Stop the DCOM 10028 errors on a Primary site server that FLOOD the System logs when the primary attempts to contact an MP in an untrusted domain\forest.

I believe this a result of the order in which CM tries to authenticate to the MP - computer account then network service account - neither of which will work in an untrusted domain scenario. The connection eventual happens as expected using the Installation account. The DCOM errors are bogus errors that can consume a log file for no reason. Seems like some deeper error logging\checking is needed?

The current (1710) maximum key length for client authentication certificates is 2048 bits. Many security-conscious organizations standing up a new PKI in 2017-2018 would prefer a longer key length for all certificates. This requires that the organization lower their standards to utilize computer certificates for computer authentication.

Reference: https://docs.microsoft.com/en-us/sccm/core/plan-design/network/pki-certificate-requirements

Windows 10's legacy Control Panel will probably disappear in a future. How about to extend CM client to show CM properties behind new Win10 GUI?

When an action is triggered in the Control Panel applet on clients, a vague message is displayed saying it will take several minutes to finish. Would like the applet to show last completion time (or 'Running') for each action, similar to how the Configurations (compliance) tab does.

Machines with an EEC client certificate can connect to the DP to download the content and install the agent but the client never registers with the site.

once i suspected the ECC certs I was able to find thread on technet which confirms the same issue I was seeing
https://social.technet.microsoft.com/Forums/en-US/cc9ec0ff-5998-4225-9ce1-2c7b5fe5677d/sccm-and-ecc-certificates-not-supported?forum=ConfigMgrDeployment

Show missing dependencies!

Typically distribution errors (which occur automatically ******) lead to a well-known error in tasksequences:

HRESULT=80040102
Failed to resolve selected task sequence dependencies.
Exiting with return code 0x80040102
TS environment is not initialized

OSD only shows "Preparing network connnections..." Then the WinPE tasksequence automatically reboots and boots the currently installed OS.

Why can't you just show or list missing packages?!?! Or add a skip option? Even SMSTS.LOG isn't helpful...

I would like there to be a option to run several actions at once from the SCCM Client. A checkbox for each actions and then a 'Run' button that executes the actions one by one. Either in the order you checked the boxes or by alphabetical.

Add the possibility to use Wirm so securely push the SCCM Client instead of use a connection to the admin$ share.

Currently there is no easy way to cleanup orphaned drivers. This feature would allow an administrator to easily clean up drivers that are no longer part of any driver packages.

Please make available we can set a Priority on Boundary, for example:

Standard Boundary ist a AD-Site and use DP1 and a Boundary with special IP Subnet for staging clients in the same AD-Site, use a override for use DP2 only.

One stop solution to remediate clients and their health in GUI

If a new client depployment is failed, we have dig all the way into the root cause of every machine failed..If any client is having issues, we are always forced to check the logs etc... We are not sure where exactly the client stuck and for what reason. We need such a tool where we would be able to find what the issue probably is (or where it is stuck )by a simple glance on the machine.

It is recommended to import computers on the primary site where they should be assigned to, not the CAS, because in some scenarios that causes issues. All administrative tasks should be available from the CAS. It would be great to add the ability to the "Import computer information" wizard to select a primary site (similar to the Client Push wizard). That would then import the computer information remotely on the primary.

It would be great if you could set a schedule on the client (like weekly, monthly, etc) where the client could look at the content in its cache, and see if it still exists in ConfigMgr - if not, purge it. For example, run a content location request for each instance in the client cache, and if no locations are returned, remove it from client cache.

It would be a great option in App builder to be able to create a custom message that the user would see explaining why a software package is being installed or uninstalled. It would need a method of keeping it on the screen until the user clicks OK..

Problem: On the client machine, CCMEXEC service is already running, the client is in a healthy state. Then a GPO or Client Push happens, ccmsetup.exe starts and breaks the client communication. The client ends up getting an error stating "another instance of ccmsetup.exe is already running".

Question: Could you have ccmsetup.exe check for the ccmexec service and quit if the ccmexec service is running?