Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Schedule ADR to run x minutes after WSUS sync is completed

    I would like to be able to set a ADR to run x minutes after a WSUS sync is completed. Today if you set the option "Run the rule after any software update point synchronization" it often times fails since it runs before the WSUS sync is completed and the updates are available. This is often noted if you are using SCEP and want the latest patches deployed after each WSUS sync.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  2. Delivery Optimization In-Network Cache

    The downloads from Delivery Optimization In-Network Cache should get a seperate category in the Windows activity monitor. Currently all downloads from the cache show up as downloads from Microsoft.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  3. Optimize the Software Updates overview

    I believe that it would create a better overview of your Software Updates in your SCCM-environment if you had them all gathered in 1 node. Instead of having it like today where you can deploy a Office365 Update without it being part of a SUG and the same with Windows 10 Servicing-updates. They should be integrated into the Software Update Groups-node in some way. Either so that it shows the deployed updates from O365 and Servicing or making it so that you need to add them to a SUG before deploying them. As of now you need to browse 3…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow republish of Third-Party content

    Currently once a third-party update is published, SCCM assumes the content is always available in the WSUS content folder. If this folder is deleted, the published content is lost and cannot be re-published. Adding a re-publish context button on already published items will fix broken updates without having to rebuild the entire WSUS database.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add a Right-Click and Show Members on Updates that have Required counts

    A right click feature would give an easy way to identity corrupted or out of compliance systems.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  6. Compare group server patching level

    A right click tool (or script) to compare installed hotfixes in a collection group of servers.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  7. Offline move of Third Party Updates to another SCCM Hierarchy

    Work in environments were multiply SCCM infrastructures may exist. Some of the networks are segregated or disconnected from access to outside world. Would be great if connected infrastructure could share approved catalogs, publish updates, and content for deployment via some sort of offline solution. Something like the WSUS Export/Import solution.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  8. Identify missing patches direct from Microsoft Update

    Unless you select all products and classifications in your configuration of Software Updates, it's possible you have computers on your network which require updates to Microsoft products but you'll never know about them.
    Can ConfigMgr add a feature to alert you if you have clients that require updates which are not enabled in your software update configuration?
    Otherwise you could be potentially leaving a big hole in your endpoint security.
    Maybe this could be added as a management insight, or a report?

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  9. When required updates are delivered, popup the "Required software changes..." dialog window

    When required updates are delivered, popup the "Required software changes..." dialog window. The current 5 second toast notification and small taskbar icon don't do much to alert the user. This would greatly increase the # users that install and reboot before the deadline. Currently a vast majority get installed automatically at the deadline. It's a likely reason companies have a difficult time requiring a reboot. The "Required software changes..." dialog window provides the date and time it will automatically install and allows them to install now. You can only communicate out so much to the users, so these dialog windows…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  10. Targeted Software Update Sync of Specific Products

    As we are testing new third party update, I find myself doing a lot more manual SUP syncs. It would be excellent if I could do a custom, one off sync of specific Products or Vendors or something along those lines.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  11. Include Simulated Deployments in Software Updates

    Just like in Application deployments, it would be helpful to include simulate deployment under the areas of software updates.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to easily list computers not patched against a specific CVE

    Say you want to list computers not patched against CVE-2019-0708 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708). 2 problems here :

    - Depending of the OS version, the KB number is not the same.
    -A KB number is quickly superseded and depending of the supersedence behavior, it becomes unknown from SCCM.

    It could be great if for each computer a mecanism could determine which KB is needed, if it (or a superseding KB) has been applied and produce a report.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  13. Email alert every time ADR is running and add diployment

    Please add an option for sending email every time ADR is running and add deployment.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  14. Delivery Optimization Cache as public CDN

    If ISP customers could automatically use the nearest cache node, then ISP can get rid of non-standard caches for saving bandwidth.

    I mean "Internet Service Provider" or "Internet Access Provider" for example a company which buys 10Gb of Internet over fiber and then sells it over wireless/dsl/fiber to 1000 customers each one 10Mb .

    Actually I think there would be a standard way for ISPs to cache Microsoft updates without need any change in client configs.

    For example look at following link https://wiki.squid-cache.org/SquidFaq/WindowsUpdate . It is one of many examples that show ISPs try to reverse engineering the windows updates…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  15. Create the ability to deploy updates superseded by Quality Updates even after the supersedence rule has expired them

    We do not apply quality updates in our environment. We only deploy security only updates. There are updates that are superseded by quality updates only. They are also superseded for longer than our site configurations supersedence rules and therefore we have no way to deploy these to our environment except building a package for them.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add expiration datetime to Software Update Group Deployment

    Add expiration "datetime" to Software Update Group Deployments.

    Once the deployment - based on the expiration date - is expired, the deployment is no longer active.

    Now you have to remove or disable (manual/PowerShell) a deployment if you want to unlink it with the linked collection.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  17. Pre and Post actions during patching

    We have a need to run a scripted action [i.e. Ability to run one or more .ps1 Powershell scripts/vbscripts/batch files/cmd files] both before patching and after patching on specific machines that receive a SUG deployment.

    These actions can be for a variety of reasons:

    • Reboots before patching
    • Stopping services or other applications processes
    • Read server state and making sure it is set correctly after patching is finished

    Currently we reboot 90% of our fleet before running patching to make sure system memory (we check memory?) etc. are clean, to allow the best possible patching result.
    We have…

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add "Next Evaluation Time" column for "Automatic Deployment Rules"

    It would allow an administrator to confirm custom schedules like "Every 23 days, from 11 September 2017" and monthly schedules using offsets are hitting the expected dates, preventing unauthorized change. There is a "Last Evaluation Time" so to have the "Next Evaluation Time" is logical.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  19. ADR – Software Updates Property Filters

    When creating a new ADR software update you have the option to select the property filters and search criteria’s in the wizard. It would be beneficial for an advanced search technique or “wild card” to identify those filters that are broader. For Example: -%Cumulative Update for .NET Framework%Windows 10 Version 1809

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  20. ADR specify group, deployment, and package name

    Currently the naming of objects automatically takes the ADR rule name and appends a timestamp value. I would like to be able to specify my own naming text, e.g. "Monthly Updates - %MONTH% %YEAR%" for the software update group and deployment package. I would also like to specify the deployment names, e.g. "Monthly Updates - %MONTH% %YEAR% - No Reboot". If the ADR is run again, I want it to update the existing objects.

    Even better if you simply allowed me to specify embedded PowerShell commands, e.g. "Monthly Updates - $((Get-Date).Month)-$((Get-Date).Year)". This can be done by simply processing the string…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 22 23
  • Don't see your idea?

Feedback and Knowledge Base