log files, which in this case is E:\approot\logs\CMGSetup.log.

CMG log files
Connect to CMG via RDP

If you browse to E:\approot\logs folder, you should find the CMGService.log and CMGSetup.log files. These two log files are essential for troubleshooting the CMG issues.

  • CMGService.log: Records details about the cloud management gateway (CMG) service core component in Azure.
  • CMGSetup.log: Records details about the second phase of the cloud management gateway deployment (local deployment in Azure).
CMG log files
SCCM CMG Log Files

3 Comments

  1. Hi,

    Like some other people. We ar very interested to get un updated procedure for those they are using the modern Azure Scale Set because the Classic method is no more possible. Many things have changed since 3 years in Microsoft Azure.

  2. Avatar photo Jarrod Cribbs says:

    How do I enable rdp on the CMG if it is using VMSS which doesn’t use the Cloud Services (classic)?

  3. I am able to connect and all but i get a pop up everytime indicating a certificate error and it might be unsafe to proceed.
    It can’t validate the remote computers certificate. Do you think this is something we should take seriously and do something about? I have picked an encryption certificate on the Azure Portal

Leave a Reply

Your email address will not be published. Required fields are marked *