Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Implement a sccm managed system to enable HTTPS communication between clients and site system roles

    As the title says:
    Implement a system to enable HTTPS communication between clients and site system roles from the SCCM console, comparable to the Advanced HTTP Site System feature so that we don't have to setup and configure AD Certificate Services to distribute certificates to the clients.
    Or a mechanism that allows the Azure AD Security token, in scenario's with hybrid domain join in place, to be used to authenticate against https enabled internal site systems

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Management Point Health Alert

    When adding an MP, the box "Generate alert when MP is not health" is never checked by default. Should be checked by default, and why is this even an option? I don't see a scenario where an Admin wouldn't want to know the MP isn't health.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Allow Preferred MPs with IBCM and CMG

    Not sure which category to put this in BUT I've come across a requirement to have both IBCM and CMG in place, at least temporarily anyway. It would be very helpful if we could use some kind of MP affinity or preferred MP between the IBCM MP and the CMG MP. Obviously the boundaries are ignored as this is internet based. A reg key change (or something even better) would suffice.

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Allow Site server HA e2e on a maximum of 2 machines

    HA should always be able to run on a maximum of 2 machines. This includes all remote roles, as well as provider, as well as reporting, as well as SQL (including AO). Don't require any roles to be remote from the 2 machines.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Allow more than 1 passive in a primary site

    Allow more than 1 passive in a primary site

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Pre-Req Checks

    Perform permission checks on key locations where sccm will be setup. We had a problem experienced a few years ago where we had a "hash mismatch" error b/c the account I was using to perform the upgrade did not have permission to the install directory.

    https://sccmf12twice.com/2017/02/sccm-2012-r2-sp1-failed-upgrade/

    this problem is still possible in CB

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. check performance gains for specific compatibility levels when servicing sccm

    When servicing SCCM (for example from 1802 to 1806) the compatibility level was changed from 110 to 130. The compatibility level was set to 110 specific because of major performance issues with level 130.
    With the compatibility level being reset the update from 1802 to 1806 is already running for 43 hours and still not completed (CE level is already changed back to 110). Why not running a few SQL query's, based on this article: https://support.microsoft.com/en-us/help/3196320/sql-query-times-out-or-console-slow-on-certain-configuration-manager-d to check performance for each possible level. Then based on the results, change the compatibility level? If we have this kind of performance issueā€¦

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Synchronize additional tables with the Data Warehouse Service point

    In the 1612 technical preview, the Data Warehouse Service point was introduced, and at that time it included the ability to specify additional tables for synchronization. This capability is outlined in the release notes (https://docs.microsoft.com/en-us/sccm/core/get-started/capabilities-in-technical-preview-1612).

    The latest release of ConfigMgr (1710 as of this posting) does not include this capability.

    Re-introducing this capability would expand the use cases for the Data Warehouse Service point. Many customers have custom hardware inventory classes that are not included by default with the existing feature. There are also native tables, such as task sequence execution status, that would be helpful for trendā€¦

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Hotfix Rollback Option for the Microsoft SCCM CB Hotfixes Releases

    Hello: Microsoft release monthly updates for Microsoft SCCM Current Branch and sometime hotfixes. The hotfix rollback installation for Microsoft SCCM is not straight forward because Microsoft SCCM CB hotfixes installation has own process and procedures which executed in the backend. So it better to have an option provided to rollback the Hotfix.. Ex: KB4339794....

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Site status reset counts

    Need to Reset counts of status messages for all site servers. Multiple selection required

    Right now only the selected site is only available to reset counts from the console. if multiple site selected reset is greyed out.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Support installing new technical preview releases on an expired technical preview installation

    Occasionally I forget to upgrade one of my ConfigMgr TP environments, and it expires. Once expired, the servicing node won't allow new TP releases to be installed. Remove this restriction, let me upgrade expired TPs with new TP releases so I don't have to reinstall and reconfigure.

    80 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Add support for Disaster Recovery into SCCM

    SCCM should have built-in functionality for the setup, automation and triggering of a disaster recovery solution. Typically this would involve additional servers operating at a different physical location with replication of data between the active site and the DR site. Upon a DR event, you would transfer or seize functionality at the DR site to transfer control to the DR server(s). SQL Server has multiple DR tools available (mirroring, failover clustering, transaction replication, log shipping, etc.) so there is no need to reinvent that wheel, but SCCM should give similar functionality.

    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Eliminate need for clients at Secondary Sites to ever contact Primary Site's MP

    Clients can use the Proxy MP at Secondary Sites for most communication. However some communications must fall back to the primary site's MP. For example - client registration.

    109 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Support for Windows Server 2016 Hyper-V Production Checkpoints for Site System VMs

    Itā€™s not possible to use the new Production Checkpoint Feature of Windows Server 2016 Hyper-V with VMs that are running a Configuration Manager Site System role. The Checkpoint creation fails.
    To enable modern host-based backup like DPM 2016, it is necessary that ConfigMgr. Fully supports this Hyper-V feature.

    37 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Make it easier to use HTTPS DP as a pull DP source

    It should be much easier to use HTTPS DP as a pull DP source. Now you need to have a special script to define HTTPS DP as source (= complicated) and pull DP needs to have a ConfigMgr client (= licensing issue). I see increasing number of customers who want to use HTTPS in all their internal IIS servers, including ConfigMgr.

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. support reporting services in an always on configuration

    Support SSRS with a DB that is in an Always on AG

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Allow Slash (/) Character in Organizational Units for Group Discovery

    When Group Discovery for the whole Domain is activated and there are Organizational Units containing the Slash Character in the Name, you get "failed to bind to Container" Errors in SCCM.

    As long a Slash is an allowed character in LDAP, SCCM should be able to process these OUs correctly.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Make deletion age configuration in "Delete Aged Status Messages" Site Maintenance task

    The "Delete Aged Status Messages" site maintenance task does not allow you to configure an age at which the messages will be deled. This would be helpful for audit purposes.

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Site system Proxy exclusion

    scenario:


    • Secondary SUP in a untrusted domain

    • Sup on the primary site with proxy configured for catalog synchronization and download security and all fix

    In this scenario, when the secondary sup should be synchronized with the primary, the proxy is used, and this is a problem

    Idea:
    Implement an option to include proxy exclusions

    60 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Integrate Microsoft LAPS Functionality

    The Microsoft Local Admin Password Solution (LAPS) is great because of the security it provides, but is not in widespread use because it isn't enabled by default and requires desktop/server teams to work together to implement.

    Integrate the functionality of Microsoft LAPS into the ConfigMgr infrastructure.

    This could include simple steps to control replace the group policy need with a new compliance item node, or could include completely supplanting of the functionality (similar to how MBAM makes it so you don't need AD for managing BitLocker recovery keys).

    Anything that ConfigMgr can do to bring down the bar for securingā€¦

    330 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    14 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base