Cloud based distribution points

Well, along time since I’ve managed to blog! Smilefjes But ill give a quick update about the book im writing. Im writing a book about Configuration Manager which is going to cover high-availability and performance tuning, really exiting times! It takes up alot of my time therefore my lack of blogging lately.
Anways, this is something I’ve post poned some while now, which is cloud based distribution points!

Cloud-based distribution points is something that came with Service Pack 1 in System Center. Cloud-based DPs are really much like a regular DP except for the following:

* You cannot use a cloud-based distribution point to host software updates
* You cannot use a cloud-based distribution point for PXE or multi-cast deployments
* You cannot use a cloud-based distribution point during a task sequence that requires a task to Download content locally when needed by running task sequence.
* You cannot use a cloud-based distribution point to offer packages that are setup with run from Distribution Point
* You cannot use a cloud-based distribution point to host virtualized applications
* You cannot set a cloud-based distribtuion point as pull-based or as source distribution point.

Content that is sent from the Configuration Manager to Azure is copied encrypted. In order to setup a Cloud DP you need a couple of things.
First of you need a management certificate which you can use against Azure you can follow my recipe from my previous post.

You also need to generate a certificate which should be created using the same PKI structure as for the regular Configuration Manager solution. This certificate should be created using the web server template. This certificate should contain a FQDN which your clients should be able to resolve using DNS.
You can read more about the certificate here –>

After these two prerequsites are in place we can create the distribution point (if you have SP1 the option to create one are under Administration –> Hierachy –> Cloud –>

Here we have to enter the subscripbtion ID this we can get from Azure and the management certificate.


Next we choose what region and what site this DP should be assosicated with, as well as add a certificate generated by our internal PKI for the DP.
Next we configure alerts and thresholds. After this is done we have to change the client policy to allow access to cloud DP


And we can se in the monitoring pane that the cloud DP is functional.


Under the FQDN enter a name for the server (which resembles the certificate name) this record has to be added the the DNS-zone either internally (if only for internal clients) or on the external zone) the IP-adress of the Distribution Point in Azure is found under cloud services.


After this is done, we also have to modify the clients policy settings to allow clients access to the distribution point. If you go into the storage blob and under containers you can see the different packages that have been distributed to the cloud DP.


If you want to scale out with more cores to the cloud DP you can go into the cloud service and use the scale function

after I have distributed content I can see the package ID under the container in the storage pane.


And there we go, will try to write up a follow-up which covers multi cloud DP points.

#configmgr, #configuration-manager-2012, #sysctr, #system-center-2012