One of the newer features of Configuration Manager is the ability to link it to cloud managed services. This allows for cloud configurations such as co-management and installing Apps from the Microsoft Online Store

But, as with everything there is an element of maintenance and today I loaded Configuration Manager and was presented with the following message:

One or more Azure AD app secrets used by Cloud Services will expire soon. Renew to avoid service disruptions.

To avoid service disruptions, its a reasonably easy process

Click Renew secret key in the alert, or in the ConfigMgr console navigate to, Administration | Cloud Services | Azure Active Directory Tenants

Click on your Tenant name and look at Applications at the bottom of the window

Locate the application which is set to expire soon

Right click on the application and choose Renew Secret Key

This will pop-up and Azure login screen, you will need to provide credentials for a user who has permission to renew the secret key, in my environment I am using a Global Administrator account to achieve this.

In terms of permissions, if you are not a GA, you need to have at least App Owner or Azure AD Administrator – although I have not tested this!

That’s it, all done.

Further Findings

One problem I did come across was Single Sign-on. When this is configured on the workstation and you are using the ConfigMgr console launched as administrator, you may find that the Azure sign-on tries to sign you in as the incorrect user. To get around this, make sure you launch the ConfigMgr console as the user who will authenticate with Azure AD to renew the secret key. This is particularly important for those Admins using more than one user account.