Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Install Servicing Stack Updates (SSU) Before Other Updates When User Initiated

    The Current Branch 2002 release introduced a feature to install SSUs first but only when triggered by the deadline.
    From the docs:
    "SSUs are installed first only for non-user initiated installs. For instance, if a user initiates an installation for multiple updates from Software Center, the SSU might not be installed first."

    A lot of work has been put into encouraging user-participation in the patching process. I want the user to decide when they're ready to install the updates and avoid situations where the deadlines impact their work. In those scenarios the behavior introduced in 2002 therefore not helpful.

    Iā€¦

    129 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Windows Application Packager (WinGet) Integration

    I would like configmgr to integrate with winget.

    https://devblogs.microsoft.com/commandline/windows-package-manager-preview/

    Please allow me to simply tell winget to install/uninstall an application and allow sccm to monitor the result codes. Provide winget as a part of the sccm client install. Reduce my work effort to deploy applications!

    This should be a native deployment type as well. Let sccm ingest all the possible applications winget supports!

    Allow application content to be stored via Microsoft Connected Cache!

    60 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Application Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Revamp ConfigMgr's cluster patching, and remove it from PreRelease

    Cluster patching feature was added in #SCCM CB 1602, but has been in prelease for a long time. It needs to:
    1) Have improved/revamped UI
    2) Remove dependency on collections
    3) Orchestrate patching for any machines, not just servers/clusters
    4) Remove the feature from prerelease

    680 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    31 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Third-Party Updates Should Not Attempt 3 Downloads from Internet (WUMU)

    When deploying third-party updates using CMG, the client will detect it's on the internet. In the CAS.log, you will see it things it should reach directly out to windows updates (WUMU) in the CAS.log. The DP returned on ContentLocation.log is actually the internal WSUS location of where the third-party update was downloaded. This path is not resolvable from an internet client and shouldn't be used.

    If the client detects it's on the internet, it should never attempt to download from windows updates, since these updates are not applicable for that scenario. The update will timeout after 3 minutes and 3ā€¦

    56 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Add an Alert that shows the state of the CMG Connection Point

    Add an Alert that shows the state of the CMG Connection Point.

    Currently, I have no automated way to tell if the CMG is healthy unless I go into the console and run the Connection analyzer.

    I'd like to see a built-in alert I can configure to notify me if the CMG service is in a non-Ready state, the Connection Point is "disconnected" or the number of "Clients online from CMG" is below a specific threshold.

    45 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Troubleshooting & Support  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Report to Detail download duration and size of content for each Client

    As more users are working from home for the current pandemic the network teams are constantly asking... how much data are SCCM Clients downloading over the VPN.
    I would like to see a report that we can see the size of content and how long it took each client to download the content for updates, packages and applications. Even at what speed BITs was downloading so we could see which of our users have very slow/small Internet connections at home. This should include whether they downloaded from MS Updates, on-prem DP's or the CMG.

    38 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    7 comments  ·  Content  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Make ConfigMgr work with Autopilot and Enrollment Status Page (ESP)

    When deploying a device using Autopilot, the Enrollment Status Page (ESP) is used to prevent access to the desktop until the device provisioning tasks are complete. But ConfigMgr doesn't integrate with the ESP, so there's no way to wait for packages, apps, or task sequences - the user doesn't know when the process is done. Add that integration.

    898 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    planned  ·  19 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Application Detection - Add Return Code Option - Clear Install History

    Add a custom Return for applications. "Clears Install History"

    I'm currently deploying office 365, which when launched, prompts users to close apps and continue, however they can click cancel. If they click Cancel, it returns a code to CM which is then logged as a failure. I would like to have a Return Code option in the App DT that says, it the App returns code "123456", then exit out as if it never ran, no failure, no success. So in the software center, the icon says "Install" instead of "Retry", and not show a previous failure. It makes ourā€¦

    34 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Enable DA without the need of SCCM

    The pro of Windows Analytics was that you can configure it in every environment without the need to have SCCM or Intune configured.
    Please re enable this way of deployment, also if it's limited to Read-only insights or some features.

    326 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    9 comments  ·  Desktop Analytics  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. BitLocker Network Unlock via CM Client Peer

    Create a Client Setting that would turn the CM Client into a BitLocker Network Unlock proxy agent. This would really enable the powerful BitLocker Network Unlock feature to be widely used and adopted in the enterprise, as the current WDS method is limited.

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Client Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Allow custom icons in software center for Task Sequences

    Split this item from a bigger umbrella item.
    This is to specify an icon per App Task Sequence in the Software Center.

    1,837 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    100 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Apply Configuration Baseline/item during OSD

    When trying to move away from Group Policies to Configuration times/baselines and in every other scenario as well, add a step in Task Sequence to evaluate and remediate select Configuration items/baselines. Then we can select which one of the Configuration Items/baselines should be applied during OSD so the settings are present when the user logs on for the first time

    87 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Modernize the Cloud Management Gateway into an Azure WebApp - Network Security

    Currently the Cloud Management Gateway(CMG) for SCCM is a legacy "Cloud Service" in Azure. This prevents Network Security controls, such as placing a Web Application Firewall in front of the service, or peering it to a Virtual Network to be impossible. There are many customers in both the public and private sector that would like to see the CMG modernized into an Azure PaaS WebApp(ARM). This way they can place the CMG into an App Service Environment(ASE), and enforce Trusted Internet Control(TIC) policies.

    108 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Export lists to Excel/CSV from Desktop Analytics Portal

    Will be great if it could be possible to export data from DA Portal, either after setting up a filter or all data (up to an acceptable raws limit), in order to share lists of apps, devices or drivers with people to review or action on them, regardless of those people not being DA contributors themselves.

    94 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    7 comments  ·  Desktop Analytics  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Add LayeredDriver (keyboard driver) settings in OSD

    I would like to add setting of LayeredDriver (106/109 key, etc.) during OSD (OS deployment).
    These settings are "very important topics" for OSD guys in Japan and Korea.
    Without this setting, the keyboard will become an English keyboard.

    LayeredDriver [Microsoft Docs]
    https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-international-core-winpe-layereddriver

    54 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Delivery Optimisation cache server install failed with proxy

    When a Delivery Optimisation Cache server use a proxy configuration the installation fail (CMCB1910).

    The DoinCSetup log show :
    Setting proxy chain to proxyservername:8080
    ā€¦/ā€¦

     Cound not find existing downloaded content in primary disk cache: H:\DOINC-E77D08D0-5FEA-4315-8C95-10D359D59294\b1.download.windowsupdate.com\mscomtest\cedtest\r20.gif.full
    

    ā€¦/ā€¦

    Failed to find downloaded content in the primary disk caches

    Allow server cache to use a proxy

    60 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Content  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. When you perform a search also include all subfolders

    When you perform a search also include all subfolders by default!

    64 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    8 comments  ·  Application Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Management Insights - Filter Group Name

    Adding the ability to filter the management insights dashboard by group names would allow customers that - for example - can't use cloud services for security reasons to be able to get a full insight into their environment without having to "ignore" results from groups that aren't relevant to them.

    For example, an environment that is unable to use cloud services currently will never have a management insights index of 100%, despite all of their relevant rules being "Completed".

    27 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Ability to trigger reboots through the client WMI SDK

    We need a way to use PowerShell (script) to trigger a Reboot using the Software Center Dialogs. This way we can trigger a reboot at the end of an install which will leverage the CM built-in notifications.
    https://docs.microsoft.com/en-us/configmgr/core/clients/deploy/device-restart-notifications

    Currently, if you have a deployment that triggers a pending reboot, the machine with NOT actually reboot after the install, but instead waits for the deadline. Or if the Deployment had no deadline, the machine will never actually reboot.

    We need a way to have CM trigger a reboot that we can call in a script, so at the end of anā€¦

    28 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  SDK and Extensibility  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. MBAM fully integrated in 1910 does not have enforcement option

    Great to see MBAM fully integrated in CM 1910, but the policy does not have any option to enforce the encryption. User can always postpone it.

    For more info, see this: https://www.youtube.com/watch?v=kRkyx_-l9QU

    56 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1 3 4 5 206 207
  • Don't see your idea?

Feedback and Knowledge Base