Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Software Updates DP download from Windows Update

    Add the ability for DPs (presumably at remote locations) that have better connectivity to Windows Update) to download update [binaries] directly from Windows Update instead of through the normal content distribution process.

    67 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Office 365 Proofing Tools language Selection

    Office 365 Proofing Tools language Selection:

    In SCCM, we cannot select the Office 365 Proofing Tools Languages along with the Office 365 Client Update. But, if we choose the Office 365 languages then the respective Office 365 Proofing tools language will be selected.

    Office 365 language size will have ~400-500MB and the Proofing tools language size will have 30-150MB. So, if we select ONE language, then it will be around ~450-650MB. Here most of the users will not have Office 365 language Pack, but they will use Office 365 Proofing Tools languages for Grammer, Spell check, etc.

    As per theā€¦

    67 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Bring download timeout for patches inline with other products e.g. InternetExplorer, .Net-applications

    From case "117070515991825

    When your SUP tries to download big Windows Updates files, the updates are timed-out because:

    If the proxy doesnā€™t send HTTP/1.1, Status: Ok in 30 seconds, this will cause the SCCM server to send a Reset flag and close the connection.

    SCCM HTTP 30 seconds timeout it's hardcoded and cannot be changed.

    Please make the download read/write timeout configurable or bring it inline with standard http timeout.

    67 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Option to set Security scope on ADRs

    ADRs do not have the option to set a security scope. In an environment with multiple departments making their own ADRs for their dept's devices, it would be useful to be able to set a security scope on the ADR itself like you can with the SUGs and Deployment Packages

    64 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Windows Store Apps update controlled from SCCM Updates and SUP

    We are a school system with over 30K of 1:1 devices and counting and our networking team just watched 378 GB of downloads from dl.delivery.mp.microsoft...this morning. Turns out that this is Win10 Store apps updating. (Provisioned apps most likely as we use very few apps right now.) My boss was not too happy that this happened during testing.

    We control our Windows updates with SCCM using a SUP and WSUS and everything is fine but we have no way to control store updates, frequency, caching on our DPs etc. Any chance of adding store updates to work like Windows updatesā€¦

    63 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Suspend Bitlocker before reboot

    When a BIOS update is being deployed, automatically suspend Bitlocker before the reboot. If this doesn't happen, you're forced to enter the recovery key which isn't very practical if you're doing a large roll out.
    FYI this is for BIOS updates for Dell coming from SCUP 2011. Probably applies to other hardware

    60 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Add support for Drivers Update Classification (as we had in CM 2007)

    to update Surface Hardware with latest Firmware and Drivers we need Drivers category in configmgr 2012 and later as we had it in CM 2007.

    That would be much easier than deploying an msi file.

    60 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Add ADR Timeframe of "Updates older than X days"

    Today, we can deploy updates using an ADR based on a number of timeframes, but most will deploy updates that came out within the last period of time.

    For instance, we can deploy updates that came out within the last month, but there is no 'Date Released' value for updates older than X or updates that came out within the last three weeks, for instance.

    A number of my customers want to wait and let the community test updates before deploying them, and we currently have to be a bit clever with our timelines to make this work.

    60 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Deploy Windows 10 language pack & FOD using software update

    It would be very convenient if we could deploy language packs and FOD from software updates as these packages change with new windows builds and sometimes new revisions.
    Current options require a lot of time and testing.
    If we could just add language packs and FOD to a software group and target the deployment this will make the process much faster and with new windows build it will require minimal amount of time to enable the updated LP files/updates

    Currently this does not work as the updates are detected as not required on the machines and it would be goodā€¦

    57 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Configure multiple deployments in One Software Update Group

    Hi,

    After the successful implementation of the following, https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/8386953-configure-multiple-deployments-in-an-automatic-dep, which is really nice. How about the possibility to extend this and instead of creating several SUGs with different deployments create one SUG with multiple deployments?

    57 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    9 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Third-Party Updates Should Not Attempt 3 Downloads from Internet (WUMU)

    When deploying third-party updates using CMG, the client will detect it's on the internet. In the CAS.log, you will see it things it should reach directly out to windows updates (WUMU) in the CAS.log. The DP returned on ContentLocation.log is actually the internal WSUS location of where the third-party update was downloaded. This path is not resolvable from an internet client and shouldn't be used.

    If the client detects it's on the internet, it should never attempt to download from windows updates, since these updates are not applicable for that scenario. The update will timeout after 3 minutes and 3ā€¦

    56 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. In ADRs I would like more options when scheduling a deployment

    I would like to be able to say that I would like the deployment of the third Thursday of every month. I would also like to have deployments made as available not just required.

    54 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    6 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Allow us to categorise Software Updates

    We have a few Software Updates that we just don't deploy. Every month, our list of "Needed, but not deployed" updates show these updates (for example, IE10). I want a way of filtering these out so we don't accidentally deploy them.

    I tried doing a search by adding the article IDs, but this doesn't work (as the attached screenshot shows).

    Maybe allow us to add a custom category for individual updates (such as "Do not deploy"), so we can then include these in our search.

    53 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  6 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Allow Automatic Deployment Rules to create a new package each time it runs

    Allow an ADR to create a new deployment package each time it runs to prevent packages from becoming too large.

    53 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    8 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Request full control over allow/disallow force closing of Office 365 apps when installing updates instead of force closing Office apps

    In ConfigMgr 1610 Update Rollup 1 provided the change so Office 365 Updates did not force close any office applications when Office 365 patches were installed through ConfigMgr Software Center.
    https://docs.microsoft.com/en-us/sccm/sum/deploy-use/manage-office-365-proplus-updates#restart-behavior-and-client-notifications-for-office-365-updates

    With ConfigMgr 1706 we require the option to disallow force closing of office 365 applications when patches are installed through the ConfigMgr Software Center.

    52 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    planned  ·  2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Office 365 ProPlus Build Rollback

    Love the integration with Office 365. Can we add the ability to rollback to a previous build and disable the automatic update? The use case here is, if a build is tested and deployed because no issues were detected and if an issue is discovered, there is no easy way to rollback to the previous build. Having such ability would empower administrators to quickly react.

    51 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. SCCM ability to change office 365 channel like in GPO Settings

    Would like to be able to change O365 Channels for Clients in SCCM,
    Like you can in GPO... currently GPO wont honor the channel I want because SCCM is managing the O365 Client.

    50 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    under review  ·  8 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Create a feature like the WSUS Selfupdate feature for updating WUA

    Hi all,

    with the older WSUS versions we had the selfupdate mechanism that kept the client WUA version up to date, before attempting any scan.

    This has since been deprecated, because WUA started to be patched outside of the updates for WSUS itself (like KB2938066).

    This has lead to a lot of enterprise environments having different and very old WUA versions among the install base.

    In order to address this problem at the moment, the ConfigMgr admins have to use a method like the one below:
    https://cloudblogs.microsoft.com/enterprisemobility/2014/07/14/how-to-install-the-windows-update-agent-on-client-computers/

    This is an overhead for any admins and should be easier.

    It wouldā€¦

    49 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Change the default timeout for feature updates, when feature updates timeout they should fail and stop.

    The feature updates in our environment always time out on the older machines with mechanical drives as they are slow to update. It would be helpful if the timeout was set to a lot more than 1 hour by default. Secondly when it does time out it would be helpful if it failed the deployment instead of sitting in software center saying it's installing indefinitely. The only way I've been able to do this is to delete the client from SCCM and re-install the agent on the client machine. Distribution of feature updates through SCCM needs a lot of work.

    45 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Randomize Maintenance Window Start Time

    Currently, randomization only applies to deadlines and does not take maintenance windows into account. If you have a heavily virtualized environment with shared storage and want to use maintenance windows there is no good way to prevent a resource storm at the start of the maintenance windows. The only way is to break up the devices into several collections with staggered maintenance windows. This is cumbersome to maintain at a level that would provide the desired granularity.

    Ideally there would be an option to randomize the maintenance window start time. Bonus points to making that randomization configurable.

    45 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base