Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Azure Stack Support

    As MEMCM supports a number of virtualized environment namely Hyper-V, it would be ideal if support is extended to Azure Stack Infrastructure.

    23 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Provide support Configuration Manager(CM) with Azure AD DS

    Provide support Configuration Manager(CM) with Azure AD DS, which is no require patch management than AD in Azure IaaS. This simplifies our cloud operations. As described on following site, the managed domain of Azure AD DS is listed as compatible with Windows Server Active Directory.

    https://docs.microsoft.com/en-us/azure/active-directory-domain-services/join-windows-vm

    15 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Add check for MECM required firewall ports automatically based on role

    One of the things that would be great is if MECM had a way to detect firewall port-related issues. I feel this could be accomplished using compliance baselines as an example to check for key ports if a particular role is installed.

    For example, if a DP role is on a particular server and there are clients that need to connect to that DP due to the fact they are in a particular boundary group then MECM should do a routine check to see if ports are are open or not. This could be logged in one of the systemā€¦

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Allow disk selection for MP installation

    Similar to DP configuration, please allow selection of a specific disk when configuring the MP.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Fix DP Configuration Process

    Fix problem when configuring distribution point, package distribution for Client packages fail if DP is on remote server (doesn't happen if configuring DP on Primary site). The matter is easily fixed by redistributing the content, but it would be better if you added a wait in the process until DP was configured before trying to push content to it.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Cloud Management: Replacing accidentally deleted Client App

    We recently had a scenario where someone at customer end deleted the Client/Native App from Azure AD stopping Azure AD Token Authentication from working. Clients were not on VPN and no PKI Certificates for Authentication.
    It seems like there is an unsupported way to manually edit SQL DB to re-import a new Client App, but it would be nice to have a supported option with so much CMG adoption lately and the dependency it creates for remote management.

    23 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Boundary Collections

    I would like to be able to automate the grouping of boundaries with the same methods as device collections

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Integrate ola hallengren sql maintenance into configmgr console as the de facto standard

    Integrate ola hallengren sql maintenance into configmgr console as the de facto standard as a built in mecm maintenance task which seems to be the wildly preferred solution to the current built in re-indexing Maintenon task.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Enable Enhanced HTTP by default

    As an alternative to presenting a warning for HTTPS and potentially causing confusion, Enhanced HTTP should be enabled by default and there would be no need for warnings or prompts. EHTTP no longer requires Azure on-boarding so there is no reason not to enable it by default going forward. If the user wanted to use HTTPS they could still do so in the console after initial setup or upgrade is complete. The new warnings for HTTPS do not belong in the initial setup wizard because this is not a setting to be taken lightly, but being presented these choices upā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Unused HW Inventory table columns in SQL DB should be defined as "Sparse"

    After enabling the collection of 3 attributes from the win32_process WMI class from our PCs, the database blew in size, as all other (30+) attributes of that class take up as much disk space as if they had data in them.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Please make inbox/outbox system webservice based instead of SMB based

    It would be lovely to not rely on SMB for inbox and outbox operations since these are very fragile in high latency environments. Changing this to a webservice would be so much like year 2020 technology.

    13 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Specify end date for DP Maintenance Mode

    When enabling Maintenance Mode on a DP it would be handy to specify a "end date" for it to automatically come out of MM on.

    In addition, if there was a way to put a comment when setting MM to record why it was set.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Support for Dedup in content source directories

    The support for Dedup for the content library is fantastic. It would be great to extend this support for content sources as well.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Option to put SCOM Agent into maintenance mode when DP is put into maintenance from ConfigMgr

    It would be nice to have a checkbox like we have for deployments to pause SCOM agent on DPs when setting them to maintenance mode.

    Technically, all DP configurations are done by DistMgr, so it should be possible to update it with re-used code from the client functionality.

    12 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. HTTP Strict Transport Security (HSTS) 'NOT ENFORCED' on CMG provisioned Virtual Machine.

    The VM that is automatically provisioned as part of the Cloud Management Gateway setup from the ConfigMgr console, when security scanned, indicates HSTS is not turned on/ enforced.

    This has been discussed with Microsoft Support and Configuration Manager experts from Microsoft, as this is obviously a concern. All attempts to mitigate this issue failed as any settings made as advised by Microsoft were reverted or failed to mitigate the issue.

    We have assurances the service is secure however, we are aware that HSTS being off is recognised as a vulnerability to Microsoft and you recommend all to enforce this onā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Rename Software Inventory to Software File Inventory or something related to File Inventory

    Rename Software Inventory to Software File Inventory or something related to File Inventory

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Expired MEM evaluation lab kit

    The current MEM evaluation lab kit expired on February 7, 2021. When will it be updated? I downloaded and installed it just days before its expiration. So how much longer can I keep evaluating it? This isn't documented very well.

    https://www.microsoft.com/en-us/evalcenter/evaluate-mem-evaluation-lab-kit

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Use a Stronger Cipher for Client Notification Server Communication

    Use a stronger cipher for Client Notification Server communication.
    A MECM client connects to the Client Notification Server on port 10123 and (on Windows 10) uses the cipher TLSRSAWITHAES128GCMSHA256 to communicate.
    This cipher is marked as weak by some security vendors because it doesn't use ephemeral keys, and past communication is not protected.
    (https://en.wikipedia.org/wiki/Forward_secrecy)
    In an organization where this cipher is disallowed in the org for security reasons, client communication with the Client Notification Server falls back to HTTP, which is completely insecure.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. MBAM consoles and SQL HA

    During the BitLocker user portals setup, the database server name is supplied which the portals use to connect to for key recovery. BitLocker portals do not have a fallback mechanism. If you have an SQL AO configuration, you need to install a second portal so you can still use the recovery functionality bur you also need to notify every admin user to switch...Not really convenient.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Add extra details in CMG Proxy log (SMS_CLOUD_PROXYCONNECTOR )log

    Add extra details in CMG Proxy log (SMSCLOUDPROXYCONNECTOR )log

    More details for below errors to clearly point out that Network Split tunnelling or Web proxy is bloacking connection /communication would be helpful

    ERROR: Failed to handle response from server. Cound be intermittent network issue. Exception: System.Net.WebException: The underlying connection was closed: The connection was closed unexpectedly.

    This error is collected from SMSCLOUDPROXYCONNECTOR.log

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1 3 4 5 13 14
  • Don't see your idea?

Feedback and Knowledge Base