Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the ? button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Configuration Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Send sample collection requests for admin approval

    When there is sensitive information disclosure risk, end users aren't authorized by my org to approve/deny sample submission, but disabling the feature entirely misses out on an important security insight.

    Please make it possible to hide sample submission requests from end users - and instead send them to the Configuration Manager Console for IT admin approval; clients should hold onto the proposed sample data locally until submission is approved or denied.

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • Add support for having an apostrophe in a directory name in SCEP Exclusion settings

      If a directory has an apostrophe in it (for example, C:\Program Files\Malwarebytes' Anti-Malware"), it is not possible to add an exclusion of the directory or a file in the directory as an error dialog states "The path contains one or more of the invalid characters." As it is possible to create a directory with an apostrophe in it, it should be possible to add the directory to the exclusion settings for SCEP.

      0 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • Would like to replace the Windows defender icon with the SCEP icon when managed by Endpoint Protection

        In windows 10 when managed by SCCM+Endpoint Protection, we get Windows Defender as the Endpoint Protection client, which is fine as they use the same engine.

        However the icon is for Windows Defender which doesn't make sense.

        Can we change it to the SCEP icon instead which would make more sense and go along with the installed software SCEP in control panel which does have the correct icon (in Programs and Features).

        Having the SCEP icon would be a nice visual clue (aside from looking at applied policies) that SCEP was managing Antivirus rather than Windows itself

        183 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
        • Don't display SCEP Malware Alerts in every User Session

          If you're using the SCEP Client on a RDS Server and Malware has been found, every User on this Server gets a Notification from SCEP.

          This really confuses many users and increases Service-Desk Calls, if you have Servers with for example more then 20 User Sessions.

          Because of this, we currently have no other choice then to hide the User Interface.

          It would be great if the Notification are only shown in the Session of the User, which triggered the Alert.

          0 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
          • Disable 'Scan Now' for Users

            I would like to have a possibility to disable the 'Scan Now' button (System Center Endpoint Protection) for example on RDS environments.
            I would like to prevent that multiple users start a Full Scan during office hours.
            Using System Center 2012 R2 Configuration Manager or by GPO.

            5 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • endpoint

              Allow override an existing policy on Import. This makes it easier to develop new settings and bring it to production without having to give it a new name and create a new deployment.

              3 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • Add tab for Antimalware Policies on Collection view similar to Device view

                Although AM Policies are deployed to Collections just like Custom Client Settings, there isn't a tab to show you deployed AM Policies on collection console views.

                Bonus points: Look at Device view and Collection view tabs, and make the names congruent ("Custom Client Settings" vs. "Client Settings")

                Super Bonus Points: Resultant Set of Antimalware Polies view which has been suggested elsewhere for a long time (https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/10237263-add-a-view-for-resultant-set-of-policy-for-anti-ma
                and
                https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/8398638-policy-resultant-for-scep-policy-like-clients-sett)

                Super Extra Bonus Points: Resultant Set of Client Settings and Resultant Set of Antimalware Policies should clearly show what pages were set by what policy. (https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/14855388-resultant-set-of-client-settings-should-show-what)

                Thanks!

                0 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  1 comment  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                • about window 10 security

                  there is problem in windows 10 , the problem is your security . the security problem is " any one can rest your profile without make pin or password " and i have lost my all data from my documents .
                  and i am the biggest fan of my windows 10 .

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  • Windows Firewall With and Advance Security integration

                    So this portion is currently listed under EP in the SCCM console so im posting here. i would like to see an enterprise solution to deploying the windows firewall similar to the way DCM relationships are. Not the existing feature in SCCM where you can simply enable or disable the firewall policy. i would like to see Individual Firewall rules are created as Configuration items and then grouped into Baselines to be applied at a granular level to computers. that way we can remove the GPO dependency on where a computer is placed or at which level its place. SCCM…

                    35 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      Noted  ·  1 comment  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • Add all levels of "Sample Submission" to GUI

                      In the client Policy for SCEP we have "Auto Sample Submission" turned on as the default. However this only works for some files that are suspicious. There are actually two other levels of Sample Submission that can only be obtained by changing registry values and pushing out these settings as a script via SCCM, or GPO. Would love to have these exposed through the GUI.

                      Talking about these settings:

                      Problem:
                      SCEP is prompting for submission of suspicious files when in policy "Auto Sample Submissions" are enabled. Trying to find out why we are getting prompts.

                      Resolution:
                      I received and reviewed…

                      4 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • Put back the last scan and next scheduled scan in the SCEP client

                        Somehow this disappeared in Windows 10 (Possibly 8 as well) it was there in Windows 7.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                        • Rollback Definition

                          Make it possible to rollback a Definition file on a granular level, individual computer, group of computers or all computers.

                          From a business perspective we would need to be able to make the process easy to rollback to the prevous definition file. So adding this feature to the ConfigMgr Console would be very beneficial.

                          The method of today is not realy desired where you have to use mpcmdrun command manually or scriptet.

                          4 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                          • 6 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • RDP Or Multiple Users logged In

                              A user should not be able to reboot n Remote Desktop server. That should require and Administrator.

                              Administrators should be able to disable the 'restart now' option

                              1 vote
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • Web Fitlering

                                Have controls where you can block website and pages on all major browsers.

                                1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                • Second Scan

                                  During a quick or full scan, the user can not perform a scan (for example, files on a USB drive).

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • 29 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      2 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • 4 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Client's rules

                                        Hello, Dear Team, as we can in enterprises we need more control on the client machines. It will convenient if that control can be accessed in single console of the SCCM. As a endpoint protection we need control startup applications, launching applications(blocking or allowing), control of the removal devices, force removal of potentially exploit apps, even traffic analyzer is needed. Sound like a crazy but really needed features.

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • EMET deployment and reporting in SCCM as Endpoint Protection is done

                                          Get EMET in SCCM 2016 to be deployed, managed and having report

                                          5 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base