Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. compliance badge for client

    When a user wants to know if their PC is 'compliant' then the Software Center 'compliance' tab confusingly doesn't relate to their actual compliance with software updates, its for an unused conditional access feature (or am I wrong and the only one confused by this.) users go to the compliance tab and think they are up to date. how can users know if they are patch 'compliant/?

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Bigger fonts in compliance / remediation scripting window

    When writing scripts for compliance/remediation rules, the font size is tiny, with no way to adjust it. This makes finding critical marks such as closed quotes, very difficult. I realize copy and paste is available, but for quick one or two line powershell scripts, I really should be able to see what I am doing-- or at least have an option to resize the font.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Support Enabling Credential Guard via Compliance Settings

    Need to be able to enable/configure Credential Guard via Compliance Settings with per-collection deployments. Need to get compliance data reported back.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Terms and Conditions - Down to the PC

    We would like for users to have to agree to terms and conditions to use any of our domain machines, not just Intune machines. If the SCCM client could handle terms and conditions at the PC that would be great.

    Something that checked to see if they had previously agreed. If not show the terms and conditions and agree button or log off button.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Allow folders under Global Conditions

    Allow folders to be created under Global Conditions to allow for better organization with in the console.

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Fiding it difficult to find documentation on how to setup UE-V with SCCM and Windows 10, config item and baselines

    I cant find the documentation on how to configure UE-V, Config item and Baselines with Windows 10 and SCCM. It all seems a bit fragmented. most of it relates to Windows 7.

    1607-1 has the EU-V client build in and some templates on the clients but how do I set this up without using any group policies to set the template paths, and how do Baselines work.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Allow upload of powershell scripts (not just the script block) as detection methods or Configuration Item scripts

    If we have AllSigned selected as a powershell execution policy either as a global gpo or via the client, any script blocks that are written for detection methods on applications or discovery/remediation for config items will fail since they "aren't signed". Organizations where execution policies are scoped as such aren't able to use these features when the configmgr client downloads the scripts to the staging area and scrambles the script name.

    0 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Create and deploy Wi-Fi profiles with a password

    Is it possible already to create and deploy Wi-Fi profiles with a password option? Without a password it seems not logical to me? Many customers are requesting this functionality for Windows 10 devices (during and after OS deployment)

    /Henk

    11 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Make Configuration Item SETTINGS searchable from within the console

    If you leverage the Microsoft Security Compliance Manager to import CI's based on GPO's, you end up with a lot of CI's labeled like:

    Win10 Computer Security - Remote Access
    Win10 Computer Security - Network Protection
    Win10 Computer Security - Event Logging

    Inside that are the actual settings that have been grouped together. It would be nice to make those settings themselves searchable (maybe the Name and Description fields?).

    This would allow you to possibly search for and see where the same setting is being applied in multiple CI's. Or at a minimum, try and find the CI where youā€¦

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Bind Compliance Settings to A Boundary Group

    Now that CM caches boundary groups it would be good to be able to define some compliance settings / policy settings against a boundary group and to be able to apply these just as the cached boundary group data is updated.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. CIs for Mac OSX

    Provide an easy mechanism to manage configuration items for Mac OSX without the need to create shell scripts for user or system preferences. Such as the ability to configure settings for device encryption, disabling USB, setting background images, browser home page, etc. etc. etc.

    10 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Run program from a package as a remediation step.

    Today you have to ability to run JScript, Windows PowerShell or VBscript scripts to remediate condition on Clients in ConfigMgr. But sometimes runing a program from a package would also be a very useful. Example, run a reboot program like the Cortech Shutdown tool if computer/server is non-compliant.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. List all CIs in a category regardless of folder

    We use folders to organize Configuration Items (Applications, Task Sequences, etc.) however there is no place to view all the CIs in a category. You have to click on each individual folder to view those CIs. For example, it would be nice to select Applications and see all of your Apps listed there instead of having to select each folder to view Status or check for duplicates. Each folder should do the same for its sub-folders. Having a column that shows which folder/sub-folder the CI is in would be helpful as well.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. DCM - Expand the Compliance Rules so that they can return Values

    Expand the capabilities of the Compliance rules so that I can collect the Registry Value optionally.

    Itā€™s great that we can tell if systems are compliant, but often we are Auditing Registry values and handing the data over to Security or other groups. Those other groups determine if the setting is compliant or not.

    Simply handing over a report that lists 10s of thousands of systems as not compliant is not enough...the next question that we are often asked is what are the Non-Compliant values.

    An additional check box to "Collect Values" would be very helpful and reduce allot ofā€¦

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  2 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. compliance items, add deployment tab to bottom pane

    on the compliance item, add deployments tab with the capability of creating collection from the compliance item. You can do it on the compliance baseline but that is not sufficient as a baseline may have more than 1 CI so your target collection MAY have a mix of issues. OR just make it where you can deploy a CI in addition to baseline with same capabilities

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. DCM to check for audit settings

    Configuration Management needs the ability to check for Audit settings on a folder, much like it checks security settings.

    I know it can be done in powershell, but thats a very long and nasty road.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Allow use of Global Conditions in Configuration Items

    When you create a configuration item you can select "Supported Platforms" but why not also allow the use of "Global Conditions" so we can further restrict how the rule would be appeared?

    An example, I need to test for a hotfix being present on Windows 7 x86 & x64 machines but only need the update on laptops.

    0 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Conditional Access based on the latest Windows 10 build

    You should be able to create a conditional access rule that only the computers with the latest Windows 10 build can access corporate resources.

    The latest version is required because it might introduce new security features or some other functionality.

    0 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
1 2 3 5 Next →
  • Don't see your idea?

Feedback and Knowledge Base