Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 162 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    18 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →

    Updating status to planned, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help#send-a-suggestion for an explanation of each status value.

    We’ve shipped fixes for a few scenarios that can cause this in 1902 but know there are some scenarios left.
    May we ask anyone still experiencing it on 1902 to gather verbose logs from the client and send a frown so we can troubleshoot additional scenarios that cause the error.

  2. Improve error messages on Automatic Deployment Rule failure than the generic 0x80004005

    Any failure of an Automatic Deployment rule seems to fail with an 0x80004005 error. However, this is may a removed update (removed by Microsoft). This case should be handled more gracefully and have better debugging messages.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow offline patching of Feature Updates

    Currently (as far as I can tell anyway) there is no way to offline patch a feature update. I'm currently in the process of developing an upgrade strategy for moving from 1709 to 1809.

    At the moment, I have to deploy the feature update, and once complete, the subsequent patches are applied soon after, increasing disruption to users already inconvenienced by having their computer offline for at least 30 minutes while the feature update applies.

    It would be great if the feature update could be kept "up-to-date" by allowing offline patching, and therefore necessitating only a single reboot, which would…

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  4. Get rid of the 100 Category limit for WSUS with third party updates

    Not sure why anyone would place a cap on the number of categories for software update with third-party updates but considering SCCM is used for performing updates and plugins can be integrated into the system having a 100 Catagory limit makes no sense

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  5. The Office 365 updates behavior in SCCM 1802 still feels off and unpolished

    We still see prompts for closing running office applications and while Software Center displays a reboot required, the update doesn't seem to get installed unless manually triggered through the in-app notification.

    85 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  6. Create the ability to deploy updates superseded by Quality Updates even after the supersedence rule has expired them

    We do not apply quality updates in our environment. We only deploy security only updates. There are updates that are superseded by quality updates only. They are also superseded for longer than our site configurations supersedence rules and therefore we have no way to deploy these to our environment except building a package for them.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add expiration datetime to Software Update Group Deployment

    Add expiration "datetime" to Software Update Group Deployments.

    Once the deployment - based on the expiration date - is expired, the deployment is no longer active.

    Now you have to remove or disable (manual/PowerShell) a deployment if you want to unlink it with the linked collection.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  8. Bring Servicing Plans into Parity with WUfB/Intune or Kill Them

    Since the initial release of Win 10 servicing plans they haven't kept up with their WUfB/Intune companions. While I can appreciate that many are not using servicing I feel it's a bit of a chicken and egg problem.

    Specifically:
    Remove SAC-T at some point (Win 10 1903 and beyond won't have it)
    Increase the delay to 365
    Configure the uninstall period (2-60)
    Support the Insider releases.

    Alternatively, since WUfB is now integrated into the console just get rid of servicing plans entirely. In such case you may want to integrate the dual scan configuration into the WUfB node.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to get reports on individual update by clicking on the Pie

    When I click on individual updates, I see on the bottom the pie chart of "Total Asset Count:" I am requesting that be a link that automatically launches the report so I can get a listing of all the machines related to the pie chart. Similar to when I click on a deployment and I can drill down to the list of Objects related to that deployment where it failed, succeeded, etc. I know I can run a report, but the report is not always accurate and "live". For that matter, where is it getting that number from??

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow WSUS servers to download updates only on HTTPS

    Currently, the WSUS servers connect to the URLs (both HTTP and HTTPS) to download the updates, as mentioned in this link: https://docs.microsoft.com/en-us/sccm/sum/plan-design/plan-for-software-updates#BKMK_ConfigureFirewalls

    This means allowing HTTP traffic to come down to internal servers (by creating exceptions in the proxy settings), causing serious audit failures and security concerns.

    Also, a lot of proxy solutions also have a capability to block the content from whitelisted HTTP URLs if the file size is too large, thinking that it might be malicious content. This again causes problems when Windows 10 Feature and Express Updates are downloaded!

    Hence, it would be great to publish all…

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add "Next Evaluation Time" column for "Automatic Deployment Rules"

    It would allow an administrator to confirm custom schedules like "Every 23 days, from 11 September 2017" and monthly schedules using offsets are hitting the expected dates, preventing unauthorized change. There is a "Last Evaluation Time" so to have the "Next Evaluation Time" is logical.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add software updates package source restrictions or warnings

    When a software updates package is created, the given path is cleared of any existing content. This is very destructive if an incorrect path is given. One of several things should happen:
    1. Restrict the location of software updates packages if another package is using the same folder or any folder below.
    2. Warn if additional content is detected in the given path for a software updates package.
    3. Not clear additional content from software updates packages source locations.

    We recently ran into this with a co-worker making documentation and put in the root path for all of our packages…

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  13. ADR – Software Updates Property Filters

    When creating a new ADR software update you have the option to select the property filters and search criteria’s in the wizard. It would be beneficial for an advanced search technique or “wild card” to identify those filters that are broader. For Example: -%Cumulative Update for .NET Framework%Windows 10 Version 1809

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  14. ADR-WIZARD - The ability to create additional deployments during the initial ADR set-up.

    When creating an ADR the wizard looks to be limited to a single deployment. There is the ability to add additional deployments. However, It would be nice if the creation of multiple deployments could be accomplished within the initial ADR creation in the set-up wizard.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  15. Auto update software on pc with software installed

    A nice feature would could be if a PC already has a certian piece of software installed and I release a new version it will automatically install update. I could just use required deployment but that will install on all PCs which is not needed.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  16. Deploy patches to servers only after an event has occurred successfully during a defined period of time

    Deploy patches to members of a server collection after a chosen event has completed successfully within a defined period of time, this would allow for a backup to occur for example before deploying the patches. This would then check that an event has happened before running the patch install process using ConfigMgr, and using status messages to create alerts based on event viewer this could then be used for non MS backup utilities.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  17. from All Software Updates right click and show machines that need the update

    From All Software Updates Right click on the update, click on Show Machines that require the update and see a list of Machine names that need the update.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  18. Update changes to maximum runtime for software updates with machine policy

    If maximum runtime for an update is changed it can take weeks/months and sometimes never to update on a client that already received the update assignment.
    In our case it was a feature update and we changed the software update maximum runtime after deployment once we found this was missed.
    We still find clients after 1 month that is in failed state for the update and have the standard maximum runtime value.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  19. It would be nice to get the ability to do true driver updates from the Software Update Point role instead of trying to deploy the exe.

    It would be nice to get the ability to do true driver updates from the Software Update Point role instead of trying to deploy the exe to actually create a package.

    Allow the drivers check box similar to using WSUS.
    Then allow them to pull down the driver similarly how WSUS handles this mechanism since SCCM is leveraging a WSUS instance to do the other portions of the Software Update Point.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  20. Soft and Hard Deadlines for Software updates

    Software updates need a 'hard' deadline so that computers who have hit the updates but never leave their computers on within a maintenance windows, will never have the updates installed.

    1st : Deployments made available for users to install at their leisure from the software center. Possible

    2nd : After say 1 week, install the updates as per maintenance windows in the evening. Possible

    3rd : After 1 more week if not yet installed, just install no matter what at any time, with the standard notifications for reboots as per SCCM client settings. "Currently not possible"

    https://social.technet.microsoft.com/Forums/en-US/6f8f161c-45e2-4a1a-b78c-dd1f7c0bbc0c/software-updates-adrs?forum=ConfigMgrCompliance

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base