Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add Delivery Optimization and Connected Cache Monitoring to Endpoint Analytics

    An extra log workspace in azure is required to monitor delivery optimization. It would make sense to integrate the monitoring of DO and MCC into the endpoint manager. In addition, it would be helpful to get suggestions in which group do/mcc is not working well and something needs to be optimized.

    Endpoint Analytics would be the right place to collide the monitoring data with the other client data.

    Monitoring is the basis for building an efficient DO network.

    57 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Install Servicing Stack Updates (SSU) Before Other Updates When User Initiated

    The Current Branch 2002 release introduced a feature to install SSUs first but only when triggered by the deadline.
    From the docs:
    "SSUs are installed first only for non-user initiated installs. For instance, if a user initiates an installation for multiple updates from Software Center, the SSU might not be installed first."

    A lot of work has been put into encouraging user-participation in the patching process. I want the user to decide when they're ready to install the updates and avoid situations where the deadlines impact their work. In those scenarios the behavior introduced in 2002 therefore not helpful.

    Iā€¦

    155 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Include "ODBC Driver for SQL Server" in Windows Server Update Services (WSUS)

    It would be great if Microsoft could include updates for the "ODBC Driver for SQL Server" (https://docs.microsoft.com/en-us/sql/connect/odbc/download-odbc-driver-for-sql-server) in Windows Server Update Services (WSUS)

    Thanks a lot for votes!

    24 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. child SUP content version

    Currently a client receives an 'available' SUP list to select a SUP to sync from with the sproc MPGetWSUSServerLocationsWithBGR. This sproc requires a parameter called iContentVersion, which the client receives through machine policy and is the ContentVersion of the Primary SUP, even if the client is using a secondary SUP. The sproc however does not offer SUPs with lower ContentVersions, thus if the client's secondary SUP is at least 1 version behind its Primary's the current secondary (Boundary Group local) SUP won't be offered for the client. Also, if Fallback is enabled and due to the ContentVersion mismatchā€¦

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Child SUP sync notification

    At the moment a child SUP syncs with the parent by receiving a notification file which is sent from the parent via standard file replication. This is sub-optimal because if other files like packages are already maxing out the enabled sender threads, or if the sender is limited or closed via sender settings, the child SUP sync will be delayed.
    Suggestion is to notify the child SUP via DB replication.

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. SCUP has a package limit of 2GB

    SCUP has a package limit of 2GB built into the code:

    newItem.FileSize = Convert.ToInt32(new FileInfo(validPackageSource).Length);
    --- This is an Int32, and the max size of an Int32 is 2GB.

    This should be changed to either UINT or ULONG to allow for larger update packages.

    34 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Provide a consistent deployment strategy for updating MS applications

    Different products teams decide how they will deploy there updates and various methods are needed to control deployments.
    Example: MS 365 Apps, Edge, AIP are available as software updates which is very good. OneDrive they ask you to go out to this site and check when the update will be available to the enterprise ring. https://support.microsoft.com/en-us/office/onedrive-release-notes-845dcf18-f921-435e-bf28-4e24b95e5fc0?ui=en-us&rs=en-us&ad=us. You then have to download it and deploy it before the date to stop it from pulling down from the internet. Teams no way to control it and no idea when it will update. PowerBi have to go out download and deploy it.ā€¦

    30 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Third-Party Updates Should Not Attempt 3 Downloads from Internet (WUMU)

    When deploying third-party updates using CMG, the client will detect it's on the internet. In the CAS.log, you will see it things it should reach directly out to windows updates (WUMU) in the CAS.log. The DP returned on ContentLocation.log is actually the internal WSUS location of where the third-party update was downloaded. This path is not resolvable from an internet client and shouldn't be used.

    If the client detects it's on the internet, it should never attempt to download from windows updates, since these updates are not applicable for that scenario. The update will timeout after 3 minutes and 3ā€¦

    93 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. WSUS - add ability to decline updates for specific computer groups

    In the WSUS console, computer groups are used to assign approved updates. It would make a lot of sense to also have the ability to Decline updates for selected computer groups.

    Example scenario:
    - You have computer groups: Windows Clients and Windows Servers.
    - You want to approve Office updates for Windows Clients, but Decline them for Windows Servers.

    Even if the Office updates are not approved for servers, they will be reported as "Needed" in the console when Office is installed on servers.

    It would make a lot of sense to have the ability to not only Approve, butā€¦

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Ability to deploy ARM64 Hardware drivers and Firmware with SCCM WSUS

    With all ARM64 firmware and driver updates only available from WU and no OEMs offering direct downloads; please provide the ability for WSUS to import ARM64 firmware and drivers. Many enterprise companies cannot use Intune to manage as it disconnects reporting and ease of deployment managment from SCCM. Please include all OEM ARM64 not just Surface Pro X.

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Orchestration Groups is by far under supported


    • We need better ways of assigning devices to OG's

    • We need PS administration.

    • Or at least we need better WMI documentation

    There are some bugs:
    * when you reset OG settings for a client, the client's status is not updated)
    * we have OG's that are listed as "failed" but where all members are Idle,
    * we have OG's where all or a lot of the clients are "waiting" and have been for a long time, and nothing happens

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Pull Feature Update packge from Microsoft during MECM Task Sequence

    Now that we can deploy Task Sequences over CMG, it would be a great if the Feature Update itself could be pulled directly from Microsoft instead of from the CMG (which would be costly)

    A built in step that can pull from WU/MU

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Servicing Plans should evaluate builds on Availability Date not Revision Date

    Servicing Plans, effectively, don't work anymore. I had this process setup to be automated with different deployment phases at 30, 90 and 180 days. This process no longer works because Microsoft has been releasing newer versions of the upgrades that reset the release date.

    So now build 2004, which released over 300 days ago, doesn't qualify for my 180 day General Release plan. Microsoft released an updated upgrade file on 11/9/2020, only 142 days ago. This revision was also 14 days BEFORE the 180 days was up, so build 2004 was never picked up by my Servicing Plan.

    This forcesā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Ability to add bios password to Dell third party updates so they install via SCCM

    We have setup and are using third party updates from the Dell catalog.
    we have this working very well BUT we are only using it for drivers as bios and firmware updates will not work because we are not able to add our bios password to the Dell updates. It would be nice to have the ability to get this fixed as most enterprises that use SCCM would have there workstations protected with bios passwords.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Additional guidance

    Need more specific instructions on deploying Office 365 updates on a NON-Connected SCCM Server after synchronizing them per your instructions. The synchronization process works, but finding the correct folder to point SCCM to for downloading is problematic at best and certainly not intuitive. Please provide additional instructions. Also, would be beneficial if SCCM could traverse from the root imported folder to find the update you are downloading locally for deployment.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Support Microsoft 365 Updates download via CDP

    According to https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/use-a-cloud-based-distribution-point#limitations, and as we experienced, Microsoft 365 Updates will fail to download M365 Update content from the CMG's Cloud Distribution Point.

    They simply fail to download from the CMGs CDP resulting in a horrible user experience and support nightmare.

    Companies like ours are unable to leverage the Office CDN, with its many, many possible IPs behind it, due to limitations of the VPN split tunnel software, the web proxy, and / or the Firewall in dealing with these CDNs with their many possible IPs.

    As such, it would benefit many of us in this situation, in supportingā€¦

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Place Server in Maintenance Mode in SCOM when it is patched via SCCM using Maintenance Window in Deployment Collection

    Business requires to suppress the false alerts in SCOM during monthly patching window especially for Windows Server. So if possible before updates installs via SCCM that particular client has to go Maintenance Mode in SCOM..

    Please let me know if that function is already available in SCCM current branch

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Orchestration groups - Granular behaviour for different types of update

    Adding more granular control to the behaviour orchestration groups depending on types of updates would improve the feature greatly.

    For example, specifying different behaviour for different types of updates - customers probably don't want to run pre-scripts and post-scripts or even potentially any orchestration for definition updates, whereas they might want to for other types of updates

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Make Orchestration more useful for Clusters

    I wish Orchestration can pick up the secondary servers to patch first and then patch the primary server. This is a big help for clusters because I don't need to worry about too many failovers.
    Right now you can achieve this but you need to manually feed the machines and specify the sequence which is more prone to mistake.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Add an option to copy a deployment to another collection

    Similar to a phased deployment, it'd be nice to have an easy way, in the SCCM console, to copy a deployment to another collection.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1 3 4 5 25 26
  • Don't see your idea?

Feedback and Knowledge Base