Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Search for CVE numbers

    Now that Microsoft has moved away from using the Bulletin IDs for some of the major updates, it will become very useful for us to be able to search the Software Updates using the CVE number (i.e. CVE-2017-0199: Microsoft Word HTA Handler Vulnerability). This will help us quickly look up patch status for those CVE identifiers.

    86 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. In the office 365 dashboard, please include the release version in addition to the builder versions

    In the office 365 dashboard, please include the release version in addition to the builder versions

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Rename Deployment Packages to Update Packages

    Deployment Packages have nothing, zip, zero, nada to do with deployments so calling them deployment packages leads folks to the wrong conclusion about them and is inaccurate at best. These packages simply contain update binary files and should instead be called "update packages" or maybe even "update binary packages" to emphasize what they actually do.

    25 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Remove empty deployment packages

    When you create a deployment package over time the software updates expire and are removed. However if you look through Deployment Packages the original size of the package is shown. Right click and show members and the package is empty. Check the file location for the package source and it is empty. Can you find a way to either automatically clean up empty deployment packages or offer the column of "Number of updates" as in Software Update Group, so these empty packages can be identified.

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. All Software Update Statistics

    When looking at an update either through All Software Updates or a SUG please make the statics node clickable. It would be beneficial from that node to be able to click on "required" or "unknown" to see the specific list of machines, similar how you can see the stats when looking at a deployment. Currently only real way to look up the stat is to write down the KB and then head over to monitoring and start running reports on the KBs.

    36 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Automatic Deployment Rule | Restart System Prior to Software Update Installs based on "Pending Restart" Flag

    This could be accomplished with the ability to call an ADR from a Task Sequence and/or the ability to run a Restart Command on a machine prior to the implementation of Software Updates.

    Issue: Machines have a pending restart that is preventing additional software updates to continue installing. This is often seen with Child Updates to existing software update rollups. The log will note that the machine is waiting on a Restart to complete task.

    Solution: The ability to query the machine, in one of the 4 ways available for a Pending Restart automatically from a Task Sequence or builtā€¦

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Windows Update Agent Self Update

    According to Microsoft support, on Windows 10, the only way the Windows Update Agent version is update is via the monthly cumulative updates. For Windows 10 the Windows Update Agent version is updated on a more frequent basis then older OS versions due to the new feature update servicing function. On OS versions before Windows 10 the Windows Update Agent version was able to be updated via the WSUS SelfUpdate website.

    Only including the WUA version updates using the monthly cumulative updates can cause problems that you might not notice right away. This is especially true if you don't deployā€¦

    6 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Bitlocker aware updating - Suspend bitlocker automatically

    Now that Surface drivers and firmware are available to download as software updates it would be great to be able to deploy them without worrying about Bitlocker and having our users locked out.

    So far it seems that we have to do a lot of testing to see whether or not a driver or firmware will lockout bitlocker, and then give up and deploy them using a TS, so we can suspend Bitlocker, update, reboot and reenabled bitlocker.

    Could all drivers/firmware from the Surface update category automatically have bitlocker suspended when deployed as an update? or give us a tickā€¦

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Better default Products/Languages selections when adding a new SUP

    Please provide more meaningful default products/language selections when you add a new SUP.

    Now there are selected by default products that are not supported by Microsoft/ConfigMgr (e.g. Windows XP, Windows Vista, Office 2002/XP).

    Personally, there shouldn't be any products selected if you cannot provide the current (= at the time when ConfigMgr CB version was releeased) metadata information.

    I don't know if there is ANY customer in the world, who would like to have all the languages that are selected by default. Only English should be selected as default.

    33 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. O365 ADR for New Office Installs

    We have the ability to setup ADR's for O365 updates, but we need the ability to create O365 ADR's for downloads and deployments of the newest O365 Installers to new images that do not have O365 installed yet.

    32 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Option to force restart desktop endpoints if no user logged in

    Hi There,

    I am wondering if we can have an option in SCCM to force restart desktop endpoints after patch installation when no user logged in. This option certainly not useful for server endpoints but for desktop endpoints, it could be a blessing for work station admins those have to chase users to restart the VDI/desktop endpoints periodically to get patches installed in an environment where admins can't define any specific restart time due to nature of the job. Possible options/ features I see:
    1. Define setting in machine collection/ deployment group that if no user logged in install theā€¦

    19 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Content Size (KB) Column in SCCM Console

    In SCCM console, Software Library --> Software Updates, I have never seen the 'Content Size (KB) column' ever populated with the size of an update, why is this? Would it be possible for this information be passed through? Individual patches have developed into becoming cumulative updates, rollups etc and are considerably larger in size e.g. over 1 Gb each. In some instances they fail to install on low spec servers because they are marked with what seems to be the standard 'Maximum Run Time' of 10 Min. Knowing the update size and the MTU set within the view of theā€¦

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Allow Software Center to report all installed Software Updates

    When software updates are pending installed or just installed they are reported in the Software Center, Software Updates section. Then they disappear from that view.

    Can we configure the software update view to report all software updates installed by the SCCM client? Or reference the installed updates from Windows Update agent?

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. ADR Available Deployments

    I would like to see ADR's support the creation of Available deployments in addition to Required deployments. We have some business cases where a certain subset of servers are aren't allowed to "push" software updates to until the server/app owners have verified the patches.

    The issue is that these servers don't have connectivity to the internet so we have to deliver them via ConfigMgr. By creating an Available update using an ADR, it streamlines our ability to "deliver" the updates to all systems, and allow the Patching Team, or App/Server owner to patch according to their own business schedules.

    264 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    26 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Display progress of Office 365 Client Updates into WUAHandler log

    When deploying the Office 365 Client Updates with ConfigMgr, there is no information currently written into the WUAHandler.log. All other software updates (including Office 2016) appear in the WUAHandler.log with an entry showing they are missing and once installed, an entry showing the install was finished, the exit code, and whether or not a reboot is required.
    1) 1. Update (Missing): Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4015217) (4a4cfa3f-337e-496e-9d32-a143afcb27f4, 200)

    2) Update 1 (4a4cfa3f-337e-496e-9d32-a143afcb27f4) finished installing (0x00000000), Reboot Required? Yes

    There is currently no such information displayed for any Office 365 updates. If the WUAHandler.log containsā€¦

    46 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Add Office 365 Deferred Channel selection to Automatic Deployment Rules (ADR)

    Since the deferred channel consists of multiple versions it would be great to select from those deferred channels as well. Customers that roll out on this channel only usually still have some kind of waves implemented regarding the different versions available on that channel. The name of the updates can only be filtered so much (see screenshot) before it becomes impossible to filter any further. Currently they need to change the version number every time within the ADR.

    32 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Software Update reports accessible from within Software Updates

    It would be great to have a menu item to view the specific update reports in the All Software Updates view and within the Software Updates Groups view. Currently we can ascertain the updates' status details, required count, install count etc... from the Software Update list view but this information is not interactive. To actually identify the specific list of systems these updates are needed by or installed on we have to manually run a compliance report for the software update. It would be nice to have that functionality built into the Software Library module where highlighting an update willā€¦

    19 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Log which user initiated software updates

    In a multi-administrator environment, it's often useful to check which user initiated the installation of the software updates.

    Now all we have is: 'InstallUpdates Initiated by user'.
    We don't really know which user initiated those updates.

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Ability to automatically install Windows 10 ADK releases (or rollback or apply hotfix) via Updates and Servicing.

    The windows 10 adk has changed a few times since the original release of Windows 10, there have been two major releases and one hotfix to fix issues with the second release, as a consequence of that many people got jittery about upgrading to ADK 10 1511.

    How are we going to deal with this in a good way, a really good way. Prior to this we didn't have to upgrade our boot images every 6 months or so.

    Here's the suggestion:-

    #1. When we update from 1602 to 1607 (or whatever) to support the next generation of Windows, itā€¦

    807 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    14 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
    Noted  ·  sangeev responded

    Updated to Noted. We’ve been discussing the same in our planning meetings.

    Thanks,
    BobMN on behalf of SangeeV for SCCM OS Deployment

  20. Allow configuration of WSUS to only sync desired channel and released updates

    The SCCM console is littered with updates I don't care about for Windows 10 and Office 365. Not only that, but it adds to the scan overhead on the clients. Please allow me to configure to sync only updates based on:

    Windows 10:
    * Release - Do not sync any "Preview" updates.
    * Upgrades - Do not sync any upgrades. We will do this via TS
    * Security & Quality Rollup ONLY - I don't need to see the Security Rollup when I'm already deploying the COMBO. For Windows SERVER, I want just the opposite, I want to see onlyā€¦

    7 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
1 2 6 8 10 22 23
  • Don't see your idea?

Feedback and Knowledge Base