Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Revamp ConfigMgr's cluster patching, and remove it from PreRelease

    Cluster patching feature was added in #SCCM CB 1602, but has been in prelease for a long time. It needs to:
    1) Have improved/revamped UI
    2) Remove dependency on collections
    3) Orchestrate patching for any machines, not just servers/clusters
    4) Remove the feature from prerelease

    674 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    31 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  2. Make ConfigMgr work with Autopilot and Enrollment Status Page (ESP)

    When deploying a device using Autopilot, the Enrollment Status Page (ESP) is used to prevent access to the desktop until the device provisioning tasks are complete. But ConfigMgr doesn't integrate with the ESP, so there's no way to wait for packages, apps, or task sequences - the user doesn't know when the process is done. Add that integration.

    880 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  19 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Install Servicing Stack Updates Before Other Updates

    Currently, when servicing stack updates and regular updates are deployed in the same software update group, the patches do not apply in a determinant order. This leads to cases where a cumulative update that requires a new servicing stack is installed before the servicing stack itself.

    While this can be worked around by separately deploying the servicing stack update before updates that require said servicing stack, it would be much more convenient if the update installation process checked if there are any servicing stack updates to be deployed and automatically installed them first

    1,675 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    43 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  4. Pause a Task Sequence when you want, as many times you want with just a variable

    By default you can pause a Task Sequence by adding a step in the TS that will display a msgbox.

    It would be cool to be able to pause a TS when you want and as many times you want.

    It is possible by changing the ztiutility.vbs file and add the below process:
    - Create a new TS variable TSPause
    - If this variable is configured to True a msgbox is diplayed

    See a post I did about this:
    http://www.systanddeploy.com/2020/02/pause-task-sequence-when-you-want-with.html

    61 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for suggestion, updating status to Noted – see https://docs.microsoft.com/en-us/configmgr/core/understand/find-help#send-a-suggestion for an explanation of each value.

    We can certainly see the value here when testing though there’s some overlap with the task sequence debugger too, have you tried that out?

    https://docs.microsoft.com/en-us/configmgr/osd/deploy-use/debug-task-sequence

  5. Enable DA without the need of SCCM

    The pro of Windows Analytics was that you can configure it in every environment without the need to have SCCM or Intune configured.
    Please re enable this way of deployment, also if it's limited to Read-only insights or some features.

    307 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Desktop Analytics  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow custom icons in software center for Task Sequences

    Split this item from a bigger umbrella item.
    This is to specify an icon per App Task Sequence in the Software Center.

    1,788 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    99 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Apply Configuration Baseline/item during OSD

    When trying to move away from Group Policies to Configuration times/baselines and in every other scenario as well, add a step in Task Sequence to evaluate and remediate select Configuration items/baselines. Then we can select which one of the Configuration Items/baselines should be applied during OSD so the settings are present when the user logs on for the first time

    80 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Modernize the Cloud Management Gateway into an Azure WebApp - Network Security

    Currently the Cloud Management Gateway(CMG) for SCCM is a legacy "Cloud Service" in Azure. This prevents Network Security controls, such as placing a Web Application Firewall in front of the service, or peering it to a Virtual Network to be impossible. There are many customers in both the public and private sector that would like to see the CMG modernized into an Azure PaaS WebApp(ARM). This way they can place the CMG into an App Service Environment(ASE), and enforce Trusted Internet Control(TIC) policies.

    98 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Role Based Access & Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add LayeredDriver (keyboard driver) settings in OSD

    I would like to add setting of LayeredDriver (106/109 key, etc.) during OSD (OS deployment).
    These settings are "very important topics" for OSD guys in Japan and Korea.
    Without this setting, the keyboard will become an English keyboard.

    LayeredDriver [Microsoft Docs]
    https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/unattend/microsoft-windows-international-core-winpe-layereddriver

    52 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Delivery Optimisation cache server install failed with proxy

    When a Delivery Optimisation Cache server use a proxy configuration the installation fail (CMCB1910).

    The DoinCSetup log show :
    Setting proxy chain to proxyservername:8080
    …/…

     Cound not find existing downloaded content in primary disk cache: H:\DOINC-E77D08D0-5FEA-4315-8C95-10D359D59294\b1.download.windowsupdate.com\mscomtest\cedtest\r20.gif.full
    

    …/…

    Failed to find downloaded content in the primary disk caches

    Allow server cache to use a proxy

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Content  ·  Flag idea as inappropriate…  ·  Admin →
  11. MBAM fully integrated in 1910 does not have enforcement option

    Great to see MBAM fully integrated in CM 1910, but the policy does not have any option to enforce the encryption. User can always postpone it.

    For more info, see this: https://www.youtube.com/watch?v=kRkyx_-l9QU

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. When you perform a search also include all subfolders

    When you perform a search also include all subfolders by default!

    58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Make WOL Addressdata configurable

    For our environment it would be great if we can specify the IP-address where the Packets are send to. Because we use Switches with 802.1x the Computer is not in the same vlan that it is when it runs. Because of "control-direction in" the packages of the isolate-vlan will be broadcasted if the device is not authenticated. If we can specify the destinationadress, we can set the address to the network-broadcast of the isolate-network and the packages will be delivered correctly by routers and switches. This is already working with other tools.

    73 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Client Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Detailed Windows crash data in Desktop Analytics

    Device Health in Windows Analytics has lots of useful information about Windows crashes, such as what caused the blue screen, the driver version, and other information. This information can be used to develop proactive improvement plans to improve the general reliability of our desktop environment and end user devices.

    Could you please add this functionality to Desktop Analytics? It would complement the existing information being reported for O365 reliability, although this is currently somewhat hidden by the M365 UI.

    123 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Desktop Analytics  ·  Flag idea as inappropriate…  ·  Admin →
  15. Export lists to Excel/CSV from Desktop Analytics Portal

    Will be great if it could be possible to export data from DA Portal, either after setting up a filter or all data (up to an acceptable raws limit), in order to share lists of apps, devices or drivers with people to review or action on them, regardless of those people not being DA contributors themselves.

    67 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Desktop Analytics  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow users to plan any deployment with a time picker

    Available, required, doesn't matter.
    Give users a "Plan" button, like we have with required deployments, and allow them to pick a time, and allow them to reboot after the install is done.
    Right now, the "Plan" button is only present on Required deployments with a deadline.
    Right now, the "Restart automatically my computer if needed" checkbox is only present if you choose "Outside my business hours".

    Yes, this is a three-for-one. Inspired by Brian Dam's tweet https://twitter.com/bdam555/status/1220469791284219904

    Use case 1: User has been instructed to install an available application, but is busy working. User plans the install for 11:30, where…

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Center  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add Option to Bypass Proxy for Local Address for ADR Content Downloads

    It would be extremely helpful to have an option in the software update point site system to bypass a proxy for a local address. The only options today are (see Current-SUP-Proxy-Options.png):


    • Use a proxy server when synchronizing

    • Use a proxy server when downloading content by ADRs

    The issue is when an ADR tries to download a third-party software update, it will attempt to use a proxy server and often fail because the proxy doesn't route correctly to the internal WSUS server. For example in patchdownloader.log, you will see something like <Download-Error-PatchDownloader.png>.

    There needs to be an option to not use…

    72 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  18. Remote Control: Improve Multi-Monitor Experience

    Business Case (I know how you PMs love these):
    The current CB 1902 implementation is going to make this conversation part of our helpdesk script:
    “What screen is the app on?”
    “Can you move that window to the monitor where X is showing?”

    “No, not that one.”
    “Nope, still don’t’ see it”
    “Ok let me reconnect in full screen, please accept the prompt again.”
    “No no no, don’t hang up the phone, that’s not how this works.”
    “Ok, you should see a prompt to allow me to connect.”
    “Nope it’s there, trust me.”
    “Got it, thanks. Ok, let me move…

    300 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Remote Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. The Summary and Details about the Distribution Point Configuration Status is inconsistent

    The summary can remain blocked under an “error” status even when all the statuses from the “Details” tab are “Success”.

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Content  ·  Flag idea as inappropriate…  ·  Admin →
  20. Download Office 365 Updates from a connection point

    Need the ability to pull Office 365 Updates from a server that is not the primary site server. This would be similar to the CMG connection point or Service connection point.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 201 202
  • Don't see your idea?

Feedback and Knowledge Base