Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Co-Management Bug - Windows Update for Business & Feature Upgrade's

    As per Microsoft documentation,

    While Windows 10 feature updates remain in public preview, when co-managing devices with Configuration Manager and Intune, there is a limitation where feature update policies may not immediately take effect, causing devices to update to a later feature update than configured in Intune. This limitation will be removed with a future update to Configuration Manager.

    When is this bug scheduled to be resolved?

    We have recently moved the Windows Update workload to Intune and now have to pause the feature upgrades for each WUFB ring every 35 days to prevent devices from randomly upgrading to theā€¦

    44 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Show the expiration date of the CMG certificate

    When you open the properties of CMG, the expiration date of the CMG certificate should be shown.

    And there should be a console notification if the expiration of the certificate is in less than 7 days.

    26 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Co-Management Management Insights

    As we move workloads to Intune, there may be an existing, legacy mechanism that prevents the workloads from successfully being enabled. A Management Insight would alert the admin, if a client scoped for co-management, was also assigned a policy that would prevent the workload from moving successfully.

    For Example:-


    1. Moving the WUfB workload to Intune.

    A legacy GPO that "Disables Automatic Updates" will render updates disabled after the workload is moved to Intune - there is not an equivalent CSP that "Enables Automatic Updates" that gets pushed from Intune Policy to override/block the GPO


    1. Move Office C2R Apps to Intune
    2. ā€¦
    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. CMG monitoring

    Have a way to know if the CMG service is running other than going in the console in Administration - Cloud Services - CMG and checking if the status is Ready or stopped.

    We need to be alerted and/or have the ability to see in monitoring tools like scom that it's not Ready like all others services in configMgr

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. cmg ipv6 support

    Support ipv6 for CMG.

    We have a ipv6-only data center and users networks. We do not want to use 6to4 services

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Get collection and client details in intune with azure ad only user

    It looks like it is not possible to use the 'collection' and 'client details' tab in Intune for a co managed device with an Azure AD user.

    In this article (https://docs.microsoft.com/en-us/mem/configmgr/tenant-attach/troubleshoot-client-details) is described that an account is needed which is discovered by AD and Azure AD Discovery --> 'synced Account'

    We have separated the administrative accounts for our on-prem environment and Azure AD. It would be great to use an azure ad user to use the 'client detail' and 'collection' tab.

    16 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Resultant workload setting in sccm for co managed devices.

    Like we have resultent client setting in SCCM.
    It's good if we have similar resultant seting for workload in sccm

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Please allow scripts to work from MEM portal with Parameters

    Per
    https://docs.microsoft.com/en-us/mem/configmgr/tenant-attach/scripts

    Scripts that have parameters aren't supported at this time and won't be visible in the Microsoft Endpoint Manager admin center. Please allow scripts to be visible

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Apply Device Name Template for Co-Managed Environment.

    The Device Name template is currently available if you're in a co-managed environment, it's only available for AAD Intune managed only environment.

    I'm aware we can write a PowerShell script to set the computer name, but it gets a bit ugly when you have to delete the Intune Computer Object from AAD and then delete the Intune created object from AD after it syncs. Then rename the computer with a powershell script which requires a reboot and then you have to wait for the Intune and Configmgr to sync.

    Please make this template option available for co-managed environments.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Switch CMG connection point without forcing client to connect to ConfigMgr site

    When replacing our CMG with a new deployment, many clients on the outside was no longer able to communicate home without having contact with the ConfigMgr site.

    SCCM should send the new cmg details with a client push when the gateway connection point changes, so that clients remain online.. instead of waiting for them to return home, and in some cases, forcing them to connect home to be updated. Creates much manual work from IT.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Make ConfigMgr devices (Co-mgmt/Tenant attach) synched to MEM console support scope tags

    Devices that are synched to MEM console from ConfigMgr, for example by Tenant attach, doesnt support scope tags. We got a lot of admins that are just supposed to see their own devices with a specific scope tag, but now they also see all ConfigMgr devices, since the devices doesnt get the "Default" scope tag per default.
    Either implement support for scope tags on those devices, or assign them the default scope tag automatically.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Allow Peer Cache with CMG

    CMG doesn't provide any Peer Cache sources. This make sense, if the client is located on the Internet. But if the client is located on Intranet, then CMG should returns Peer Cache sources.

    Reasons for this is that in many branches the Internet connection would be with higher bandwidth and cheaper, than using internal MPLS.

    If you today want a boundary with CMG preferred for content location, and you still want peering, than you also need to add an internal MP. This also gives the negative effect, that inventory would also go over internal network, instead of going to theā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Allow SCCM to control MBAM after workload moved

    MBAM has been integrated into SCCM really well. However, to enable tamper protection you need to co-manage devices with intune. As soon as you move the workload from SCCM to intune (device management) you lose the ability to use SCCM. This means you lose either the ability to pop up a pin dialogue in user mode or tamper protection in the Defender AV.

    In this case the products become mutually exclusive. Please add an option to allow MBAM to be continued to be managed by SCCM so we can use both Tamper protection and the pin popup provided by MBAM.

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Combine the Co-Management Properties / Statging tabs.

    The tab for Co management is slightly confusing. The workloads tab and Staging tab should be combined. It will make more sense if you know that when selecting Pilot Intune just to the right is the collection and browse button to pick the pilot collection.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Add better integration between ConfigMgr Cloud Services and Azure for removal of services and related items

    If I delete my Azure Services and delete their corresponding components from my tenant, they still remain in the Applications pane of the Azure Active Directory Tenants node. Whenever I attempt to add the Azure Service back, like Could Management, it will give an error about the tenant already existing (which is confusing) which is telling me that the Application is already in my tenant (even if it has been deleted). So if I've already deleted the Application from my Azure tenant the wizard expects me to re-use it but it's no longer available to use. The fix has beenā€¦

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Better SCCM and WSO Co-Managment

    Please add the ability for admins to use ConfigMgt and WSO together. We currently can not deploy Autodesk or Adobe via WSO due to being over 5GB and our organization is not willing to upgrade this limitation on WSO.

    Please make it optional for Software Centre to be allowed to install required and available applications and packages.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. What is the ideal time for the machine to get Co-Managed

    May I know what would be ideal time for a machine to get Co-Managed.
    Starting the Client (agent) installation, registration in AAD, Workload download and update the Co-Management capabilities.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. RBAC for multiple connected co-management hierarchies per source

    Enable RBAC administration per connected Configuration Manager hierarchy for co-management in single Intune tenant (CM admin of CM hierarchy A can only manage co-managed devices of hierarchy A, definitely not from other connected and co-management enabled hierarchies B, C etc.)

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. CMG reset feature

    I've experienced this situation on a few customer sites. I've been unable to "fix" a broken Cloud Management Gateway which was previously working. On these occasions the easiest way to resolve is to remove and re-deploy the CMG. This always fixes the problem but seems a little extreme. I'd like to see a CMG reset feature (along the same lines of the site reset feature) which resets the CMG services and permissions instead of having to remove it.

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. macOS

    Enable co-management of macOS devices so that they passthrough back into SCCM Console

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base