Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Configuration manager service Account Management

    Hi All,

    It very difficult to manage the password of service accounts in different place in Configuration for different options, like Domain join, network access, client installation. Because we need to input every time when we configure the settings. Instead of this, we have centeral control management of user name or service account and password management, so it will reflect in all components once the they select the user name.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Ability to provision gMSA as an Administrative User

    As of CB 1702, we can provision AD Users or Groups as administrative users in SCCM. However, gMSAs (Group Managed Service Accounts) can't be directly provisioned - though you can work around that by creating an AD group with the gMSA as a member and provisioning that group in SCCM.

    It'd be helpful if we could directly provision gMSAs in SCCM; I don't see any reason why this shouldn't be allowed.

    Thanks

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Option to schedule in-console update

    Hey. It would be so nice to be able to schedule updates to sccm from the Updates and Servicing node in the console.

    Any chance?

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Maintenance Windows - Allow to multi select instead of one feature

    Allow to have maintenance windows apply to multiple features and not just for one specific feature (or for everything).

    A multi select dropdown would be great!

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. To deploy a compliance policy, user's security role needs Modify permissions on Site

    For users assigned custom RBAC roles. They're unable to deploy compliance policies - with permissions Site - modify - No
    The operation fails with error "You do not have security rights to perform this operation"
    The security role needs to have Site - modify - Yes.
    Customer claims prior to 1710, this was possible.
    Other deployments like applications, packages are working with Site - modify - No

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. RBA Role Prompt when launching console

    Many of the other System Center products allow a single user account to have many different roles assigned, and instead of merging them like Configuration Manager does, they prompt at login which role should be applied. This allows an admin for example, to have one account that they can manage all workstations, but then reopen the same console and choose a different role to manage all servers. This would solve many issues that come up when dealing with scoping issues where an object that was created do not have the correct scopes applied. It will also address a concern thatā€¦

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Secure Credential/secret variable Resource

    Add a secure credential/secret variable resource to pass secure variables to task sequence steps and application command lines.

    For instance, this would be useful to securely storing and passing a BIOS password for securing, configuring, and upgrading BIOS.

    Additionally, this could be used for authentication tokens or specifying an alternate user context in a script.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. ability to apply security scopes to deployments

    would be great if we could set security scopes on deployments. we offer sccm as a service to multiple groups using RBA. one group provides applications that can be viewed by all other groups. unfortunately they cannot see all of the deployments made from these applications as they only have visibility to their own devices/collections.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Respect user communication preferences

    I updated my Microsoft communication preferences to stop all the emails from the ConfigMgr team as I could. I still get survey requests and such. Please stop spamming me.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Improvements for search functionality

    When searching, allow multiple "AND" filters on the same criterion. For example, when viewing All Windows 10 Updates in Windows 10 Servicing, I'm currently seeing 798 items. I can filter by language to reduce that, but I'd also like to filter on the title multiple times to exclude editions such as 'Education N', 'Pro N' and 'Team' but I can't because when I add a second Title filter, it automatically puts an "OR" operation next to it.

    Also, when searching for objects like Collections or Apps in a large sub-folder structure, would it be possible to include a column inā€¦

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Ability to Assign Wake on Lan to Security Scopes

    Currently to remotely wake up workstations, you have to have the default security scope applied to the user who needs to wake up the workstation. It would be great if you could use other security scopes as well.

    When an employee is remote and they accidentally turn off their computer, we have to send someone to physically turn it back on. We gave our help desk some permissions. If they could use wake on lan without having access to everything the default security scope provided, it would make things significantly easier.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Add functionality to the ā€œSet approval due dateā€ item in the ā€œAutomatic approvalā€ WSUS option

    Please add more detailed settings to the ā€œSet approval due dateā€ item in the ā€œAutomatic approvalā€ WSUS option, such as the ability to freely set the timing of approvals, etc.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Remove the requirement for 'modify' permissions for Phased Deployments

    The Phased Deployment functionality for Applications and Task Sequences require the 'modify' permission on each of the objects in order to be able to create a phased deployment. Software Update Groups, on the other hand, dont have this requirement. In a large distributed environment, the administrators who manage clients in collections and deploy content (Applications, Packages, Task Sequences, etc.) are not always allowed to create the Applications or Task Sequences. In our large PUBSEC customer, the application and TS authors are separate from the site level admins, but our site level admins would like to take advantage of phased deployments.ā€¦

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Make it possible to link Windows Update for Business with WSUS

    In an environment where clients are managed by WSUS, in cases where one wants to extend the application of critical update programs for a long time, Windows Update for Business can be used, but please make it possible to manage Windows Update for Business functionality using WSUS.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. RBAC Based on Folder and not Limiting Collections

    RBAC based on folder would be more intuitive (because we all use it on OS levels).
    It would also simplify management and headache ,
    example :
    A company has 2 entities Contoso and Microsoft
    This Company do application's collection dedicated for each branches but also do application's collection for general use

    User A has a RBAC Limited on Contoso Users
    User B has a RBAC Limited on Microsoft Users

    I want User A to see all Contoso and General apps's collection

    Today impossible because General Apps's collecton are limited to ALL USERS and User A is limited to All Contosoā€¦

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Support Scale Out File Server

    Currently SCCM doesnt support SQL Databases stored on a Scale Out File Server. The installation will error out when it queries WMI on the SQL Server, also queries embedded inside of hman.dll will cause errors as it expects to find a drive letter rather than a UNC path.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Use DNS for IP addresses

    Use DNS records for IP addresses instead of internally discovered IP. This allows machines to change their IP, between subnets or wired/wireless

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. orchestration groups security scope

    Security scope for orchestration groups

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Move RBAViewer into the console

    RBA Viewer has been overlooked for too long and offers a lot of great features over the admin console. Why not combine the features into the console?

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Export any result from console queries

    I think It will be very usefull if we a way to export/print queries that we made in console, and not just from report or SQL query..

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base