Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the ? button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Configuration Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Run Scripts: Expand Uses to Applications and Configuration Items

    With 1902 we have the ability to now link a script, in the "Run Scripts" feature, to a step in a task sequence. This is a great step forward, but it could be expanded more.

    A number of businesses have a need for version support/change management/auditing, etc. Its also nice to have your scripts located in ONE location, rather than many. It would be awesome if we could leverage the current Run Scripts as more of a repository, and allow them to not only be used for the actual "Run Scripts" feature, and in task sequences, but also in CI's…

    18 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enable All Subfolders search for Compliance Settings

    Currently you cannot search 'All Subfolders' within Configuration Items or Configuration Baselines. You can only search the current node/folder.

    35 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  3. Compliance state always 'Compliant' when remediation script runs

    Use the output from Remediation to test and see if it was actually successful rather than assuming it was successful. Only way is to have a true non-compliance is to throw a non-zero exit code when using a script.

    For more details see: https://social.technet.microsoft.com/Forums/windows/en-US/0f0f3e6f-7e9f-4376-a926-fc0b6aef5bf1/sccm-compliance-state-always-compliant-when-remediation-script-runs

    15 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  4. If you set "Configuration Baselines" of "Windows Defender Firewall Policy", the event "Invalid namespace" occur

    If you set "Configuration Baselines" of "Windows Defender Firewall Policy", the event "Invalid namespace" occurs as "search configuration error".
    This event only occurs in workgroup environments, but not in domain environments.

    The workgroup client wishes that this function can be used because domain GPO can not be used.

    21 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  5. Import/use ADMX to create Compliance Settings

    Import or use ADMX Files to create compliance settings/items and us SCCM to deploy these Settings instead of active directory gpo

    0 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  6. Wired network authentication profiles

    For networks that require port-based 802.1x authentication, group policy wired network profiles is the recommended way to manage the authentication settings for LAN interfaces. It would be really useful if ConfigMgr could manage and apply the wired network profiles. Managing the settings from ConfigMgr would allow us to take more steps away from using Group Policy to manage device settings.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  7. Certificate Profiles for Servers

    We have some workgroup servers which are unable to access the enterprise CA so we want to deploy some root CA certificates to them per sccm.
    Currently it is only possible to select client OSE's on the supported plattform page. Please allow server OSE's as well.
    Thanks

    3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  8. Set A configuration Baseline as dependency in Deployment type

    At the dependencies tab in deployment type configuration, be able to select a configuration baseline to be evaluated/apply a remediation. Think is a powerful way to set some required settings

    5 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  9. Convert CI from Operating System type to Application Type

    It happens (quite often) when I'm creating a CI in the console that I blaze thru the wizard (accepting defaults) and start building out all my settings, rules, etc. When I'm all done, I close out and then realize that I forgot to configure the CI as an APPLICATION CI with a detection method.

    So now I have to delete my CI, and start all over from scratch. ANNOYING! I would love the ability to "convert" an Operating System CI type to an Application CI type and be able to go back in and add a detection method as appropriate.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  10. Configuration Baselines only create QWORDs

    Right now if you use HKCU and try to create a DWORD value that does NOT exist, even though you set remediation up properly and select the box that says to create the value as a REG_DWORD, it still does not create the entry at all and the baseline reads as compliant. The creation of DWORD values using baselines has been a common post on forums for many years.

    3 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  11. report to show which compliance item is non compliant for a compliance baseline

    report to show which compliance item is non compliant for a compliance baseline

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add option for various actions based off CI status

    Configuration items has statuses of compliant, non-compliant, unknown, and error. It would be a nice expansion of the compliance settings feature to be able to act upon the individual CI status and not the just add to a collection based off baseline compliance.

    Actions that would be of benefit are:
    Add to collection
    Install individual software update or software update group
    Install package
    Install application
    Run task sequence
    Run script

    11 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  13. Report on Local Admin Permissions

    For many years now Microsoft has strongly recommended that Local Admin Rights be removed. Would it be possible to have SCCM report on the contents of the Local Administrators group? Also, could we maybe have a wizard under Compliance Settings to configure these settings. I know Sherry Kissenger from MNSCUG has done a lot of work with this. Maybe the product team could pattern the solution after her work.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add Ability to Remediate Existential Registry Setting Compliance Items

    Currently you cannot auto-remediate a registry compliance item with an existential rule. I should be able to select an option to auto-remediate to have a setting removed much like you can to set a value.

    95 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  15. remediation

    Allow remediation option in

    19 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  16. Fix powershell remediation script to pass failed value from detection script

    Have a failed compliance baseline pass the output of failed powershell script to remediation rather than the compliant value

    8 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  17. Console UI function to invoke evaluation of baselines on clients

    Being able to invoke evaluation of baselines deployed to certain Client or device collection from the Console UI would be very helpful.

    One way to do it would be to add the option in to the Client Notification pane or also known as the "right click tools" see Attached file.

    I have an old blog post on how to invoke evaluation with the help of Powershell but adding it in to the Console UI would be very nice.

    https://timmyit.com/2016/07/26/sccm-and-powershell-trigger-baseline-evaluation-on-client/

    81 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  18. Hide configuration baselines targeted to mobile devices on Windows clients

    In a hybrid environment all user targeted baselines are displayed on Configuration Manager Control Panel utility. In the attached picture from a Windows 10 client, you can see that there are baselines that make sense only on iOS/Android/WP devices.

    Those baselines shouldn't be visible on Windows ConfigMgr client. They just confuse users/admins.

    34 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  19. Integrate MBAM fully in Configuration Manager

    Integrate MBAM fully in Configuration Manager so Bitlocker key management can be done from Configuration Manager.

    65 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow defining custom OMA-URI settings for Windows 10 clients with ConfigMgr client

    Currently you cannot define custom OMA-URI settings for Windows 10 clients with ConfigMgr client. You can only define quite limited set of settings. Unfortunately, there are some important OMA-URI settings that should be set on all Windows 10 clients (DataProtection/AllowDirectMemoryAccess), which are not part of limited available settings.

    This is now one example, but there will be other examples in the future.

    Currently, there is not good way to deploy the setting easily to all clients in the environment.

    69 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base