Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SQL Usage rights comes along with SCCM license allows to setup SQL Always On AG ???

    My understanding is the SQL usage rights comes along with SCCM license will be Standard Edition only. Please correct me if I'm wrong. So does the SQL usage rights comes along with SCCM license allows to setup SQL Always On AG???

    As per below link, I could see that SQL usage rights of SCCM allows SQL Always On. But SQL Always on with SCCM requires Enterprise edition. This is were I'm confused, please help !!!

    https://docs.microsoft.com/en-us/sccm/core/understand/product-and-licensing-faq#bkmk_sql

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Halting/pausing to perform remediation task during an Install of Configuration Manager

    Too many times I've began an install of Configuration Manager, complete the pre-requisite check with no failures, then begin the install only to have some small issue an HOUR INTO THE INSTALL totally derail the install forcing me to start all over. There has to be some way of implementing a halt or pause during the installation to remediate certain issues, like changing the TCP port number the SQL instance uses so the SQL Server broker service can be configured. Or at least make sure that prerequisite check covers everything that could cause an issue later down the line. It'sā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Service Connection Tool - don't overwrite log after each run

    By its very nature the ServiceConnectionTool requires several runs in order to fully complete its job. Prepare ā€¦ export ā€¦ connect ā€¦ import. Each run of the tool overwrites the log file.

    It would be preferable (imho) that the tool appended to the log file instead, so that a full record of the entire offline transaction is available.

    Thanks in advance, and you're welcome.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Allow the downloading of the SCCM version upgrade hot-fix files

    Every time we have an upgrade to complete there hot-fixes to apply. The process at this time is to wait for SCCM to finalize the update process. Re-install the console, and then request Updates and Servicing to check in for an update then download this process can take a long time. Then we can sit and the hot fix to complete the job. Sometimes there multiple hot-fixes to apply.
    If there was the ability to download the hot fixes in advance this would cut the time on update date by 90 minutes in my environment.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Add TCP KeepAlive opution when Site-to-Site Communication disconected

    TCP KeepAlive to port 4022 when Site-to-Site Communication disconected. And reporting result.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Upgrade SCCM Order server roles

    When updating the infrastructure, the server update order by selecting the servers to put first.
    At a minimum, start with the infrastructure servers:
    - Connection Point Service
    - Provider
    - MP
    - ...

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Approved workstations / servers for management

    Now that we can see connected consoles in Configuration Manager, then the next step should be approved servers or workstations for management only.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Way to view site reset progress and readiness

    Site reset can be performed using setup. Progress is shown in the configmgrsetup.log.
    Also site reset "occurs" after active/passive failover. However if invoked in this way there is no easy way of knowing when the process has completed and the site is ready for service.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Bring back the option to change the retention period

    Bring back the option to change the retention period. The retention days will revert back to the default of 1095. We are not aware of separating a retention date for a cloned CAS database from the actual production CAS database.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Add extra details in CMG Proxy log (SMS_CLOUD_PROXYCONNECTOR )log

    Add extra details in CMG Proxy log (SMSCLOUDPROXYCONNECTOR )log

    More details for below errors to clearly point out that Network Split tunnelling or Web proxy is bloacking connection /communication would be helpful

    ERROR: Failed to handle response from server. Cound be intermittent network issue. Exception: System.Net.WebException: The underlying connection was closed: The connection was closed unexpectedly.

    This error is collected from SMSCLOUDPROXYCONNECTOR.log

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. MBAM consoles and SQL HA

    During the BitLocker user portals setup, the database server name is supplied which the portals use to connect to for key recovery. BitLocker portals do not have a fallback mechanism. If you have an SQL AO configuration, you need to install a second portal so you can still use the recovery functionality bur you also need to notify every admin user to switch...Not really convenient.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Standardize releases of SCCM Versions to twice a year instead of current frequency.

    Standardize releases of SCCM Versions to twice a year instead of the current frequency of three times a year 2002, 2006 and 2010 and so on.

    Please review the pattern of windows feature releases and a clear timeline on supportability for SCCM.

    Please give a road map of supportability whether or not the customer has moved to co-management or not

    SCCM Client Version supportability in line with Server Version. All these three may be clearly documented please.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Use a Stronger Cipher for Client Notification Server Communication

    Use a stronger cipher for Client Notification Server communication.
    A MECM client connects to the Client Notification Server on port 10123 and (on Windows 10) uses the cipher TLSRSAWITHAES128GCMSHA256 to communicate.
    This cipher is marked as weak by some security vendors because it doesn't use ephemeral keys, and past communication is not protected.
    (https://en.wikipedia.org/wiki/Forward_secrecy)
    In an organization where this cipher is disallowed in the org for security reasons, client communication with the Client Notification Server falls back to HTTP, which is completely insecure.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Expired MEM evaluation lab kit

    The current MEM evaluation lab kit expired on February 7, 2021. When will it be updated? I downloaded and installed it just days before its expiration. So how much longer can I keep evaluating it? This isn't documented very well.

    https://www.microsoft.com/en-us/evalcenter/evaluate-mem-evaluation-lab-kit

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. HTTP Strict Transport Security (HSTS) 'NOT ENFORCED' on CMG provisioned Virtual Machine.

    The VM that is automatically provisioned as part of the Cloud Management Gateway setup from the ConfigMgr console, when security scanned, indicates HSTS is not turned on/ enforced.

    This has been discussed with Microsoft Support and Configuration Manager experts from Microsoft, as this is obviously a concern. All attempts to mitigate this issue failed as any settings made as advised by Microsoft were reverted or failed to mitigate the issue.

    We have assurances the service is secure however, we are aware that HSTS being off is recognised as a vulnerability to Microsoft and you recommend all to enforce this onā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Support for Dedup in content source directories

    The support for Dedup for the content library is fantastic. It would be great to extend this support for content sources as well.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Unused HW Inventory table columns in SQL DB should be defined as "Sparse"

    After enabling the collection of 3 attributes from the win32_process WMI class from our PCs, the database blew in size, as all other (30+) attributes of that class take up as much disk space as if they had data in them.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Enable Enhanced HTTP by default

    As an alternative to presenting a warning for HTTPS and potentially causing confusion, Enhanced HTTP should be enabled by default and there would be no need for warnings or prompts. EHTTP no longer requires Azure on-boarding so there is no reason not to enable it by default going forward. If the user wanted to use HTTPS they could still do so in the console after initial setup or upgrade is complete. The new warnings for HTTPS do not belong in the initial setup wizard because this is not a setting to be taken lightly, but being presented these choices upā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Fix DP Configuration Process

    Fix problem when configuring distribution point, package distribution for Client packages fail if DP is on remote server (doesn't happen if configuring DP on Primary site). The matter is easily fixed by redistributing the content, but it would be better if you added a wait in the process until DP was configured before trying to push content to it.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Allow disk selection for MP installation

    Similar to DP configuration, please allow selection of a specific disk when configuring the MP.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base