Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to easily list computers not patched against a specific CVE

    Say you want to list computers not patched against CVE-2019-0708 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708). 2 problems here :

    - Depending of the OS version, the KB number is not the same.
    -A KB number is quickly superseded and depending of the supersedence behavior, it becomes unknown from SCCM.

    It could be great if for each computer a mecanism could determine which KB is needed, if it (or a superseding KB) has been applied and produce a report.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  2. Email alert every time ADR is running and add diployment

    Please add an option for sending email every time ADR is running and add deployment.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  3. Delivery Optimization Cache as public CDN

    If ISP customers could automatically use the nearest cache node, then ISP can get rid of non-standard caches for saving bandwidth.

    I mean "Internet Service Provider" or "Internet Access Provider" for example a company which buys 10Gb of Internet over fiber and then sells it over wireless/dsl/fiber to 1000 customers each one 10Mb .

    Actually I think there would be a standard way for ISPs to cache Microsoft updates without need any change in client configs.

    For example look at following link https://wiki.squid-cache.org/SquidFaq/WindowsUpdate . It is one of many examples that show ISPs try to reverse engineering the windows updates…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  4. Create the ability to deploy updates superseded by Quality Updates even after the supersedence rule has expired them

    We do not apply quality updates in our environment. We only deploy security only updates. There are updates that are superseded by quality updates only. They are also superseded for longer than our site configurations supersedence rules and therefore we have no way to deploy these to our environment except building a package for them.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add expiration datetime to Software Update Group Deployment

    Add expiration "datetime" to Software Update Group Deployments.

    Once the deployment - based on the expiration date - is expired, the deployment is no longer active.

    Now you have to remove or disable (manual/PowerShell) a deployment if you want to unlink it with the linked collection.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  6. Pre and Post actions during patching

    We have a need to run a scripted action [i.e. Ability to run one or more .ps1 Powershell scripts/vbscripts/batch files/cmd files] both before patching and after patching on specific machines that receive a SUG deployment.

    These actions can be for a variety of reasons:

    • Reboots before patching
    • Stopping services or other applications processes
    • Read server state and making sure it is set correctly after patching is finished

    Currently we reboot 90% of our fleet before running patching to make sure system memory (we check memory?) etc. are clean, to allow the best possible patching result.
    We have…

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add "Next Evaluation Time" column for "Automatic Deployment Rules"

    It would allow an administrator to confirm custom schedules like "Every 23 days, from 11 September 2017" and monthly schedules using offsets are hitting the expected dates, preventing unauthorized change. There is a "Last Evaluation Time" so to have the "Next Evaluation Time" is logical.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  8. ADR – Software Updates Property Filters

    When creating a new ADR software update you have the option to select the property filters and search criteria’s in the wizard. It would be beneficial for an advanced search technique or “wild card” to identify those filters that are broader. For Example: -%Cumulative Update for .NET Framework%Windows 10 Version 1809

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  9. ADR specify group, deployment, and package name

    Currently the naming of objects automatically takes the ADR rule name and appends a timestamp value. I would like to be able to specify my own naming text, e.g. "Monthly Updates - %MONTH% %YEAR%" for the software update group and deployment package. I would also like to specify the deployment names, e.g. "Monthly Updates - %MONTH% %YEAR% - No Reboot". If the ADR is run again, I want it to update the existing objects.

    Even better if you simply allowed me to specify embedded PowerShell commands, e.g. "Monthly Updates - $((Get-Date).Month)-$((Get-Date).Year)". This can be done by simply processing the string…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  10. ADR-WIZARD - The ability to create additional deployments during the initial ADR set-up.

    When creating an ADR the wizard looks to be limited to a single deployment. There is the ability to add additional deployments. However, It would be nice if the creation of multiple deployments could be accomplished within the initial ADR creation in the set-up wizard.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  11. Auto update software on pc with software installed

    A nice feature would could be if a PC already has a certian piece of software installed and I release a new version it will automatically install update. I could just use required deployment but that will install on all PCs which is not needed.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  12. Why cant be Dynamic Updates enabled for Windows 10 Servicing Model in SCCM

    Dynamic update option is available to use “Upgrade Operating System” task sequence step. Why cant Dynamic Updates enabled for Windows 10 Servicing Model in SCCM?

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  13. Get rid of the 100 Category limit for WSUS with third party updates

    Not sure why anyone would place a cap on the number of categories for software update with third-party updates but considering SCCM is used for performing updates and plugins can be integrated into the system having a 100 Catagory limit makes no sense

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  14. It would be nice to get the ability to do true driver updates from the Software Update Point role instead of trying to deploy the exe.

    It would be nice to get the ability to do true driver updates from the Software Update Point role instead of trying to deploy the exe to actually create a package.

    Allow the drivers check box similar to using WSUS.
    Then allow them to pull down the driver similarly how WSUS handles this mechanism since SCCM is leveraging a WSUS instance to do the other portions of the Software Update Point.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  15. Soft and Hard Deadlines for Software updates

    Software updates need a 'hard' deadline so that computers who have hit the updates but never leave their computers on within a maintenance windows, will never have the updates installed.

    1st : Deployments made available for users to install at their leisure from the software center. Possible

    2nd : After say 1 week, install the updates as per maintenance windows in the evening. Possible

    3rd : After 1 more week if not yet installed, just install no matter what at any time, with the standard notifications for reboots as per SCCM client settings. "Currently not possible"

    https://social.technet.microsoft.com/Forums/en-US/6f8f161c-45e2-4a1a-b78c-dd1f7c0bbc0c/software-updates-adrs?forum=ConfigMgrCompliance

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add Boundary Group Selection to SUP Creation Process

    It has become a semi-regular occurrence in the various communities that someone has created a new environment or rebuilt their SUPs and suddenly none of their clients updates are managed by ConfigMgr and they're getting updates direct from Microsoft.

    Often the root cause is that they did not add the new SUP to any boundary groups. It's an additional step that users just need to kinda of magically know ahead of time to do. Which is to say people aren't going to know and find out the hard way.

    Let's solve this somehow. For me, making boundary group selection part…

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  17. Include Dashboards For Status On Update Deployments

    Including dashboards for Windows Update status seems like it should be included already but they aren't.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  19. Publish third party software update content

    Publish third party software update content even that catalog were added to WSUS by another application, tool, or script, such as SCUP.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  20. Show The Chain of Expired/Superseded Updates in the Console

    When I search for a KB in the SCCM Console, there should be a tab, likely at the bottom pane of the console (e.g. a part of Summary, Deployment, Phased Deployments), that shows what updates a given KB superseded or what has superseded that KB. This is better than having to go to search this out on the web.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base