Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Install and Configure WSUS As Part of SUP Role Creation

    WSUS is a well-known pre-requisite for the Software Update Point role yet the user is entirely left to their own devices to install and configure it. The default WSUS installation options are widely regarded as non-optimal. Further, there is plenty of precedent for ConfigMgr installing OS roles.

    I would like to see the WSUS OS role be installed and configured as part of the SUP role installation. Where necessary, the wizard can suggest better configuration options than WSUS’s defaults. I’m certain the community will come up with more ideas than this but here’s a few I can think of, some…

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  2. Deploy Application Groups to Users

    The 1906 application group feature only allows you to deploy application groups to devices. Please extend this feature to enable application groups for user deployments as well.

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow "Retry on unexpected restart" for the "Upgrade Operating System" task sequence steps.

    We are seeing a number of unexpected restarts during the "Upgrade Operating System" Windows 10 feature update that causes the task sequence to fail. These restarts are happening during the "setup.exe" phase of the process. Allowing the task sequence to continue would resolve this issue.

    67 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Extend "Model" field to Packages & Applications for Pre-caching of Task Sequence content

    The new Model field on drivers is useful, but needs to be extended to other content types, like Packages & Applications, where Model specific items need to be installed (e.g. specific HP SoftPaqs, or video drivers that need to run from .EXE etc).

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add the ability to set an Error threshold for Phased Deployments

    I would like to be able to create a threshold on Phased Deployments so that the deployment would automatically stop if it hits that threshold. Ideally this could be either a count or a percentage selected. The behavior I would want is for the deployment to go into a paused state if the error limit is hit.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Nesting Distribution Point Groups

    Allow Nesting Distribution Point Groups.

    We have an issue with not always wanting to replicate all content to all locations due to content size and applicability, but to specific locations determined by function.

    Examples:
    Site A - Imaging DP Group. (Server DataCenter Environments)
    Site B - Imaging DP Group. (Desktop Environments)
    Site C - Imaging DP Group. (A mix of Environments and business units)

    These three sites have different business functions. So while not all imaging content would be the same across the board. It would be nice to have if you could nest those three Distribution Point Groups into…

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Collections  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add "Right Click > Create Collection" to Boundaries and BG's

    It would be awesome if I could right click a Boundary or Boundary Group and create a queried collection off of it.

    For instance, we have satellite clinics where we have boundaries for each floor (ED, Urgent Care, etc). It would be awesome to be able to quickly create a collection based on that range

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Collections  ·  Flag idea as inappropriate…  ·  Admin →
  8. Install Feature Updates before other updates

    Similar to the change made to SSU's, it would be nice if CM could detect that a Feature Update has been deployed and install that before other updates.

    Currently, it will queue and install patches along-side the Feature Update. E.g. it might essentially waste time installing the CU for 1809 then immediately install the 1909 Feature Update right after. Once the Feature Update is finished installing and has rebooted, it will need to re-eval and install the 1909 CU.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add application group in task sequense

    It would be great if the created application groups can be added in a task sequence.

    Instead of having long lists in a task sequense you could manage default apps in the application groups

    55 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Improve folder support in cmdlets

    Actually, it is possible to create a collection with a cmdlet. But we cannot create it in a specific location. We need moving it after creating the collection. Why not just add a parameter to the New-CMDeviceCollection cmdlet?

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback. Folder support is something that is very limited in the cmdlet library today and something that’s in our backlog to improve in a future release. In my opinion, I think the way things should work is if you’re in a collection folder in the cmdlet drive provider, it should just create the collection in the right place.

    I’ve linked this feedback to our internal work item to improve folder support so this doesn’t get lost.

    Thanks!

  11. Modify the Configuration Manager prerequisites checker

    Modify the Configuration Manager prerequisites checker to look for supported Windows ADK version

    95 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriate…  ·  Admin →
  12. Show content for updates in Support Center

    Have the ability to select the Updates show in the content of a workstation and the ability to click install and to see the error if it reports back an error.

    This can currently be done for Application content but cannot be done for Updates.

    To try to get this capability just for Updates for troubleshooting/support for workstations. You have to leverage ReCast- Right Click Tools and leverage the Remote Software Center to kick off updates for install for workstations that you are troubleshooting.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Troubleshooting & Support  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability to add the application groups in Task Sequence

    Application groups can be deployed to a collection but cannot be added in a Task Sequence and then deployed. Please enable the Task Sequence deployment for Application Groups.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Support Phased Deployments in Automatic Deployment Rules

    I think this is pretty straight-forward. If the Phased Deployment feature is to become a thing for software updates it needs to be supported as part of ADRs. If organizations are manually deploying updates then they're simply doing it wrong. If anyone thinks I'm transitioning from automated deployments to manual phased deployments they vastly underestimate my laziness.

    256 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  15. Custom Readiness Rules

    Low install count is a great start, but we'd like see automation for the current extremely manual process of Importance by including additional rules such as:
    - Adoption Status: Highly Adopted AND Compatibility Risk: Low= Automatically set importance to Not Important

    These metrics are great, but they really need to be available for custom readiness rules. Large enterprises such as ours cannot currently utilise this service due to the sheer amount of manual process. We can't keep up with the new application versions coming in daily and then wait for the subsequent data crunching, only to be greeted with more…

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Desktop Analytics  ·  Flag idea as inappropriate…  ·  Admin →
  16. Provide Support for DFS Replication of Content Library

    With the introduction of Site Server High Availability, this would be a considerable step towards additional capabilities to leverage for content high availability. While using a DFS share is viable, adding support for DFS-R would greatly enhance the effectiveness and ease of deploying a HA solution that would have considerable advantages on a passive site server across a larger distance. As a bonus, this implementation could be used separately from HA if desired.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Content  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow SCCM to control MBAM after workload moved

    MBAM has been integrated into SCCM really well. However, to enable tamper protection you need to co-manage devices with intune. As soon as you move the workload from SCCM to intune (device management) you lose the ability to use SCCM. This means you lose either the ability to pop up a pin dialogue in user mode or tamper protection in the Defender AV.

    In this case the products become mutually exclusive. Please add an option to allow MBAM to be continued to be managed by SCCM so we can use both Tamper protection and the pin popup provided by MBAM.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Co-Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Let Azure Active Directory joined Client be Peer Caching source

    Today peer cache source needs to be an on-prem domain joined device, as customers is moving to Azure Active Directory getting support for AAD joined devices as peer cache source will help customers that are moving to AAD joined devices and want to remove on-prem DP's.

    From docs:
    A peer cache source must be a domain-joined Configuration Manager client. However, a client that's not domain-joined can get content from a domain-joined peer cache source.
    https://docs.microsoft.com/en-us/configmgr/core/plan-design/hierarchy/client-peer-cache#requirements

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Content  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add ProvisionTS support for Azure AD joined devices over CMG

    Currently, the ProvisionTS variable will not trigger a Task Sequence deployment in a site with management points configured for EHTTP and internet clients connecting through a CMG.

    In this scenario, if a device on the internet is provisioned with Autopilot (AAD Join) and installs the config manager client through an Intune app deployment with the PROVISIONTS variable specified, the Task Sequence will fail.

    Supporting this functionality would make Autopilot much more attractive to many organizations.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow Delivery optimization / Connected Cache (DOINC) to be used for ConfigMgr Downloads

    Enable ConfigMgr to utilize Delivery Optimization for Downloads from Microsoft CDN (Windows Updates, Office 365 Updates). Currently This only works for Express Updates. All downloads nativily done by ConfigMgr Agent from the CDN, are using BITS, therefore bypassing DeliveryOptimization (and Connected Cache).
    My plan: Control updates deployment though SCCM, but don't care about contents, let ConfigMgr get them from the cloud, through DO (from Connected Cache when in CorpNetwork, directly if not, always trying DO P2P)

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base