Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, seeĀ https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Configuration Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinkingā€¦)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add MSP as an Application type/detect presence of application type

    I would love to be able to push MSP's as an "application" but it only detects MSI's when going through the setup. It would be awesome to be able to use MSP's in the same manner as MSI's in the UI (detect presence of the MSP, etc.).

    18 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Track when a Software Update is added to a Software Update Group or Deployment

    Currently, there is no way to actually know when an update was deployed. Some/many organizations use new software update groups every month and this seemingly addresses this request; however, using new update groups every month creates clutter and is really unnecessary. It also doesn't truly address the need to track when an update was deployed because the membership of an update group can be changed after it is deployed. Having this tracking addresses this single shortfall in reusing update groups.

    17 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. SUP - Set IIS Private Memory Limit

    When installing the SUP role - increase the IIS Application Pool private memory limit to 4000000 like mentioned in https://blogs.technet.microsoft.com/configurationmgr/2015/03/23/configmgr-2012-support-tip-wsus-sync-fails-with-http-503-errors/

    17 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. retry failed software updates

    This could be a config thing and if it is I'm sorry, I cannot find where.

    Last month I grabbed all updates that have a required > 1 and deployed them (to test first of course). Now, several days (and more accurately, several maintenance windows) after they were deployed I have some updates that in the console show in monitoring\deployments\my deployment\error tab and on the client show as "past due - will be installed". The only way I know to fix these is to manually log into each server, possibly reboot them, then manually click on the retry button forā€¦

    17 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Ability to set a site-wide default Maximum Run time

    I see that there is another similar post about this but rather than MS just simply increasing the default max run time for CU's, why not give admins the ability to set the default Max Run Time centrally?

    The amount of time a patch takes to install is going to vary based on the type of hardware being used. Where one company might have hardware that can do it in 30mins, others might need more like 45 mins.

    It makes more sense for a setting like this to be managed centrally by admins.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Do not run Server Group's node drain scripts when installing definition updates

    If you define a server group and use Windows Defender you might want to update those definitions as early as possible.

    Currently, those definition updates trigger the node drain and resume skripts, which can lead to service downtime.
    Additionally, the updates can only be installed during maintenance windows.

    I want you to
    a) add an option in deployment in software update groups to always ignore maintenance windows
    b) add an option in deployment in software update groups to ignore server group settings

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Ability to modify user notifications to include expected update duration

    In SCCM, administrators should have the ability to modify the text in notification balloons that currently states:

    Software changes are required
    Your IT Department requires changes to the software on your computer. Click here for options

    Users are not given the information needed (ie. how long will it take) to make the decision when to start the update.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Install everything when no user logged in ( Ignore Maintanance window) for workstations

    Currently ,to install deployments, we need to depend on maintenance window . I would like to see option to install deployment (applications ,deployments,task sequence etc) when no user logged in (ignore maintenance window if it has any) for workstations .
    There are lot of cases that, users will not be connected devices to network when the maintenance window is configured that delay the deployments. If we have this option enabled ,we can easily achieve deployments when user not logged in but device connected to network.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Update Servicing Message Windows 10 Feature Update 1607

    "When you install a new operating system, all the existing data on your computer will be removed." This message confuses the user.

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. O365 express update download support in SCCM

    We have got the capability of managing O365 patch deployments from SCCM, but there is no support to download only the differential updates like it does when we do it from CDN.
    Because, usually the size of O365 patches would be in GBs.

    This will help many organizations to choose SCCM toolset in O365 patch management.

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Allow WSUS servers to download updates only on HTTPS

    Currently, the WSUS servers connect to the URLs (both HTTP and HTTPS) to download the updates, as mentioned in this link: https://docs.microsoft.com/en-us/sccm/sum/plan-design/plan-for-software-updates#BKMK_ConfigureFirewalls

    This means allowing HTTP traffic to come down to internal servers (by creating exceptions in the proxy settings), causing serious audit failures and security concerns.

    Also, a lot of proxy solutions also have a capability to block the content from whitelisted HTTP URLs if the file size is too large, thinking that it might be malicious content. This again causes problems when Windows 10 Feature and Express Updates are downloaded!

    Hence, it would be great to publish allā€¦

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Software Updates Required View Status

    Software Updates Required View Status

    Can we get an option to view status like in deployment status to view machines that are required and installed? We have no idea what does machines are.

    Thanks.

    14 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Software Update Filter based on Architecture x64 / x86

    Please add a possibilty to filter Software Updates based on the Architecture. (32Bit or 64Bit)

    14 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Show Patch/Software Update Size

    When building software update packages in SCCM we run into having to build a deployment package to see what size the updates are. The issue we are having is managing the size of these packages which are frequently getting into the multiple GB range. One we ran recently hit almost 6 GB.

    This information is on the Windows Update Catalog site, but it doesn't appear to be in SCCM or WSUS. I'm guessing that it isn't in the data that is available to WSUS and as a result SCCM doesn't get it either. It would be very useful if weā€¦

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Show The Chain of Expired/Superseded Updates in the Console

    When I search for a KB in the SCCM Console, there should be a tab, likely at the bottom pane of the console (e.g. a part of Summary, Deployment, Phased Deployments), that shows what updates a given KB superseded or what has superseded that KB. This is better than having to go to search this out on the web.

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Add deployment setting-Allow enforcement outside of maintenance window for deferred update (updates that have missed one maintenance window)

    There are many benefits to having one deployment for all of our workstations. We have an ADR that approves our patches and deploys them to a singular collection. Our update schedule is segmented so that not all locations go at once. Since we only have one deployment, this assignment is carried through by maintenance windows. We would love a setting that allows the workstations to wait for their maintenance window after our approval, but as soon as it has missed one window "and is now a deferred update" then enforce outside of maint. windows. We know we could go backā€¦

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Service Plans - define search for feature updates to save disk space

    At the moment when creating a service plan in SCCM e.g. for Windows 10 Fall Creators Update (1709) there are several versions downloaded. Like the x86, x64, consumer and business files. So if you need the update only for Win 10 x64 Enterprise EN, you will still get all 4 versions: the x86, x64, consumer updates (Win 10 Home) and business updates. That results in pretty much wasted disk space which would not be necessary since the x64 business files would suffice.

    It would be great if we can define the search better so you can choose what files willā€¦

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Add 'OS Build' Column in Updateinfo for each update

    The UBR is also used to identify a machine is complaint to cumulative monthly patch or not.

    Now that we have OS build (Buildext or UBR) info add to V_R_System via DDR, it would be great if the same UBR or OS Build is added to each update in V_Updateinfo table in SCCM Database
    when the new updates released by Microsoft on MSPD, so that the win 10 compliance reporting would be much simpler.

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Re-run failed Automatic Deployment Rule (ADR)

    Sometimes (one time per week) we have a failed automatic deployment rule (ADR).

    Error Code:
    SMS_RULE_ENGINE
    Message ID: 8706
    Decription:
    Content download failed.
    Message: Failed to download one or more content files.
    Source: SMS Rule Engine.

    Most of the time it is the one of the Windows Defender Definition updates. If I Re-run (Run Now) the ADR it works perfectly. Maybe there is not enough time between sync sup and run ADR. I don't know. After I click "Run Now" it's always success.

    It would be great if you can add an option "Re-run failed ADR, after X minutes, tryā€¦

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Bitlocker aware updating - Suspend bitlocker automatically

    Now that Surface drivers and firmware are available to download as software updates it would be great to be able to deploy them without worrying about Bitlocker and having our users locked out.

    So far it seems that we have to do a lot of testing to see whether or not a driver or firmware will lockout bitlocker, and then give up and deploy them using a TS, so we can suspend Bitlocker, update, reboot and reenabled bitlocker.

    Could all drivers/firmware from the Surface update category automatically have bitlocker suspended when deployed as an update? or give us a tickā€¦

    13 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base