Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. set-cmcollection does not terminate on name collisions with errors in -errorvariable and doesn't seem to work with try/catch

    If we could get this functionality it would go a long way in automating collection management.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  SDK, PowerShell, and tools  ·  Flag idea as inappropriate…  ·  Admin →
  2. Configuration Client Setting - Turn off Application Website Point

    Since SCCM CB 1806 it´s possible to use Software deployment to user without Application Catalog Website Point.

    In an CAS environment it should be possible to turn off this setting otherwise if one primary server has installed this role, this setting will be setup to AUTOMATICALLY or you can select the server with the role installed.

    This is a problem if you use it in different location with different setup, to turn off brings up more flexibility.

    In my case i must now wait that other regions will remove this role.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Center  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make client CIM methods work over WinRM

    Currently using Invoke-CimMethod will fail on remote clients unless you use a CimSession with a CimSessionOption specifying the DCOM protocol.

    The server side classes work great with CIM cmdlets, it'd be great if there were parity there with the client classes, especially since PowerShell 6.0 doesn't include the WMI cmdlets that people will gravitate toward to use DCOM.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SDK, PowerShell, and tools  ·  Flag idea as inappropriate…  ·  Admin →
  4. write the Client MP and DP configurations in registry or WMI

    I have multiple MPs and DPs that are assigned to a client.

    From the client (not using the servers or SQL) I cannot find a way to tell what the MPs and DPs are assigned in the Boundaries?

    currently I can pull current management point with the following PowerShell:
    $sms = new-object –comobject “Microsoft.SMS.Client”
    $sms.GetCurrentManagementPoint()

    Can you write them to the registry or WMI?

    maybe something like this ...

    ManagementPoints\MPServer1
    \MPServer2
    \MPServer3
    \MPServer4

    DistributionPoints\DPServer1
    \DPServer2
    \DPServer3
    \DPServer4
    \DPServer5
    \DPServer6

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    declined  ·  1 comment  ·  SDK, PowerShell, and tools  ·  Flag idea as inappropriate…  ·  Admin →
  5. Improve Android Hardware Inventory to include "Android Security Patch Level" in SCCM / Intune Hybrid

    Current "Intune Company Portal" do not report "Android Security Patch Level" as part of the Android Hardware Inventory to SCCM in a Hybrid environment.

    This is important as our security policy requires that the device must be up-to-date on Android Security Patch inorder to be "In Compliance"

    From an administrative point of view it should be possible to have an overview of your Android devices to verify whom devices that has been upgraded with the latest security updates from Android.

    Security Vulnerabilities are rapidly increasing for mobile devices, e.g. the previous KRACK Vulnerability. Hence it would great to see that…

    105 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Cloud services  ·  Flag idea as inappropriate…  ·  Admin →
    declined  ·  djam responded

    Moving this request from SCCM UV to Intune UV.

  6. Microsoft /windows store reinstaller

    Secondary store application reinstalling for cloud zip/app downloading

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriate…  ·  Admin →
  7. intune approval routing

    We need the ability for application approval routing for intune apps.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    declined  ·  0 comments  ·  Application management  ·  Flag idea as inappropriate…  ·  Admin →
  8. OpenVPN support on 3rd party providers

    Please add OpenVPN support on 3rd party providers to manage OpenVPN on MDM Intune Devices

    24 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriate…  ·  Admin →
  9. Sharepoint

    Please, do you have an answer for the below questions? Or, can you point me to the Group that could answer these?

    Customer wants to patch the Sharepoint farm through SCCM without manually intervening on the servers for this. I told him this is by design and that the Updates tagged with “farm deployment” are not listed in SCCM, because they specifically require User Intervention. The reason for not showing SharePoint Farm Updates in SCCM is due to the update behavior of Sharepoint. a farm update is installed on 1 of the servers and manually distributed over all other servers…

    39 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →

    This suggestion was flagged for moderation which brought it to my attention. I’ve cleared the moderation flag, but I am also going to close this out and return votes back to supporters.

    It reads to me like you need some collaborative assistance with other members of the Configuration Manager community, and this is really not what UserVoice is designed for. UserVoice is meant to be a platform for providing suggestions and feedback to the Configuration Manager product group.

    A good starting point for these questions would be the TechNet forums at: https://social.technet.microsoft.com/Forums/en-US/home?category=ConfigMgrCB

  10. Locate Device

    Ability to locate the device (very usefull if a user lost the mobile phone)

    40 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Cloud services  ·  Flag idea as inappropriate…  ·  Admin →
  11. Read Only Intune connector

    Please can we have a read only Intune connector so that we are able to have asset information from standalone Intune in SCCM.

    We would like to be able to utilize asset information in the way that you can with hybrid Intune, without having to use hybrid Intune. AS far as i can tell, this is not currently possible in any other way.

    22 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Cloud services  ·  Flag idea as inappropriate…  ·  Admin →
  12. More possibilities when locking a Device

    More possibilities when locking a device.

    In other MDM Systems you have the possibility to write a text which should stand on the display (for example if you lose your phone an someone finds it you can write to the display "please call this number *** when you find this phone")
    In other MDM Systems it's also possible to change the PIN Code for the phone, to what the admin wants, while locking the device. (also

    27 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add "AD Powershell Module" as Optional Component for boot images

    It would be very handy to have the AD powershell module that's included in Windows Server and RSAT as an optional component for boot images. I've been including this manually in my boot image as per this article [https://social.technet.microsoft.com/wiki/contents/articles/24413.add-powershell-active-directory-module-in-windows-pe.aspx], but of course with SCCM now being updated so frequently, I have to constantly re-embed this powershell module in the boot WIM. Querying AD during OSD seems like a fairly common requirement, so this ought be quite an easy feature to justify, and relatively trivial to implement.

    13 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Operating system deployment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Increase Technical Preview client limit from 10

    Currently SCCM technical preview only has limited client support of 10. This is inadequate amount for any mid to large company. We cannot accurately ***** the new features on how they will respond to our network and OS configurations.

    It should be 20+ for technical preview. Otherwise we cannot mimic our actual environment very well at all.

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Site deployment and infrastructure  ·  Flag idea as inappropriate…  ·  Admin →
    declined  ·  djam responded

    This is by design. TPs should not be used for pre production testing, or to mimic actual environments. This is not their purpose. They are for early customer feedback on features that are very early in the engineering cycle, so customers can influence our design in those features. The TP builds barely work. Often times, some features in those builds won’t work at all. We ship them anyway, because we want as early as possible feedback on new features. If you need environments that mimic production environments, and are used for preproduction… then the production builds are the correct option.

  15. We hope to Enhanced SCEP Client's Advanced Protection Features

    We hope to Enhanced SCEP Client's Advanced Protection features

    ① Add Exploit Prevention Features
    ② Add Network Intrusion Protection Features
    ③ Add Network Filter URL Protection Features
    ④ Add Anti-Ransomware the File Backup Features
    ⑤ Improved Anti-Malware Engine More Malware Detection
    ⑥ Improved user interface operation and function
    ⑦ Improved Behavior Analysis Detected Malware subsequent rollback Features

    123 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Built-in security role for MDM in ConfigMgr and Intune hybrid scenario

    It would be helpful to have a built-in security role in ConfigMgr current branch to grant MDM administrators rights to configure and administer devices, policies, applications, etc.

    15 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Cloud services  ·  Flag idea as inappropriate…  ·  Admin →
  17. 3rd Party Patching

    Integration for SCUP 2011 is there but this hasn't been updated for some time. Without the use of additional licensed software its basically impossible to patch 3rd Party products such as firefox, chrome, iTunes, Java. New application versions need to be created and distributed each time. An OOB method for 3rd party patching would be a godsend

    325 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →

    We are going to split this idea into two items

    To Vote/Give Feedback for “3rd party patching – Catalogs” go here
    https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/8803744-3rd-party-patching-catalogs

    To Vote/Give Feedback For “3rd party patching – SCUP Integration with SCCM Console” go here
    https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/8803711-3rd-party-patching-scup-integration-with-sccm-co

  18. Allow Users to have more than 10 votes on UserVoice

    Currently the site is limited to 10 votes only. This means that after giving my votes to other people's ideas I can't create a new feedback item. If you value field feedback, feedback should not be limited to a number of votes.

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    declined  ·  3 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  19. PowerShell Cmdlets without console

    Currently you have to install the ConfigMgr console in order to use the powershell cmdlets. It would be much easier to manage these cmdlets if the dependency on the console was removed. After all you might want to install this on a server which is designed to manage code which runs server core.

    21 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  SDK, PowerShell, and tools  ·  Flag idea as inappropriate…  ·  Admin →

    The Cmdlet Library is tightly coupled with the administrator console and the engineering investment to decouple them doesn’t make sense at this time nor is this something we are likely to ever do.

    The console was developed before the cmdlets (unlike products like Exchange, VMM, and MDT which have PowerShell underpinning the console) which means to truly “fix” this we would need to literally flip the entire console design from being PowerShell built on top of the console to the console being built on top of PowerShell. It’s pretty obvious that this would be a massive undertaking and we simply don’t have the engineering resources to do this. If at such time we decided to re-architect the console we would definitely ensure PowerShell is a first class citizen in the design.

    As a workaround today, you can use PowerShell remoting to connect to a machine that has the administrator…

  20. SCCM Client Actions: Add 'Run All' button

    On client machines, in Configuration Manager Properties and the Actions tab I would like to see the addition of a 'Run All' button rather than having to click on each individual action and then click Run Now.

    Thanks,

    Andrew

    54 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base