Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable url-like shortcuts to nodes in the console (ie. deployment saved searches)

    I check up on deployments every few hours, would love to be able to create a shortcut on my desktop to "Microsoft.ConfigurationManagement.exe \Monitoring\Searches\Search99"

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  2 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. allow export all task sequences or folder of task sequences

    We have many task sequences, sorted into folders for multiple users, when it comes to archiving them, it's tedious, we'd like to archive multiple task sequences by user (or by folder), this would be great, right now you have to export one task sequence at a time which is tedious.

    45 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. 86 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Ability to create writable RAM drive when no other writable partiotions available

    The essential need to run executable content from package before drive partitioning step (or any other case of unavailability of writable partiotion). "Data Access" package feature seems not working in OSD TS.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to Noted. See https://docs.microsoft.com/en-us/mem/configmgr/core/understand/find-help#send-a-suggestion for details on each status value.

    Thanks for your feedback, may I ask for more details. Are you saying the ‘Run another program first’ option on the task sequence properties is not working?
    Or how are you launching the executable content? Also, to run from the distribution point using q task sequence step e.g. Run Command Line step or Install Package the task sequence deployment must use "Access content directly from a distribution point when needed by the running task sequence’ set.
    For that that to be set, all referenced packages need the ‘Copy the content in this package to a package share’ set.

    Let us know more about what your trying and we should be able to help out.

  5. Variable with Full OU path

    Take the OU path from 'Network Settings" and turn it into a variable e.g. _SMSMachineOUpath
    I use dynamic variables to determine the OU based on location and device so my Domain OU path has OU=%devicetype%,OU=Location,OU=workstations,DC=Contoso,DC.com
    so it would be nice to have the actual value in a variable that I can reference later say in a script to move existing object to the above created OU. I can see the full path in the SMSTS.log, but not in a variable. Also removing the LDAP:\ from the start could be handy in some situations I guess.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Hi Marty,

    Vlad ask to pass this on:

    He can try at the beginning of TS to add steps to set variables that I listed in my reply to the same strings that he entered in the UI of Network Settings step? Which will result in Network Settings step take the values from these global variables (not from UI, even though they may be the same). But it will also have a side effect that these variables will be available during task sequence for whatever he wants to user them for.

    I’ll have a bit of time at the weekend. I’ve a couple of ideas about removing the LDPA:\\ you mentioned. Can you describe the scenario you want to address, please?

    Thanks

  6. API/PowerShell cmdlet to manage/automate CMG certificate renewals

    Companies are looking for alternatives to the large public CA authorities like Verisign and DigiCert, one such alternative is Let's Encypt. They offer free public-signed certificates, the only problem is the certificates need to be renewed every 90 days. The renewal can be automated using Certbot.

    However there does not appear to be any functionality in the current ConfigMgr release to allow for automated certificate replacement/renewal. This seems to be a gap in the PowerShell functionality.

    Sure its only a few minutes every 90 days to log into the console open up the CMG instance and update the certificate, andā€¦

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Maximum allowed Management Points for a Primary Site.

    We use a multitenant SCCM environment with clients/customers in untrusted forests.
    Because we target users, we also deployed the Management Point role in all untrusted forests.

    At this moment Configmgr only supports up to 15 management points per primary site coming from 10 in the past.

    We would like to see the maximum allowed management points per primary site bumped to a higher level.
    This will give us the ability to stay with a single primary site setup and avoid CAS.

    32 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    8 comments  ·  Multi-Tenant/ISP  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Integrate the Desktop Analytics Logs Collector

    When you need to troubleshoot desktop analytics you can use DesktopAnalyticsLogsCollector.ps1 but then you have collect the log files or have remote access to the clients.

    Can you integrate the Desktop Analytics Logs Collector into the Client Diagnostics work being taken as part of TP 1912).

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Desktop Analytics  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Enhance Phased Deployment for Applications

    TL;DR: Make Phased Deployments for Applications the same as Phased Deployments for Task Sequences where you can create up to 10 phases and manually initiate the second phase of deployment.

    Explanation:
    Currently in 1806 although you can create a phased deployment for an Application, you're limited in two key areas:

    1) You cannot manually create phases for an application
    2) You cannot manually begin the second phase of deployment for an application
    3) You are limited to 2 phases for an application

    In our environment we follow a controlled graceful deployment process where an Application Model application is deployed office-by-officeā€¦

    116 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Application Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. monitor the ConfigMgr PXE Responder Service

    I would like a way to monitor the ConfigMgr PXE Responder Service when an error occurs. For instance, when starting an osdeploy and the bootimage fail to load with error 0xC0000001, the smspxe.log simply stops its output, not generating any error. With the WDS-service, this error was easily detected in the eventlog.

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to Noted, see https://docs.microsoft.com/en-us/mem/configmgr/core/understand/find-help#send-a-suggestion for an explanation of each value.

    Thanks for your feedback, we added the status messages for our ConfigMgr PXE responder in our 2002 release.

    See https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/changes/whats-new-in-version-2002#improvements-to-os-deployment for more information.

  11. Tool to find out what cause SCCM Client installation/Communication failure on Workstations

    In our environment SCCM Server installs client on discovered resource but they failed to install due to machine specific issue, could you prepare a tool which we can give it to floor support technician to run on machine which have SCCM Client issue or Installation failure, the tool should check for all prerequisites for client install also firewall issues like (WMI and File and Print sharing not allowed ) it should the issue with which it becomes easy to fix the underlying problem and get the sccm client successfully deployed

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Troubleshooting & Support  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Show Client Version in HELP-ABOUT from ConfigMgr console

    While working with boot images, I need to click UPDATE DISTRIBUTION POINTS and see if the client within the boot image is the same as the client on the site server. It would be nice if I can see the current (latest) ConfigMgr agent shown in HELP-ABOUT from ConfigMgr console as a all-in-one screen so I would spare some time checking and updating the boot images

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to noted.

    Thanks for your feedback.

    Not sure what I’m missing here…
    The ‘About Microsoft Endpoint Configuration Manager’ shows ‘Site version:5.0.9012.1000’ – that’s an example from our 2006 release. The same is shown in the Boot Images view, the Client version column.

    The update Distribution Points wizard shows the current ADK version, the current production client version and in the table below the reload option we show the OS version of the boot image and the version of the client binaries.

    Could you let me what I’m missing? The information present in the wizard covers everything you’d need to know – in my opinion anyway.

    Thanks

  13. Bitlocker Network Unlock with WDS-less PXE

    With Bitlocker Network Unlock, a WDS server can automatically unlock your bitlockered device without requiring the user typing the PIN at boot. (https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock).
    As we all go forward using the SCCM WDS-less PXE-provider instead of WDS, it would be a good idea, if it supported Bitlocker Network Unlock, too.

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Store output of run command line to TSEnv with "RunAsUser".

    Running a step as a user prevents you from using the TSEnvironment in order to store any data returned.

    The step could be anything, like getting a byte array of a certificate, ad-groups of the computer or primary user or as in this example, getting the TPM OwnerAuth from MBAM.

    I would rather store it directly in the TSEnv instead of in a temporary file and run another script to read the file just to be able to use the password, as a variable, from a ā€œRun commandlineā€-step.

    The only other workaround Iā€™ve found this far is running the stepā€¦

    11 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Support Center Advanced Log File Viewer Advanced Filtering

    It would be great if in the new Suppert Center Advanced Log File Viewer, there would be an option for Advanced Filters, when opening a log file, the filters load automatically and we dont need to load them manually everytime we open a log.
    Same as with the other buttons, that can be activated and deactivated.

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Troubleshooting & Support  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Task Sequence Detection Method

    It would be very useful to be able to control if a Task Sequence has been "Installed" or not by adding a custom detection method like we have in the AppModel.

    This is valid in scenarios where we do a bare metal required rollout and in in-place-upgrade scenarios. Combined with having different versions of a task sequence being deployed.

    30 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to Noted – see https://docs.microsoft.com/en-us/configmgr/core/understand/find-help#send-a-suggestion for an explanation of each value.

    We recently introduced Task Sequence as a deployment type for applications – see https://docs.microsoft.com/en-us/configmgr/core/get-started/2020/technical-preview-2001-2#bkmk_tsdt

    This is also in our 2002 release which is in the opt-in phase at the moment.

    With this you can specify detection methods the same way you would for applications.

    Regarding your comment for bare metal – could you elaborate on your scenario? With bare metal the machine is wiped and would have no ‘history’. In a bare metal case the registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CM_DSLID records the package ID of the image used, that may be of use to you here? Any more detail you can provide would be great, thanks.

  17. Support Center Log File Viewer support same log files as CMTrace

    The CMTrace tool is able to parse non-SCCM log files (e.g. 1E's Nomad logs) to properly pick up timestamps, process ID's etc. It would be very helpful if this could be added to the Support Center/Support Center Log File Viewer. It seems

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Tools  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Add a command line option to Support Center to connect to a remote computer

    The Support Center utility is a great addition but doesn't seem to support specifying a remote computer to connect to from the command line. This would allow it to be called automatically from scripts and other tools.

    This is option is implemented for the remote control viewer by running: CmRcViewer.exe <remote-computer>

    Likewise it would be great to be able to call the Support Center thus:
    ConfigMgrSupportCenter.exe <remote-computer>

    4 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  1 comment  ·  Tools  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Add /ResetBase to New-CMOperatingSystemImageUpdateSchedule

    Now that optimization of the WIM and removal of superseded updates is available as an option for offline servicing in the console, it would be great if this option could be added as a switch to the New-CMOperatingSystemImageUpdateSchedule cmdlet. I use this cmdlet to automate scheduling of updates in an ADG against all my WIMs so it would be great if I could shrink them down at the same time without needing to do this in the console.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Thanks for your feedback.

    Updating status to noted, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help#send-a-suggestion for an explanation of each value.

    We’ve addressed this in our 1902 release as well as the ability to import a single .wim from the multi-index .wim.
    https://docs.microsoft.com/en-us/sccm/osd/get-started/manage-operating-system-images#BKMK_AddOSImages

    As Vlad mentioned, the New-CMOperatingSystemImageUpdateSchedule CmdLet has -RemoveSupersededUpdates

    I’ll update the status to completed if this addressed your ask. If not, then let us know any gaps.

  20. Allow additional customization of the task sequence dialog

    Please allow additional customization in the Task Sequence High Impact Dialog Box. Enable or Disable the Individual Comment Boxes completely, and allow Hyper Links to launch a web page with more information.

    6 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base