Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the ? button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Configuration Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Report on Local Admin Permissions

    For many years now Microsoft has strongly recommended that Local Admin Rights be removed. Would it be possible to have SCCM report on the contents of the Local Administrators group? Also, could we maybe have a wizard under Compliance Settings to configure these settings. I know Sherry Kissenger from MNSCUG has done a lot of work with this. Maybe the product team could pattern the solution after her work.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  2. devices compliance status on SUG - drill into non-compliant list/collection/query

    on the software update dashboard I want to monitor and pursue the non-compliant machines - I cannot see a way, as in other pie charts and other graphs in the various dashboards around the console, of drilling into the list of devices

    4 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  3. remember last registry location when creating CI

    When creating compliance settings for new applications I often like to grab settings from a known machine. It works well and pre-fills a lot of the rules for me, unlike manually entering the value.

    But I am fed up of having to re-navigate to the remote registry location I am grabbing these values from. Please please please can you get the console to remember the last registry location used when creating CIs?

    The same would be useful for file/folder paths too

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add option for various actions based off CI status

    Configuration items has statuses of compliant, non-compliant, unknown, and error. It would be a nice expansion of the compliance settings feature to be able to act upon the individual CI status and not the just add to a collection based off baseline compliance.

    Actions that would be of benefit are:
    Add to collection
    Install individual software update or software update group
    Install package
    Install application
    Run task sequence
    Run script

    11 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  5. Folder Redirection Improvements to Permit OneDrive

    Currently the folder redirection feature in SCCM doesn't take an environmental variable as a good path; it requires \\SERVER\SHARE.

    With OneDrive being common place in Office 365, please allow us to enter a command such as:

    %userprofile%\<SyncFolder>

    where Sync folder is the name of your organization's onedrive folder.

    as documented by the Office team.

    https://support.office.com/en-us/article/redirect-known-folders-to-onedrive-for-business-e1b3963c-7c6c-4694-9f2f-fb8005d9ef12

    So that we can use SCCM to manage this.

    Thanks! :)

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  6. Custom Client settings for Compliance Scheduling

    There is no option currently to create a custom client settings for Compliance Scheduling for specific Compliance Baseline deployment.

    It would be great if we get an option.

    3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  7. Improvements for Device Guard management

    1. Using the Microsoft knowledge base for Device Guard, I would like to create a new CI policy by using New-CIPolicy. Then, I want to merge it with the Configuration Manager Code Integrity policy (Merge-CIPolicy). This should be possible from the gui as well.
    2. Adding other trust rule methods via gui. (ie. PCACertificate, hash)
    3. Deploy device guard trusted installer policies via osd. This would allow policies to be active immediately after domain join and before any software is installed.
    4. This one is key but is heavily dependent on #2:
    a) Use case 1: An executive needs to…

    11 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  8. Manual Remediation Option for Configuration Baselines

    I think it would be beneficial if there was a manual remediation option in the Configuration Manager applet, to let users manually run remediation steps. I know a Non-Compliant collection could be created and a application/package pushed to it, but I'd like the option to manually run a remediation step for Non-Compliant computers.

    6 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  9. Fix powershell remediation script to pass failed value from detection script

    Have a failed compliance baseline pass the output of failed powershell script to remediation rather than the compliant value

    8 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  10. There should be an option to select existing packages other then PS,VBS & JS scripts for Compliance remediation.

    There should be an option to select existing packages/application other then PS,VBS & JS scripts for Compliance remediation. most orgs just miss out some pcs and compliance is mainly used by many company's to get the software installed to the missing ones.

    We can create a collection for non compliant systems and deploy app/package to them manually, but giving an option in remediation option will make it easy/simple and user-friendly.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  11. Populate OS versions for "Valid operating system builds" in compliance policies

    In the new condition "Valid operating system build" added to Windows 10 (w/o CM) compliance policies it would be very useful to have a drop down with build version numbers translated to meaningful names. Otherwise we have to go external and find a version list. Even better if it could be pulled from the CM DB for existing versions in the same way you can with collection queries.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  12. Declare the CI settings better for iOS Kiosk Mode

    When I setup a Kiosk Configuration item, the Wizard show me, that I Am able to configure the Touch Screen. When I set it to dsiabled, the Touch Screen is working, on Enabled the Touch screen is not working.
    Or if you check the attached picture, with the Current Settings, the Volume Buttons are disabled on the Device.
    This is very misleading and should be corrected!

    4 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  14. Configuration Baseline: To execute in user context

    Currently Compliance Baseline can only run in System Context but it can't run in user context. Can we please have this feature in Configuration Baseline?

    4 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  15. VLSC license counting and yearly even up

    A tool in Configuration Manager that will reconcile installed Microsoft products taken from inventory with what is licensed in VLSC to make the yearly even up process simple and accurate.

    4 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  16. remediation

    Allow remediation option in

    19 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  17. Non Compliance - Get Actual Value

    Hello,

    Can you add on the "Non-Compliant" tab the column "Actual Value"
    Because actually we need to click on each device to know this actual value ...

    3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  18. Global Conditions - Registry Value - you should be able to specify as Decimal or Hexadecimal

    Global Conditions - Registry Value - you should be able to specify as Decimal or Hexadecimal

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add Applications to compliance baselines

    I'd like to be able to report on compliance for Tier 1 apps using the same mechanism I use for other compliance settings. It would be a nice convenient way of showing Tier 1 apps coverage in a single report

    3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  20. Apply CI/Baseline as an action on a failed compliance policy

    In tech-preview 1606 an awesome feature has been added that let's you take an action on a compliance policy if it is not met.

    What would be awesome would be the ability to apply a configuration item/baseline on the non compliant device.

    E.g. If an intune device such as iOS has a malicious threat installed (combined with the compliance setting maximum threat level an action to remediate the threat by applying a configuration item that completely locks down that device)

    See Suzanne Grant (Intune MSFT) for full scenario. Great work guys!

    3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base