SCCM client with updated parameters for those machines to communicate with CMG
Question
We have machines joined to Azure AD. Do we still need to deploy SCCM client with updated parameters for those machines to communicate with CMG. Currently, machines which are connected to network are receiving policies. How can we make machines to receive the new policy about CMG new policy, with out bringing them to office.
Answers ( 5 )
Intune has not been configured. so we are not in position too use intune.
Azure AD joined device I think CMG is possible without any certificate.
But I have answered your question .., you can identify cmg connected devices from the above blog post.
Does that help
I need to be bit clear. Machines are not connected to VPN, they are communicating with CMG only if the user connects his laptop to VPN and retrieve the updated policy settings for SCCM client. My question is is there any way we can force to clients to get updated settings for the client with CMG info with out connecting the machine to VPN.
Hello – This is the issue with VPN split tunneling and SEP or any other anti-virus policies in the machine.
Try to use VPN split tunneling
https://howtomanagedevices.com/windows-10/1760/fix-internet-connectivity-issue-with-windows-10-vpn/
Hello – I think the heading of the question should be more relevant otherwise people won’t understand the question and you might not get appropriate answer.
Machines are Azure AD joined …then why do we need CMG? we can everything from Intune without CMG. Isn’t it?
You can check the logs of the device locationservices.log to understand from where it’s getting the policies
You can try this query from Rajul – https://www.anoopcnair.com/identify-machines-connected-via-sccm-cmg/