Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Orchestration Group membership

    I have a few collections that use queries for membership. I would like to be able to have a query run once a week to check membership for Orchestration Groups instead of going through and creating a static list.

    10 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Provide method to easily convert update filters to ADRs

    Provide an in-console method to right-click on a Software Update Filter (saved search) and convert to an ADR Rule

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Orchestration groups - Granular behaviour for different types of update

    Adding more granular control to the behaviour orchestration groups depending on types of updates would improve the feature greatly.

    For example, specifying different behaviour for different types of updates - customers probably don't want to run pre-scripts and post-scripts or even potentially any orchestration for definition updates, whereas they might want to for other types of updates

    23 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Allow Delivery optimization / Connected Cache (DOINC) to be used for ConfigMgr Downloads

    Enable ConfigMgr to utilize Delivery Optimization for Downloads from Microsoft CDN (Windows Updates, Office 365 Updates). Currently This only works for Express Updates. All downloads nativily done by ConfigMgr Agent from the CDN, are using BITS, therefore bypassing DeliveryOptimization (and Connected Cache).
    My plan: Control updates deployment though SCCM, but don't care about contents, let ConfigMgr get them from the cloud, through DO (from Connected Cache when in CorpNetwork, directly if not, always trying DO P2P)

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Process Delivery Optimization Client Settings within OSD TS

    Process the DO Client Setting Policy while within a OSD TS to support also the packageless deployment of Software Updates during OSD without the need to download every update for every client.

    The current behavior in case of deploying software updates without a package during an OSD TS is that each client will download every update from MS instead of using DO and DOINC/MCC.

    The idea behind this scenario is, that you can eliminate the package distribution for Windows updates wihthin the ConfigMgr Hirarchy completely and just use DO as source while ConfigMgr is still the part to configure whichā€¦

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Like keep myself has to with work!!, and the other passwords off here know question about!

    I do PowerPoint it can be anything like a art work or a slide for someone birtday with photo's 3of them any photo's

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Include option to create Child ADR/Nested ADR

    For Example, if we want to create ADR's for Windows 10 and O365 updates, we need two ADR's to be created, because of the difference in configurations such as Title, Product, classifications - all differs on both. If it is nested then we have an opportunity to embed the child ADR in to parent and can be executed on the same time.

    Just similar to creating Child Configuration Item to the parent and deploying both of them using a Single Configuration Baseline.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Install Servicing Stack Updates (SSU) Before Other Updates When User Initiated

    The Current Branch 2002 release introduced a feature to install SSUs first but only when triggered by the deadline.
    From the docs:
    "SSUs are installed first only for non-user initiated installs. For instance, if a user initiates an installation for multiple updates from Software Center, the SSU might not be installed first."

    A lot of work has been put into encouraging user-participation in the patching process. I want the user to decide when they're ready to install the updates and avoid situations where the deadlines impact their work. In those scenarios the behavior introduced in 2002 therefore not helpful.

    Iā€¦

    149 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Third-Party Updates Should Not Attempt 3 Downloads from Internet (WUMU)

    When deploying third-party updates using CMG, the client will detect it's on the internet. In the CAS.log, you will see it things it should reach directly out to windows updates (WUMU) in the CAS.log. The DP returned on ContentLocation.log is actually the internal WSUS location of where the third-party update was downloaded. This path is not resolvable from an internet client and shouldn't be used.

    If the client detects it's on the internet, it should never attempt to download from windows updates, since these updates are not applicable for that scenario. The update will timeout after 3 minutes and 3ā€¦

    85 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Allow Applications/Packages to Show Up Under Updates in Software Center

    Allow admins to determine which tab applications, packages, and task sequences show up in Software Center. This is especially important for applications/packages being able to show up under Updates when wanting to update existing software thatā€™s more complex for Software Updates/SCUP. This would make it easier for end users to make sure they have updated all of their software at one time.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. More options for phased deployments

    Phased Deployments are generally limited to two deployments at a time, it would be great to extend this to reduce administration work over large deployments.

    Additionally you have to go into the deployment and manually configure additional options such as allow clients to download over tethering, it would be handy to configure this step from the phased deployment window so you do not need to go back and set this manually in the deployment.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. make "Prefer cloud based sources over on-premise sources" also apply to Microsoft Update

    Even though Microsoft Docs lists Microsoft Update as supported cloud sources (https://docs.microsoft.com/en-us/configmgr/core/servers/deploy/configure/boundary-groups#bkmk_bgoptions4), "Prefer cloud based sources over on-premise sources" does not seem to apply to Microsoft Update content in the case of an AlwaysOn VPN scenario where devices would show in "intranet" all the time.
    The only alternative option is splitting up update deployments (VPN vs Non-VPN) and working with the download settings on the individual deployments, which is very cumbersome. If a client falls into a boundary group which has the setting enabled, it should respect it and use Windows Update for source content.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Add ESU update classification

    Can you please add an update classification called "ESU" or something like that so that we can filter our ADRs to make updates work properly with ESU? (It seems that if we get a single update that is not allowed for ESU added to our software update group it will make all updates not available.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Include a Patch Tuesday Phases template that can create both even and odd month ADR's to eliminate patching gaps

    For those that use phases (test, pilot, production) for monthly software update deployments with multiple collections before deploying to production, two ADR's that run every other month need to be created (one for odd months and one for even months) with deployments for each patch phase, otherwise there are potentially multiple week gaps in patching the environment. Guidance on configuring even and odd ADR's should also be added to the ConfigMgr online software update documentation.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. 1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Add Ability to Uninstall KBs

    With all the Microsoft Update issues over the past year or so it would be useful to have the built-in ability to push an uninstall of a KB from the SCCM console.

    WSUS services already have this ability by declining an update and approving it for removal. No such functionality exists inside the SCCM console.

    Simply waiting for a future update that may correct a bad KB is not viable for many enterprises.

    Neither is instructing users on how to uninstall KBs on their own from Control Panel as all of our users do not have sufficient permissions to doā€¦

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. More flexibility in deployment schedule for ADR deadlines

    It would be nice to have the same scheduling options available in the ADR eval schedule and the deployment schedule. I have multiple release deployments that occur on the 1st, 2nd, and 3rd Thursday. If the ADR deployment available and deadlines had those options it would be cool...

    0 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Make ignore dismissable errors easily available in windows servicing

    I would like to see an option to easily allow dismissible warnings when deploying a feature update via Windows 10 Servicing

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Control when expired software updates force a package and content refresh

    When you have a large SCCM environment (100+ DP's), if a software update expires it forces a software update package to update immediately and refreshes content across all DP's with that content. This causes network resource issues if the package is quite large, so there needs to be greater control over when the expired update kicks off a package clean up and content refresh. Currently there is a hard-coded 3 hour period between checks, this should be controllable to be able to run more or less often, or at specific times once or twice a day.

    14 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Download Office 365 Updates from a connection point

    Need the ability to pull Office 365 Updates from a server that is not the primary site server. This would be similar to the CMG connection point or Service connection point.

    42 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base