Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make ignore dismissable errors easily available in windows servicing

    I would like to see an option to easily allow dismissible warnings when deploying a feature update via Windows 10 Servicing

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  2. Control when expired software updates force a package and content refresh

    When you have a large SCCM environment (100+ DP's), if a software update expires it forces a software update package to update immediately and refreshes content across all DP's with that content. This causes network resource issues if the package is quite large, so there needs to be greater control over when the expired update kicks off a package clean up and content refresh. Currently there is a hard-coded 3 hour period between checks, this should be controllable to be able to run more or less often, or at specific times once or twice a day.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  3. Download Office 365 Updates from a connection point

    Need the ability to pull Office 365 Updates from a server that is not the primary site server. This would be similar to the CMG connection point or Service connection point.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  4. Office 365 Updates via SUP - Add a Customization tab for Office Customization Toolkit

    Deploying Office 365 updates via the Software Update Point works pretty well, especially when upgrading to a feature release! Upgrading from 1808 Semi-Annual Channel to 1908 Semi-Annual Channel works great! However I'd like to request more granular control of the update.

    When you right click on an Office 365 update --> Properties, it would be awesome to have a tab that gives you the Office Customization Toolkit. OCT should give you the ability to change channels, change bitness, unselect programs like Teams or OneNote.

    I understand that we can create a whole new Office 365 application package and deploy to…

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add Software Updates to existing Software Update Group while manually downloading an update

    It would be nice to have the option to add updates that you, for some reason, manually download in the Software Updates node to an existing Software Update Group.

    It's not much work having to go back to the console after the wizard is complete and add them but would be a nice addition to the 'Download'-wizard for Software Updates.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  6. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  7. Remove unreferenced update package folders

    When a software update sync cycle run, it will not remove unreferenced package folders from the UpdateServicePackages folders.

    Setting a checkbox to decide whether or not to clean those folders. Since now it is being used to store third party updates and the folder could get big.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  8. SCCM compliance reporting should work on clients that use WUfB

    Right now I have no compliance data for a client's Windows Updates in SCCM if I enable WUfB on the client. My organization does not want to use Azure AD for domain joins nor Windows Analytics for update compliance information. Without compliance information in SCCM, we cannot use WUfB which has the superior update experience over ConfigMan software updates. We want the WUfB superior update experience without the cloud integration.

    Thanks.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add an option for Weeks under Supersedence Rules in Software Update Point Component

    For nearly all months, we only need to keep superseded updates for an additional week or two and not a full month. The current options ask for months to wait before a superseded software update is expired. Adding a Weeks option will allow for us to keep those superseded updates, but for a shorter period of time.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  10. Orchestration Groups Microsoft Endpoint Congfiguration Manager 1910

    I know in SCCM Tech Preview 1909, they talked about Orchestration Groups for servers. Why wasn't this feature added in to the new Microsoft Endpoint Configuration Manager 1910? Will this be added in the next iteration? From reading this would be a good feature to have, when it comes to installing updates on cluster servers.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  11. Office 2019 updates are syncing to wsus as the "Office 365 Client" product catagory instead of the "Office 2019" product catagory.

    Office 2019 updates are synchronizing to SUP/WSUS under the "Office 365 Client" product category instead of the "Office 2019" product category. Nothing actually syncs as "Office 2019." Please list Office 2019 updates as "Office 2019" updates instead of "Office 365 Client" updates. It makes it difficult to separate the packages and to build proper ADRs.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable Publishing 3rd Party updates on SUG

    Currently we can publish third party updates from "All Software Updates" before adding them to a SUG. It would be great if we get a feature which will allow is to publish selected 3rd party updates in SUG on a whole and not individual or multiple selections.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  13. 3rd Party Contend Management

    Contend Management for 3rd Party Software Updates Catalog for publish republish or delete Contend.
    Also better cleanup for Update Database to delete 3rd Party Drivers from DB.
    And an option to recreate Partner Catalogs

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  14. Software update scan results available to WQL

    Please can you make v_UpdateScanStatus available in WQL, as it would be useful to be able to create collections based on software update scan results.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  15. Install and Configure WSUS As Part of SUP Role Creation

    WSUS is a well-known pre-requisite for the Software Update Point role yet the user is entirely left to their own devices to install and configure it. The default WSUS installation options are widely regarded as non-optimal. Further, there is plenty of precedent for ConfigMgr installing OS roles.

    I would like to see the WSUS OS role be installed and configured as part of the SUP role installation. Where necessary, the wizard can suggest better configuration options than WSUS’s defaults. I’m certain the community will come up with more ideas than this but here’s a few I can think of, some…

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  16. Patch Management

    SCCM used to patch the server (OS level) , based on the missing KB's identified on the server and report the compliance level . However, it missed to check whether the DLL or registry change updated /happened successfully or not. In some cases , due to multiple reason ( improper reboot, network issue) . DLL or registry files not update and due to which trace of older version and vulnerability exists on the system.

    Case # 2. Vulnerability like Meltdown and Spectra require patch + registry changes , when server admin pushes the KB through SCCM , it only patches…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  17. SUG content, possibility to keep it untouched.

    Some of our customers need a fixed patchrelease für more than one month, because of restricted testing scenarios. When they began to test an application, during the whole release phase of the application, it is necessary not to touch the OS level. Yes, this sounds strange and i do not want to discuss this here. I want to discuss the possibility to hold a Software Update Group content fix and robust against a WSUS or SUP sync. Which means do not touch expired or superseeded or any update in this SUG. ATM this is not possible in SCCM CB. The…

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  18. Date Released or Revised More Than Option

    Date Released or Revised under Software Updates tab for ADR should have the ability to allow you to grab updates that are more than a week or month old. I don't want the ADR to pick up updates that are only a day or two old. This is too risky.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  19. Schedule ADR to run x minutes after WSUS sync is completed

    I would like to be able to set a ADR to run x minutes after a WSUS sync is completed. Today if you set the option "Run the rule after any software update point synchronization" it often times fails since it runs before the WSUS sync is completed and the updates are available. This is often noted if you are using SCEP and want the latest patches deployed after each WSUS sync.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  20. Delivery Optimization In-Network Cache

    The downloads from Delivery Optimization In-Network Cache should get a seperate category in the Windows activity monitor. Currently all downloads from the cache show up as downloads from Microsoft.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base