Note that since this article was written, changes have been made to the CMG role and it is worth checking with the Tech Net documents for the latest on configuration – such as all MPs now require HTTPS for CMG clients.
The Cloud Management Gateway must be created at the top tier of a SCCM hierarchy, if running a CAS, then the CMG’s must be created on the primary sites.
To set up CMG using an internal PKI infrastructure you will need the following certificates: Start by checking that the Azure domain name that you wish to use is available, it must be unique. At this point you can enter the DNS name and it will auto check for availability.
You can enable this option from your directory’s Password reset pane by enabling the Require Users to Register when Signing in option on the Registration tab.
Administrators can require users to re-register after a specific period of time.