Currently there is no easy way to cleanup orphaned drivers. This feature would allow an administrator to easily clean up drivers that are no longer part of any driver packages.

I would like there to be a option to run several actions at once from the SCCM Client. A checkbox for each actions and then a 'Run' button that executes the actions one by one. Either in the order you checked the boxes or by alphabetical.

The current (1710) maximum key length for client authentication certificates is 2048 bits. Many security-conscious organizations standing up a new PKI in 2017-2018 would prefer a longer key length for all certificates. This requires that the organization lower their standards to utilize computer certificates for computer authentication.

Reference: https://docs.microsoft.com/en-us/sccm/core/plan-design/network/pki-certificate-requirements

Stop the DCOM 10028 errors on a Primary site server that FLOOD the System logs when the primary attempts to contact an MP in an untrusted domain\forest.

I believe this a result of the order in which CM tries to authenticate to the MP - computer account then network service account - neither of which will work in an untrusted domain scenario. The connection eventual happens as expected using the Installation account. The DCOM errors are bogus errors that can consume a log file for no reason. Seems like some deeper error logging\checking is needed?

Windows 10's legacy Control Panel will probably disappear in a future. How about to extend CM client to show CM properties behind new Win10 GUI?

Unified Write Filter and Windows Configuration Designer profiles are both great tools, especially for customers in the education space. We often need to deploy many devices in a "Shared PC" configuration for classrooms, computer labs, etc. It would be amazing if these tools were integrated into SCCM to make deploying and managing them simpler.

When an action is triggered in the Control Panel applet on clients, a vague message is displayed saying it will take several minutes to finish. Would like the applet to show last completion time (or 'Running') for each action, similar to how the Configurations (compliance) tab does.

Show missing dependencies!

Typically distribution errors (which occur automatically ******) lead to a well-known error in tasksequences:

HRESULT=80040102
Failed to resolve selected task sequence dependencies.
Exiting with return code 0x80040102
TS environment is not initialized

OSD only shows "Preparing network connnections..." Then the WinPE tasksequence automatically reboots and boots the currently installed OS.

Why can't you just show or list missing packages?!?! Or add a skip option? Even SMSTS.LOG isn't helpful...

Add the possibility to use Wirm so securely push the SCCM Client instead of use a connection to the admin$ share.

sometimes the client needs to be rebooted after an automatic client update. if you're not connected to the machine (ie server), once you connect a notification appears but if you open the software center (old and new) you will not see anything pending reboot (installation status is empty or does not have the information that anything is asking for reboot). it would be great to see under installation status that the client was upgraded and it the machine needs a reboot to complete the installation

One stop solution to remediate clients and their health in GUI

If a new client depployment is failed, we have dig all the way into the root cause of every machine failed..If any client is having issues, we are always forced to check the logs etc... We are not sure where exactly the client stuck and for what reason. We need such a tool where we would be able to find what the issue probably is (or where it is stuck )by a simple glance on the machine.

We would like the ability to have seperate client push settings for Workstations vs Servers, specifically the ability to have seperate installation properties.

In addition to the Modify and Read permissions on Update Packages class, add a third permission "Promote Pre-production Client" which can be delegated to a non-infra administrator.

It would be great if you could set a schedule on the client (like weekly, monthly, etc) where the client could look at the content in its cache, and see if it still exists in ConfigMgr - if not, purge it. For example, run a content location request for each instance in the client cache, and if no locations are returned, remove it from client cache.

Problem: On the client machine, CCMEXEC service is already running, the client is in a healthy state. Then a GPO or Client Push happens, ccmsetup.exe starts and breaks the client communication. The client ends up getting an error stating "another instance of ccmsetup.exe is already running".

Question: Could you have ccmsetup.exe check for the ccmexec service and quit if the ccmexec service is running?