Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the ? button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Configuration Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Install Servicing Stack Updates Before Other Updates

    Currently, when servicing stack updates and regular updates are deployed in the same software update group, the patches do not apply in a determinant order. This leads to cases where a cumulative update that requires a new servicing stack is installed before the servicing stack itself.

    While this can be worked around by separately deploying the servicing stack update before updates that require said servicing stack, it would be much more convenient if the update installation process checked if there are any servicing stack updates to be deployed and automatically installed them first

    285 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      7 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
    • Automatically Publish Full Content for Third Party Software Updates

      With the release of CB 1806 we are now able to publish third party updates using custom catalogs. Ideally, third party patches would function exactly like first party patches from an administration and automation perspective. Currently there's two main areas where this is not the case.

      Synchronization Schedule:
      I could be wrong on this but I believe that subscribed catalogs sync automatically every 24-hours. While that's nice, it would be great to simply integrate with the existing sync schedule. Sync the catalogs, publish relevant metadata to WSUS, then sync the SUP(s).

      Automatic Deployment Rules:
      Currently, only update metadata is published…

      184 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        11 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
      • Stop applications reopen automatically after an update is applied by SCCM

        Reopening after restarting Windows...

        After the computer receives Windows Update via SCCM, the computer restarts normally and after the user redo Logon, it automatically reopens the software, such as Paint, Calculator, Google Chrome, Internet Explorer, etc.

        52 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
        • Need WSUS Maintenance tasks

          There should be a few built in maintenance tasks to go through and complete all the maintenance tasks that are needed for WSUS. I find having to run through these steps every month to be quite tedious requiring a lot of change control each month to get the maintenance work completed for WSUS.

          Everything described in this article should be automatically done by CM: https://blogs.technet.microsoft.com/configurationmgr/2016/01/26/the-complete-guide-to-microsoft-wsus-and-configuration-manager-sup-maintenance/

          615 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            23 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
          • Allow WSUS servers to download updates only on HTTPS

            Currently, the WSUS servers connect to the URLs (both HTTP and HTTPS) to download the updates, as mentioned in this link: https://docs.microsoft.com/en-us/sccm/sum/plan-design/plan-for-software-updates#BKMK_ConfigureFirewalls

            This means allowing HTTP traffic to come down to internal servers (by creating exceptions in the proxy settings), causing serious audit failures and security concerns.

            Also, a lot of proxy solutions also have a capability to block the content from whitelisted HTTP URLs if the file size is too large, thinking that it might be malicious content. This again causes problems when Windows 10 Feature and Express Updates are downloaded!

            Hence, it would be great to publish all…

            15 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
            • Office 365 Proofing Tools language Selection

              Office 365 Proofing Tools language Selection:

              In SCCM, we cannot select the Office 365 Proofing Tools Languages along with the Office 365 Client Update. But, if we choose the Office 365 languages then the respective Office 365 Proofing tools language will be selected.

              Office 365 language size will have ~400-500MB and the Proofing tools language size will have 30-150MB. So, if we select ONE language, then it will be around ~450-650MB. Here most of the users will not have Office 365 language Pack, but they will use Office 365 Proofing Tools languages for Grammer, Spell check, etc.

              As per the…

              21 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
              • Add software updates package source restrictions or warnings

                When a software updates package is created, the given path is cleared of any existing content. This is very destructive if an incorrect path is given. One of several things should happen:
                1. Restrict the location of software updates packages if another package is using the same folder or any folder below.
                2. Warn if additional content is detected in the given path for a software updates package.
                3. Not clear additional content from software updates packages source locations.

                We recently ran into this with a co-worker making documentation and put in the root path for all of our packages…

                10 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                • The Office 365 updates behavior in SCCM 1802 still feels off and unpolished

                  We still see prompts for closing running office applications and while Software Center displays a reboot required, the update doesn't seem to get installed unless manually triggered through the in-app notification.

                  59 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    6 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                  • Provide an Install Updates TS step which uses DISM

                    There should be an Install Software Updates TS step which allows you to select an existing Software Update Group/Deployment Package and apply all those updates using DISM rather than just triggering a scan of available deployed updates.

                    5 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                    • Bring Servicing Plans into Parity with WUfB/Intune or Kill Them

                      Since the initial release of Win 10 servicing plans they haven't kept up with their WUfB/Intune companions. While I can appreciate that many are not using servicing I feel it's a bit of a chicken and egg problem.

                      Specifically:
                      Remove SAC-T at some point (Win 10 1903 and beyond won't have it)
                      Increase the delay to 365
                      Configure the uninstall period (2-60)
                      Support the Insider releases.

                      Alternatively, since WUfB is now integrated into the console just get rid of servicing plans entirely. In such case you may want to integrate the dual scan configuration into the WUfB node.

                      9 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                      • 68 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          7 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                        • Software Updates and Required count can link to all devices that need the update.

                          When you're in "Software Updates", there is the "Required" column that shows you a number of devices that need that particular update. It would be nice to be able to add something to a right click menu to automatically create a collection of those devices that need the update. Something similar to what you have when you create a Baseline Deployment.

                          2 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                          • Support Phased Deployments in Automatic Deployment Rules

                            I think this is pretty straight-forward. If the Phased Deployment feature is to become a thing for software updates it needs to be supported as part of ADRs. If organizations are manually deploying updates then they're simply doing it wrong. If anyone thinks I'm transitioning from automated deployments to manual phased deployments they vastly underestimate my laziness.

                            0 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                            • defender updates category

                              Defender Updates are released using a wrong category. They are tagged as "Definition updates" instead of Security (or whatever would fit in this place). The wrong category caused hundreds of machines installing the broken update 4052623.
                              Customers tend to deploy Updates of the category Definition updates directly to all machines using ADRs. So there is no testing upfront. Changing the category to something else would make ADRs ignore the engine updates and only deploy Definition updates.
                              Customers would be able to create a separate ADR for engine updates and have those being tested before deployment to all machines.

                              4 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                              • Software Updates Required View Status

                                Software Updates Required View Status

                                Can we get an option to view status like in deployment status to view machines that are required and installed? We have no idea what does machines are.

                                Thanks.

                                14 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  2 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                                • Have a SUS Blog that is staffed or updated during the monthly Patch release so we can quickly and efficiently locate any problematic updates

                                  Have a SUS Blog that is staffed or updated during the monthly Patch release so we can quickly and efficiently locate any problematic updates.

                                  For example we had various issues last year with different monthly .NET updates and this past week with the March updates, a known PXE issue impacting SCCM due to an update. I also had to open a CritSit case Sunday evening because our SUS server could not synchronize with Microsoft internal servers and was told it was an internal Microsoft server issue but it was not posted/blogged or communicate anywhere for customers. We should NOT have…

                                  3 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Manage PKI Certificate for 3rd Party Update Signing in ConfigMgr

                                    Include directly in ConfigMgr the ability to manage a PKI certificate for 3rd party software update signing as opposed to requiring SCUP.

                                    With the functionality for 3rd party software updates moving from SCUP into ConfigMgr it would make sense (and this may already be in progress) to include the ability to manage a PKI certificate in ConfigMgr as well. Currently if you want to sign 3rd party software updates with a PKI certificate you are required to manage that certification using SCUP which means you might as well just keep using SCUP to publish the updates.

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Add Specific Permissions for Managing 3rd Party Updates

                                      I would like to see specific permissions for adding/managing a 3rd party software update custom catalog as well as a specific permission to "Publish third-party software update content".

                                      In our multi-tenancy ConfigMgr environment we have lots of different organizations using the same instance and being able to limit this functionality to just the top-level administrators will prevent hundreds if not thousands of unnecessary updates from being published.

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Copy selected text of an ADR preview

                                        I would be handy to copy the selected text to finetune the ADR afterwards. Now we have to take a screenshot to know the Bulletin ID.

                                        3 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Third Party Updates Bios Password save location

                                          We use a bios password (requirement from our Security admin) which means that Third Party Updates for Dell fail because it can't access the Bios to update. The ability to save a Bios Password somewhere in SCCM TPU's area to be supplied to the TPU process when required. Not sure how complicated this is or how it could be done, but currently the bios update option doesn't seem possible using TPU if you have a Bios password. Yes, I realize I can use CCTK to create a manual deployment but obviously TPU is much simpler. I have verified that once…

                                          2 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 19 20
                                          • Don't see your idea?

                                          Feedback and Knowledge Base