Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. FQDN everywhere

    Please stop using NetBIOS names, let's use FQDN everywhere - assets, reports, queries, deployments etc. It is a true challenge to use SCCM with dozens domains of customers :)

    10 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Allow Preferred MPs with IBCM and CMG

    Not sure which category to put this in BUT I've come across a requirement to have both IBCM and CMG in place, at least temporarily anyway. It would be very helpful if we could use some kind of MP affinity or preferred MP between the IBCM MP and the CMG MP. Obviously the boundaries are ignored as this is internet based. A reg key change (or something even better) would suffice.

    10 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Change SUP synchronization message to secondary site SUP's to either be high priority or not use file based replication

    If you have secondary site SUP's they are told to synchronize by the primary site by file based replication (sender sends a file to the secondary site telling it to sync).

    This can be a problem if your secondary site(s) are operating under bandwidth controls, for example if you set to only allow high priority data to be sent during the working day to conserve bandwidth.

    If the primary SUP synchronizes but the sender is unable to drop the required file to the secondary site, then what happens is all clients in the secondary site will try and switch theirā€¦

    10 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Disconnected Secondary Site

    This would allow a Secondary Site to operate disconnected from the hierarchy for a set amount of time. During this disconnected state the Primary above it would not try to reach out to the Secondary (and vice versa) but would wait (similar to a prestage DP) for the interval specified before trying. Also the Secondary while disconnected would process its client information similar to a Primary and optimize the replication data so that when the connection was re-established there wouldn't be a huge backlog. This would allow hierarchies with devices that have limited or no connectivity for extended periods atā€¦

    10 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Add Better Indexing to ARP and Installed Software tables in SQL

    Currently there are very few functional indexes on the ARP table in SQL for sccm. The table only leverages indexing on MachineID (ResourceID) and ProdID00 (GUID for software). This can make reporting on software very resource intensive and collection membership intensive if you want to use other fields that are easier to identify such as DisplayName00.

    10 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. raise base .NET Framwork of CM from 4.0 to 4.6.x

    currently all file system operations only accept filepaths with maximum length of 256 chars which is related to the used .NET Framework within CM.
    Starting with .NET 4.6 this limitation is now raised to 32.767 chars which is very usueful if you for eample manage driver and driver packs, applications and so on per script and file systems within a domain network. (Servernames FQDN could be longer than 8 chars in our case at minumum 30 chars)

    10 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. check performance gains for specific compatibility levels when servicing sccm

    When servicing SCCM (for example from 1802 to 1806) the compatibility level was changed from 110 to 130. The compatibility level was set to 110 specific because of major performance issues with level 130.
    With the compatibility level being reset the update from 1802 to 1806 is already running for 43 hours and still not completed (CE level is already changed back to 110). Why not running a few SQL query's, based on this article: https://support.microsoft.com/en-us/help/3196320/sql-query-times-out-or-console-slow-on-certain-configuration-manager-d to check performance for each possible level. Then based on the results, change the compatibility level? If we have this kind of performance issueā€¦

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Expand Secondary Site Re-Assign Distribution Point to Migrate DP co-located on Secondary Site

    See https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/9197001-ability-to-move-distribution-point-from-one-second

    Currently, if the DP is co-located on a secondary site server, you are unable to move or re-assign the DP to a new site. Expand this capability to have the ability to move or migrate the DP to another site, specifically a primary site in this scenario.

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Make internal SCCM Backup task mor flexible

    Currently the SCCM backup task is interacting with the database directly creating a full backup every time. When using other backup products (as TSM) the use of SCCM backup and a full set of files is simply not possible since we increment the backup counter. TSM differential backups will not work until a new full backup has been run.
    The ask is to either enable flexibility to be able to use different SQL backup mechanism apart from SCCM internal or to be able to run the backup task without triggering a SQL Backup.

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Would be great if a installation of a SCCM Agent on another hierarchy would be supported and possible.

    In complex service provider environments are sometimes several SCCM hierarchies. Right now there it is not supported way to install a SCCM Agent from a other SCCM hierarchy on for example Pull DP. This kind of Servers cannot be managed by SCCM and we can not deploy Software Updates to them .We are also not able to Monitor Windows Defender Malware infects. In the most cases Customers are installing a Standalone WSUS for a such kind Servers. Even it is especially important to prevent Malware infects on SCCM Servers, customers are then not Monitoring Malware infects.. Would be great ifā€¦

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Add support for Disaster Recovery into SCCM

    SCCM should have built-in functionality for the setup, automation and triggering of a disaster recovery solution. Typically this would involve additional servers operating at a different physical location with replication of data between the active site and the DR site. Upon a DR event, you would transfer or seize functionality at the DR site to transfer control to the DR server(s). SQL Server has multiple DR tools available (mirroring, failover clustering, transaction replication, log shipping, etc.) so there is no need to reinvent that wheel, but SCCM should give similar functionality.

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Multiple SCCM site backups prior to upgrade

    The new way to upgrade SCCM is great. However in order to have a restore point if the upgrade fails, we are currently running indipendent backups on CAS and our 3 Primaries. If we ever would need to rollback, we are not sure to be able to restore the infra from the backups we have taken, because they are not synchronized (each one run at his own speed). It would be great if there would be a task that would take a backup / snapshot of the full CAS and PRI (something like an SCCM backup for all sites thatā€¦

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Updates and Servicing: Deploy new client package prior to upgrade

    One of the most time consuming steps when we perform an SCCM upgrade is waiting for the new client install\upgrade packages to replicate to our lower bandwidth sites. Currently we are installing the latest update in the test lab and manually creating a package and distributing it in production with those files so the content library has the files at upgrade time. It would be helpful if there were an option similar to "run prerequisite check" to create the packages and distribute the content ahead of time.

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Distribution point configuration status - reset alerts

    When looking at the status of my DPs in Distribution point configuration status there is a yellow alert that won't go away due to some error that occurred during dp migration, there is no package ID associated with it so I am unable to use any sql tricks or tools to make it go away. I suggest making an option via gui to "clear alerts" like I can do via Site status. please add this feature

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Configmgr Backup status node in "Monitoring" node

    Currently we need to check smsbakup.log , if we need to know status of last backup. This is being crucial task for SCCM health check , its better to see status within console.

    As we have " Software update Sync status" , I feel its good to include "configmgr backup status" in "monitoring"

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Refresh button in the Site Servicing Status node

    A Refresh button in the Site Servicing Status node under the Monitoring workspace would really be useful. Just like the Refresh button in Updates and Servicing, it would provide an easier update method for the admin to be able to simply refresh the node, instead of switching between other nodes. These small enhancements are not critical,but they do provide a huge value.

    7 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Remove dependency on default document in IIS configuration

    A common security vulnerability exists in the default IIS configuration when SCCM is installed. Having the default documents (eg iisstart.htm) can aide a malicious actor in discovery https://www.rapid7.com/db/vulnerabilities/http-iis-default-install-page

    IF the default document is removed, Workgroup clients are unable to communicate with SCCM. The default document should not be a dependency on SCCM, or on workgroup clients ability to connect.

    Symptoms: Clients not joined to the domain can not connect to an SCCM server
    Client Location log shows http 403 errors
    Error sending HEAD request. HTTP code 403, status 'Forbidden' ClientLocation
    Text=CCMEBADHTTPSTATUS_CODE ClientLocation

    Workaround:
    Adding a defaultā€¦

    7 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Additional logging for DP upgrade

    I would like to have additional logging when Distribution points get updated. Currently the update process is not really verbose if you look it from the SCCM Console point of view.
    I had an issue with dll's not being upgraded in the DP Upgrade process and there was no trace of the error.

    Thanks

    7 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. When running the "Modify site database configuration" option, allow support for keeping SQL servername the same

    When going through the process of changing the configuration for the site database (in order to move it to a new SQL server), if you are keeping your SQL server name the same, the wizard will not allow you to input the same SQL server name as the old. We want to get rid of our SQL 2008 R2 servers running on Windows 2008 R2 and replace with Server 2016 and SQL 2016, but also keep the same hostname for the new server. Our only option since the wizard doesn't support this scenario is to do a backup and restore.

    7 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Improve the process for using certificates within ConfigMgr

    Setting up and managing the certificates for MPs, DPs and boot media is not straight forward. Could you improve the certificate management process to reduce the complexity and overhead in managing it. So automation with internal CAs for automatic certificate issuing would be good.

    7 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base