Cluster patching feature was added in #SCCM CB 1602, but has been in prelease for a long time. It needs to:
1) Have improved/revamped UI
2) Remove dependency on collections
3) Orchestrate patching for any machines, not just servers/clusters
4) Remove the feature from prerelease

When deploying a device using Autopilot, the Enrollment Status Page (ESP) is used to prevent access to the desktop until the device provisioning tasks are complete. But ConfigMgr doesn't integrate with the ESP, so there's no way to wait for packages, apps, or task sequences - the user doesn't know when the process is done. Add that integration.

Currently, when servicing stack updates and regular updates are deployed in the same software update group, the patches do not apply in a determinant order. This leads to cases where a cumulative update that requires a new servicing stack is installed before the servicing stack itself.

While this can be worked around by separately deploying the servicing stack update before updates that require said servicing stack, it would be much more convenient if the update installation process checked if there are any servicing stack updates to be deployed and automatically installed them first

By default you can pause a Task Sequence by adding a step in the TS that will display a msgbox.

It would be cool to be able to pause a TS when you want and as many times you want.

It is possible by changing the ztiutility.vbs file and add the below process:
- Create a new TS variable TSPause
- If this variable is configured to True a msgbox is diplayed

See a post I did about this:
http://www.systanddeploy.com/2020/02/pause-task-sequence-when-you-want-with.html

The pro of Windows Analytics was that you can configure it in every environment without the need to have SCCM or Intune configured.
Please re enable this way of deployment, also if it's limited to Read-only insights or some features.

Split this item from a bigger umbrella item.
This is to specify an icon per App Task Sequence in the Software Center.

When trying to move away from Group Policies to Configuration times/baselines and in every other scenario as well, add a step in Task Sequence to evaluate and remediate select Configuration items/baselines. Then we can select which one of the Configuration Items/baselines should be applied during OSD so the settings are present when the user logs on for the first time

Currently the Cloud Management Gateway(CMG) for SCCM is a legacy "Cloud Service" in Azure. This prevents Network Security controls, such as placing a Web Application Firewall in front of the service, or peering it to a Virtual Network to be impossible. There are many customers in both the public and private sector that would like to see the CMG modernized into an Azure PaaS WebApp(ARM). This way they can place the CMG into an App Service Environment(ASE), and enforce Trusted Internet Control(TIC) policies.

I would like to add setting of LayeredDriver (106/109 key, etc.) during OSD (OS deployment).
These settings are "very important topics" for OSD guys in Japan and Korea.
Without this setting, the keyboard will become an English keyboard.

LayeredDriver [Microsoft Docs]
https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-international-core-winpe-layereddriver

When a Delivery Optimisation Cache server use a proxy configuration the installation fail (CMCB1910).

The DoinCSetup log show :
Setting proxy chain to proxyservername:8080
…/…

 Cound not find existing downloaded content in primary disk cache: H:\DOINC-E77D08D0-5FEA-4315-8C95-10D359D59294\b1.download.windowsupdate.com\mscomtest\cedtest\r20.gif.full

…/…

Failed to find downloaded content in the primary disk caches

Allow server cache to use a proxy

Great to see MBAM fully integrated in CM 1910, but the policy does not have any option to enforce the encryption. User can always postpone it.

For more info, see this: https://www.youtube.com/watch?v=kRkyx_-l9QU

When you perform a search also include all subfolders by default!

For our environment it would be great if we can specify the IP-address where the Packets are send to. Because we use Switches with 802.1x the Computer is not in the same vlan that it is when it runs. Because of "control-direction in" the packages of the isolate-vlan will be broadcasted if the device is not authenticated. If we can specify the destinationadress, we can set the address to the network-broadcast of the isolate-network and the packages will be delivered correctly by routers and switches. This is already working with other tools.

Device Health in Windows Analytics has lots of useful information about Windows crashes, such as what caused the blue screen, the driver version, and other information. This information can be used to develop proactive improvement plans to improve the general reliability of our desktop environment and end user devices.

Could you please add this functionality to Desktop Analytics? It would complement the existing information being reported for O365 reliability, although this is currently somewhat hidden by the M365 UI.

Will be great if it could be possible to export data from DA Portal, either after setting up a filter or all data (up to an acceptable raws limit), in order to share lists of apps, devices or drivers with people to review or action on them, regardless of those people not being DA contributors themselves.

The summary can remain blocked under an “error” status even when all the statuses from the “Details” tab are “Success”.

Need the ability to pull Office 365 Updates from a server that is not the primary site server. This would be similar to the CMG connection point or Service connection point.