Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Randomize Maintenance Window Start Time

    Currently, randomization only applies to deadlines and does not take maintenance windows into account. If you have a heavily virtualized environment with shared storage and want to use maintenance windows there is no good way to prevent a resource storm at the start of the maintenance windows. The only way is to break up the devices into several collections with staggered maintenance windows. This is cumbersome to maintain at a level that would provide the desired granularity.

    Ideally there would be an option to randomize the maintenance window start time. Bonus points to making that randomization configurable.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  2. Calculate ADR Deployment Schedule from ADR start time

    The deployments created by ADR's base the available and deadline specific times on the point at which the new deployments get created and not when the ADR was started. This means we have to go and change the available and deadline times each time after the ADR's run.
    i.e. ADR starts at 8am, deployment gets created at 8.30 by the currently running ADR, Deployment available and deadline specific times on the ADR deployment will be based off 8.30 instead of 8am.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  3. When required updates are delivered, popup the "Required software changes..." dialog window

    When required updates are delivered, popup the "Required software changes..." dialog window. The current 5 second toast notification and small taskbar icon don't do much to alert the user. This would greatly increase the # users that install and reboot before the deadline. Currently a vast majority get installed automatically at the deadline. It's a likely reason companies have a difficult time requiring a reboot. The "Required software changes..." dialog window provides the date and time it will automatically install and allows them to install now. You can only communicate out so much to the users, so these dialog windows…

    46 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  4. Change the default timeout for feature updates, when feature updates timeout they should fail and stop.

    The feature updates in our environment always time out on the older machines with mechanical drives as they are slow to update. It would be helpful if the timeout was set to a lot more than 1 hour by default. Secondly when it does time out it would be helpful if it failed the deployment instead of sitting in software center saying it's installing indefinitely. The only way I've been able to do this is to delete the client from SCCM and re-install the agent on the client machine. Distribution of feature updates through SCCM needs a lot of work.

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  5. Download Office 365 Updates from a connection point

    Need the ability to pull Office 365 Updates from a server that is not the primary site server. This would be similar to the CMG connection point or Service connection point.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  6. Install and Configure WSUS As Part of SUP Role Creation

    WSUS is a well-known pre-requisite for the Software Update Point role yet the user is entirely left to their own devices to install and configure it. The default WSUS installation options are widely regarded as non-optimal. Further, there is plenty of precedent for ConfigMgr installing OS roles.

    I would like to see the WSUS OS role be installed and configured as part of the SUP role installation. Where necessary, the wizard can suggest better configuration options than WSUS’s defaults. I’m certain the community will come up with more ideas than this but here’s a few I can think of, some…

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  7. Improve the ADR engine

    Improve the ADR engine


    • Automate the cleanup of the previous software update groups created by the rules, i.e. before creating a new SUG it will check for older SUG members and based on criteria automatically manage updates that are member of a specific SUG. If updates are published or revised in 2016 then move the updates to our 2016 SUG, or previous month etc. Or, if they are superseeded or expired then remove the updates from the SUG...


    • Allow to name the deployment create by the ADR, this will be useful for reporting purpose if you have more than one…

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  5 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  8. Show which clients require a specifc update

    There should be an easy way to see which clients have been are included in each status (Required/Installed/NotRequired/Unknown), directly from the software updates list. It already shows for each update a count of how many are in each state, but the only way to get a detailed list of which clients require a specific update is through running a report, which seems rather cumbersome.

    It should be as simple as right clicking on a specific update and selecting "Update evaluation status" or such to get to this info.

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  9. All Software Update Statistics

    When looking at an update either through All Software Updates or a SUG please make the statics node clickable. It would be beneficial from that node to be able to click on "required" or "unknown" to see the specific list of machines, similar how you can see the stats when looking at a deployment. Currently only real way to look up the stat is to write down the KB and then head over to monitoring and start running reports on the KBs.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  10. Please forward internal links for Features on Demand and languagepacks to WSUS

    On Windows 10 i can download and change the user language, but as SCCM-Client i use WSUS for Software updates. Windows 10 can't connect to Windows Update or WSUS to download LP's or Features. But both is in WSUS available. Only a Workaround (disable or remove the UseWSUSServer = 1 DWORD in Registry) make thr download available for a short time

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add functionality to run scripts before and after software updates install

    We need to be able to run either a VB or Powershell script before and after software updates install. Our example is so that we can put our monitoring system in outage mode and send emails to the support teams.

    The 'Server Groups' pre-release feature has something similar, but does not currently work (it crashes Software Center when it runs).

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  12. Install Updates and reboot immediately if no-one is logged on

    Install Updates and reboot immediately if no-one is logged on

    In our environment users log off at night and leave at ctrl-alt-del. The PCs sit idle overnight. It would be nice if the system would recognize that no-one was logged on and take action immediately on its own and not wait for the deadline.

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow editing and expiration of Third-Party Software Updates

    Please add full functionality of SCUP to the Third-Party Software Update feature. Adobe Acrobat catalogs don't expire older updates and don't include supersedence information. I normally added supersedence settings through SCUP to mitigate this. Without the ability to edit this information or to expire old updates manually, deploying Acrobat updates becomes unwieldy. Unexpired updates that are not superseded will likely bloat and fill up the data shares. If you can publish it, you should be able to expire it.

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  14. Software Update Management - Add Approved for Removal Option

    WSUS offers the option to remove software updates by simply adding the "approved for removal" flag to an update.
    Currently in SCCM the uninstallation of an update can only be realised in a very complicated manner (TS or software application).

    We need the "approved for removal" option via the config manager console.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  15. SCUP has a package limit of 2GB

    SCUP has a package limit of 2GB built into the code:

    newItem.FileSize = Convert.ToInt32(new FileInfo(validPackageSource).Length);
    --- This is an Int32, and the max size of an Int32 is 2GB.

    This should be changed to either UINT or ULONG to allow for larger update packages.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add 'Next Run Time' Column in the Automatic Deployment Rules

    In the Automatic Deployment Rules window, it would be helpful to see the next scheduled time the ADR is supposed to run. If it doesn't have one, then the cell would be blank.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  17. Identify missing patches direct from Microsoft Update

    Unless you select all products and classifications in your configuration of Software Updates, it's possible you have computers on your network which require updates to Microsoft products but you'll never know about them.
    Can ConfigMgr add a feature to alert you if you have clients that require updates which are not enabled in your software update configuration?
    Otherwise you could be potentially leaving a big hole in your endpoint security.
    Maybe this could be added as a management insight, or a report?

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  18. Pre and Post actions during patching

    We have a need to run a scripted action [i.e. Ability to run one or more .ps1 Powershell scripts/vbscripts/batch files/cmd files] both before patching and after patching on specific machines that receive a SUG deployment.

    These actions can be for a variety of reasons:

    • Reboots before patching
    • Stopping services or other applications processes
    • Read server state and making sure it is set correctly after patching is finished

    Currently we reboot 90% of our fleet before running patching to make sure system memory (we check memory?) etc. are clean, to allow the best possible patching result.
    We have…

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add Office 365 Deferred Channel selection to Automatic Deployment Rules (ADR)

    Since the deferred channel consists of multiple versions it would be great to select from those deferred channels as well. Customers that roll out on this channel only usually still have some kind of waves implemented regarding the different versions available on that channel. The name of the updates can only be filtered so much (see screenshot) before it becomes impossible to filter any further. Currently they need to change the version number every time within the ADR.

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add Boundary Group Selection to SUP Creation Process

    It has become a semi-regular occurrence in the various communities that someone has created a new environment or rebuilt their SUPs and suddenly none of their clients updates are managed by ConfigMgr and they're getting updates direct from Microsoft.

    Often the root cause is that they did not add the new SUP to any boundary groups. It's an additional step that users just need to kinda of magically know ahead of time to do. Which is to say people aren't going to know and find out the hard way.

    Let's solve this somehow. For me, making boundary group selection part…

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base