CMG DNS CNAME question

Question

Hi I am currently doing a CMG deployment on 2010 release of MECM.

The pre-reqs have been completed to the best of my knowledge and the deployment of Azure services/MECM integration and CMG has gone well. Client settings have been updated and I can see the cloudapp.net CMG in the network tab of the client.

The client when flicked to internet however doesnt seem to be able to connect to management point.

The MECM environment is primarily on-prem with 1 VM as IaaS in Azure. This was a DP however it was nominated to also become the CMG Connection point as well. It wasn’t an MP either so I enabled MP.

The environment is enabled to use EHHTP and all client machines are Azure Hybrid joined.

When running the CMG validation checker All checks are successful except the last one and it reports the following error:

Succeed to get ConfigMgr token with Azure AD token.

Failed to refresh MP location. Status code is ‘500’ and status description is ‘CMGConnector_InternalServerError’.

A possible reason for this failure is the CMG connection point failed to forward the message to the management point. Internal server error. For more information, see the management point logs for more details to see why internal server error returns.

I believe the issue is because this new MP isnt able to connect to the SQL database based on what I see in the logs. My question is after this is resolved do I need to do anthing with regards to DNS? I tryed to ping the cloudapp.net FQDN but it doesnt respond, I assume this is by design because when I check name resolution it is able to resolve the name to the correct IP address allocated.

2021 04 29 15 31 38 - HTMD Forum - Welcome to the world of Device Management! This is community build by Device Management Admins for Device Management Admins❤️ Ask your questions!! We are here to help you! - CMG DNS CNAME question

Any help on this would be most appreciated.

 

Thanks

Answers ( 2 )

    0
    2021-04-29T20:29:30+05:30

    Ok some progress, the validation checker is now passing all tests 🙂

    It was permissions on the SQL server for the new MP that was introduced, now it has the right privileges it can talk to the DB.

    It seems though the machine isnt able to work correctly to the MP when on internet only connection. Lots of errors in the log such as request failed with 0x87d00231 and Text=error_winhttp_timeout.

    Any ideas?

Leave an answer

Sorry, you do not have permission to answer to this question .