Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Create a copy/duplicate of an ADR

    It would be useful to be able to create a duplicate or copy of an ADR in the same way we can with a task sequence or collection. I understand the concept of creating templates but in the circumstance where you don't create a template (for whatever reason) you have to step through each option again and do a manual comparison with an existing ADR.
    Even if it fired up the wizard with pre-made selections that would be useful.

    32 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Better default Products/Languages selections when adding a new SUP

    Please provide more meaningful default products/language selections when you add a new SUP.

    Now there are selected by default products that are not supported by Microsoft/ConfigMgr (e.g. Windows XP, Windows Vista, Office 2002/XP).

    Personally, there shouldn't be any products selected if you cannot provide the current (= at the time when ConfigMgr CB version was releeased) metadata information.

    I don't know if there is ANY customer in the world, who would like to have all the languages that are selected by default. Only English should be selected as default.

    32 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Full Implementation of OpsMgr /SCOM Maintenance Mode

    The functionality of "Disable Operations Manager alerts while software updates run" is not as nice, as it should be - because ist not a real maintenance from a OpsMgr view.

    30 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Include orchestration of software updates especially for tiered solutions

    Today it's only possible to orchestrate software updating based on a membership in collections.
    This is however rarely enough for more complex setups where you might have back-, middle-, and front tiers in your setup.

    Therefore I recommend adding a dependency system between computer objects, so that you can orchestrate at least the following:
    1) Which tier of servers are patched first, second and third etc.
    2) Reboot order between the different tiers which includes an accept of one tier being fully patched and rebooted before the next tier is begun updating.
    3) Ability to choose between warning or rollbackā€¦

    30 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Express installation for Windows Server 2016

    Any plan on adding Express installation files for Windows Server 2016 updates?

    29 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Add MSP as an Application type/detect presence of application type

    I would love to be able to push MSP's as an "application" but it only detects MSI's when going through the setup. It would be awesome to be able to use MSP's in the same manner as MSI's in the UI (detect presence of the MSP, etc.).

    29 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Office 365 Required Deployments on 1706

    Prompt for required deployments O365 deployments in 1706.

    When running a deployment that is available from Software Center we get the new prompt as expected. If the deployment is required and the deadline hits Office and Skype are closed without warning and the update is started.

    Either revert to the old reboot required method for at deadline installs or add a prompt that Office applications are about to close when the deadline reached.

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Do not run Server Group's node drain scripts when installing definition updates

    If you define a server group and use Windows Defender you might want to update those definitions as early as possible.

    Currently, those definition updates trigger the node drain and resume skripts, which can lead to service downtime.
    Additionally, the updates can only be installed during maintenance windows.

    I want you to
    a) add an option in deployment in software update groups to always ignore maintenance windows
    b) add an option in deployment in software update groups to ignore server group settings

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Windows 10 Servicing Mode and ADR settings

    Since updating to SCM 1511 the new Windows 10 Servicing mode has no option to 'add to an existing Software Update Group'.
    Also the Automatic Deployment Rule properties tabs do not exist altogether as they did pre SCCM 1511. Yet they all exist for the Windows 10 Servicing Mode.

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Fix the Express Installer files download option in SUP configuration.

    Fix SCCM/WSUS so that if you change the SUP configuration "Update files" tab options from "Download both full files and Express Installer files for Windows 10" back to "Download full files for all approved updates" that Express installer files no longer get downloaded. It makes huge update packages that are not needed if you are not or cannot using Express Installers.

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Fix the location of the Patchdownloader.log file

    That's 'fix' as in 'nail in the same place'. Who's forever getting frustrated at remembering where patch downloads get logged to depending on which user/process initiates the downloads? Can the Patchdownloader.log file not be always logged to the site server Logs folder? Not fussed if the solution has to create multiple log file, I would just like to know that I can go the the same place directly every time and there it is!

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Show Deployment Package for Software Update

    Would be great to have a tab on the properties of each Software Update that shows what Deployment Package(s) the update is included in. You can see what updates are in a Deployment Package, but not what Deployment Packages an updates are in.

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Provide a consistent deployment strategy for updating MS applications

    Different products teams decide how they will deploy there updates and various methods are needed to control deployments.
    Example: MS 365 Apps, Edge, AIP are available as software updates which is very good. OneDrive they ask you to go out to this site and check when the update will be available to the enterprise ring. https://support.microsoft.com/en-us/office/onedrive-release-notes-845dcf18-f921-435e-bf28-4e24b95e5fc0?ui=en-us&rs=en-us&ad=us. You then have to download it and deploy it before the date to stop it from pulling down from the internet. Teams no way to control it and no idea when it will update. PowerBi have to go out download and deploy it.ā€¦

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Automatically add products to WSUS syncs based on SCCM inventory

    Currently, you need to 'know what you have' to enable update syncs for products in WSUS/SCCM. That means that components could be present and not updated, but systems appear to be '100% up-to-date'. It would be nice to have an option to allow SCCM to add software categories to look for based on inventory results (e.g. 'someone installed SQL Server 2014, so WSUS should now look for updates for it').

    26 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Windows 10 Servicing - Usage & Ring Tiles Should Produce List of PCs When Clicked

    When you view the new Windows 10 Servicing dashboard in 1511/1602, you see these awesome graphical tiles that give you a snapshot of your Windows 10 usage and rings in your organization. However, when you hover your mouse over those two tiles and click, nothing happens other than you're presented with a percentage. It would be great if the area you select and click gives you a list of PCs broken down so you see what machines fall into what bucket. Very useful for troubleshooting too.

    26 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Third Party Updates Bios Password save location

    We use a bios password (requirement from our Security admin) which means that Third Party Updates for Dell fail because it can't access the Bios to update. The ability to save a Bios Password somewhere in SCCM TPU's area to be supplied to the TPU process when required. Not sure how complicated this is or how it could be done, but currently the bios update option doesn't seem possible using TPU if you have a Bios password. Yes, I realize I can use CCTK to create a manual deployment but obviously TPU is much simpler. I have verified that onceā€¦

    26 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Ability to deploy ARM64 Hardware drivers and Firmware with SCCM WSUS

    With all ARM64 firmware and driver updates only available from WU and no OEMs offering direct downloads; please provide the ability for WSUS to import ARM64 firmware and drivers. Many enterprise companies cannot use Intune to manage as it disconnects reporting and ease of deployment managment from SCCM. Please include all OEM ARM64 not just Surface Pro X.

    26 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Control Windows 10 driver auto-update

    With Windows 10, the system's drivers are updated directly from Windows Update. This is usually a good thing because it means the system will have the latest WHQL drivers installed. It also means the system administrator needs to maintain less driver packs for individual models (at least for corporate / enterprise computer models).

    However, it sometimes happen that an updated driver will have a MSI co-installer that will run outside the scope of the SCCM client and might run concurrently with an application or package installation step from a task sequence. It will cause the installation to fail and maybeā€¦

    25 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Show Patch/Software Update Size

    When building software update packages in SCCM we run into having to build a deployment package to see what size the updates are. The issue we are having is managing the size of these packages which are frequently getting into the multiple GB range. One we ran recently hit almost 6 GB.

    This information is on the Windows Update Catalog site, but it doesn't appear to be in SCCM or WSUS. I'm guessing that it isn't in the data that is available to WSUS and as a result SCCM doesn't get it either. It would be very useful if weā€¦

    24 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Manage PKI Certificate for 3rd Party Update Signing in ConfigMgr

    Include directly in ConfigMgr the ability to manage a PKI certificate for 3rd party software update signing as opposed to requiring SCUP.

    With the functionality for 3rd party software updates moving from SCUP into ConfigMgr it would make sense (and this may already be in progress) to include the ability to manage a PKI certificate in ConfigMgr as well. Currently if you want to sign 3rd party software updates with a PKI certificate you are required to manage that certification using SCUP which means you might as well just keep using SCUP to publish the updates.

    24 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base