Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow single systems to exclude single patches from an update group.

    We would like the capability to exclude a single patch from a specific computer. Right now, we have to exclude a server from all patches, manually patch it, or create a totally new deployment because a 3rd party vendor requires patch exclusions for their product to function. It would be a whole lot easier if there was a way to exclude a group of specific patches from singular systems or collections.

    18 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Monitor Software Update Installation in Real Time using a Dashboard or SCCM Admin Website

    When deploying Software Updates to your server farm, it would be great to have a centralized Dashboard or Web Interface that provides you real time statistics of the patch installation process. This would give you the ability to immediately see if a patch failed to install or a client failed to install a patch or, in the case of a few updates, that a reboot is required to the remaining patches can be installed. I know its kind of getting greedy but if this dashboard existed, and you could right click on a server and launch a remote version ofā€¦

    18 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Enable partial patching if maintenance window isn't big enough

    SCCM seems to calaulate the total time for an update group and then look for a maintenance window big enough to apply all the updates. I'd like to see SCCM apply as many patches as it can during a maintenance window.

    18 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Software Update Filter based on Architecture x64 / x86

    Please add a possibilty to filter Software Updates based on the Architecture. (32Bit or 64Bit)

    17 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Orchestration Groups Microsoft Endpoint Congfiguration Manager 1910

    I know in SCCM Tech Preview 1909, they talked about Orchestration Groups for servers. Why wasn't this feature added in to the new Microsoft Endpoint Configuration Manager 1910? Will this be added in the next iteration? From reading this would be a good feature to have, when it comes to installing updates on cluster servers.

    17 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. retry failed software updates

    This could be a config thing and if it is I'm sorry, I cannot find where.

    Last month I grabbed all updates that have a required > 1 and deployed them (to test first of course). Now, several days (and more accurately, several maintenance windows) after they were deployed I have some updates that in the console show in monitoring\deployments\my deployment\error tab and on the client show as "past due - will be installed". The only way I know to fix these is to manually log into each server, possibly reboot them, then manually click on the retry button forā€¦

    17 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Maintenance Window Blackout

    In some certain scenarios, it would benefit to have the ability to Blackout Existing Maintenance Windows (universal) for a specifc date or range of days.

    e.g. systems maintenance or migration in progress for three days, I don't want those systems to be touched by deployments or software updates as to not cause disruption. Or in a case where its a holiday week and high volume of sales so would like to "pause" any automated actions that could cause reboots within a specified date(s)/time(s).

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Add an entry to Audit Status Messages when an ADR is manually ran

    Currently the only way to tell who manually initiated an ADR is to check the SMSProv.log. However, since this log is recreated so frequently it's easy to lose this record. Due to the impact that a rogue ADR can have on an environment, a more reliable way of auditing ADR's that were manually initiated should be added. First idea that comes to mind is creating an Audit Status Message.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Track when a Software Update is added to a Software Update Group or Deployment

    Currently, there is no way to actually know when an update was deployed. Some/many organizations use new software update groups every month and this seemingly addresses this request; however, using new update groups every month creates clutter and is really unnecessary. It also doesn't truly address the need to track when an update was deployed because the membership of an update group can be changed after it is deployed. Having this tracking addresses this single shortfall in reusing update groups.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Add SharePoint Patching process built-into SCCM

    Out of box process for patching SharePoint should be available in SCCM. If its a pre-built task sequence, or SCCM detects the roles installed on each server and knows how to patch those components. This primarily relates to security patching, but the process should be much easier.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Ability to modify user notifications to include expected update duration

    In SCCM, administrators should have the ability to modify the text in notification balloons that currently states:

    Software changes are required
    Your IT Department requires changes to the software on your computer. Click here for options

    Users are not given the information needed (ie. how long will it take) to make the decision when to start the update.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Targeted Software Update Sync of Specific Products

    As we are testing new third party update, I find myself doing a lot more manual SUP syncs. It would be excellent if I could do a custom, one off sync of specific Products or Vendors or something along those lines.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Install everything when no user logged in ( Ignore Maintanance window) for workstations

    Currently ,to install deployments, we need to depend on maintenance window . I would like to see option to install deployment (applications ,deployments,task sequence etc) when no user logged in (ignore maintenance window if it has any) for workstations .
    There are lot of cases that, users will not be connected devices to network when the maintenance window is configured that delay the deployments. If we have this option enabled ,we can easily achieve deployments when user not logged in but device connected to network.

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. SUP - Set IIS Private Memory Limit

    When installing the SUP role - increase the IIS Application Pool private memory limit to 4000000 like mentioned in https://blogs.technet.microsoft.com/configurationmgr/2015/03/23/configmgr-2012-support-tip-wsus-sync-fails-with-http-503-errors/

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Ability to set a site-wide default Maximum Run time

    I see that there is another similar post about this but rather than MS just simply increasing the default max run time for CU's, why not give admins the ability to set the default Max Run Time centrally?

    The amount of time a patch takes to install is going to vary based on the type of hardware being used. Where one company might have hardware that can do it in 30mins, others might need more like 45 mins.

    It makes more sense for a setting like this to be managed centrally by admins.

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Update Servicing Message Windows 10 Feature Update 1607

    "When you install a new operating system, all the existing data on your computer will be removed." This message confuses the user.

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. O365 express update download support in SCCM

    We have got the capability of managing O365 patch deployments from SCCM, but there is no support to download only the differential updates like it does when we do it from CDN.
    Because, usually the size of O365 patches would be in GBs.

    This will help many organizations to choose SCCM toolset in O365 patch management.

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Log which user initiated software updates

    In a multi-administrator environment, it's often useful to check which user initiated the installation of the software updates.

    Now all we have is: 'InstallUpdates Initiated by user'.
    We don't really know which user initiated those updates.

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Control when expired software updates force a package and content refresh

    When you have a large SCCM environment (100+ DP's), if a software update expires it forces a software update package to update immediately and refreshes content across all DP's with that content. This causes network resource issues if the package is quite large, so there needs to be greater control over when the expired update kicks off a package clean up and content refresh. Currently there is a hard-coded 3 hour period between checks, this should be controllable to be able to run more or less often, or at specific times once or twice a day.

    14 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Give more granular control over the 2 hour SUP failover timeout

    Currently, failover from one SUP to another SUP is always at least 2 hours. Even with the new Boundary Group design, with controllable failovers - the minimum is still 2 hours. Allow admins to control that minimum, and set it smaller than 2 hours.

    14 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    under review  ·  1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base