Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Install Servicing Stack Updates (SSU) Before Other Updates When User Initiated

    The Current Branch 2002 release introduced a feature to install SSUs first but only when triggered by the deadline.
    From the docs:
    "SSUs are installed first only for non-user initiated installs. For instance, if a user initiates an installation for multiple updates from Software Center, the SSU might not be installed first."

    A lot of work has been put into encouraging user-participation in the patching process. I want the user to decide when they're ready to install the updates and avoid situations where the deadlines impact their work. In those scenarios the behavior introduced in 2002 therefore not helpful.

    I…

    136 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  2. Missing cmdlet: Set-CMApplicationGroupDeployment

    We need the ability to deploy application groups with PowerShell.

    Similar to Set-CMApplicationDeployment - but for groups.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  0 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  3. Remote Control: Improve Multi-Monitor Experience

    Business Case (I know how you PMs love these):
    The current CB 1902 implementation is going to make this conversation part of our helpdesk script:
    “What screen is the app on?”
    “Can you move that window to the monitor where X is showing?”

    “No, not that one.”
    “Nope, still don’t’ see it”
    “Ok let me reconnect in full screen, please accept the prompt again.”
    “No no no, don’t hang up the phone, that’s not how this works.”
    “Ok, you should see a prompt to allow me to connect.”
    “Nope it’s there, trust me.”
    “Got it, thanks. Ok, let me move…

    324 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    19 comments  ·  Remote Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. Enable Tamper Protection via SCCM

    It would be nice to have ability to enable Tamper Protection in defender via SCCM antimalware policy

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add "Windows 10 Enterprise for Virtual Desktops" in the “Operating system” of requirements as an option”

    The provided Application Model Operation System Conditions for Windows 10 versions are limited in scope. Currently the Operator options for Windows 10 are two choices.

    Windows 10 (Select This to get the two below)
    All Windows 10 (ARM64)
    All Windows 10 (64-bit)
    All Windows 10 (32-bit)

    We're using "Windows 10 Enterprise for Virtual Desktops" and we're not able to select this operating system from here.

    Please add "Windows 10 Enterprise for Virtual Desktops" under windows 10 node or please provide a way to edit this list.

    Thank you.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Extend "Model" field to Packages & Applications for Pre-caching of Task Sequence content

    The new Model field on drivers is useful, but needs to be extended to other content types, like Packages & Applications, where Model specific items need to be installed (e.g. specific HP SoftPaqs, or video drivers that need to run from .EXE etc).

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Improve folder support in cmdlets

    Actually, it is possible to create a collection with a cmdlet. But we cannot create it in a specific location. We need moving it after creating the collection. Why not just add a parameter to the New-CMDeviceCollection cmdlet?

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback. Folder support is something that is very limited in the cmdlet library today and something that’s in our backlog to improve in a future release. In my opinion, I think the way things should work is if you’re in a collection folder in the cmdlet drive provider, it should just create the collection in the right place.

    I’ve linked this feedback to our internal work item to improve folder support so this doesn’t get lost.

    Thanks!

  8. Full support for ECC Certificates

    Machines with an EEC client certificate can connect to the DP to download the content and install the agent but the client never registers with the site.

    once i suspected the ECC certs I was able to find thread on technet which confirms the same issue I was seeing
    https://social.technet.microsoft.com/Forums/en-US/cc9ec0ff-5998-4225-9ce1-2c7b5fe5677d/sccm-and-ecc-certificates-not-supported?forum=ConfigMgrDeployment

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Client Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Some models pre-download driver packages for other models (Add an "Exact match" checkbox)

    We have a lot of different kinds of Dell client computers and some of the model names are very alike.

    We also have a network which doesn’t allow us to use peer-to-peer techniques to lower bandwidth usage so we need to create rings and make a couple of computers at the time pre-download osupgrade packages and drivers before deploying an IPU to the mass.

    Two of the models we have are "Latitude 7390" and "Latitude 7390 2-in-1".
    (This is not the only combo of models that suffers from this behavior)
    We've created one driver package for each of them.
    But…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Trigger log collection from task sequence either automatically or via client action

    The new option in the console for Client diagnostics - Collect Log files, need to be able to trigger option from the client running a task sequence. The reason for this is when a task sequence logic encounters a error and you want to auto capture the logs, this client action will be key to automating the log captures. Also for Windows 10 Servicing where the machine runs on the Internet and capturing the logs works great over the CMG, but again just want to automate the log capture than rather manually capturing the logs.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Troubleshooting & Support  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add a vendor parameter to Get-CMSoftwareUpdate

    Add a vendor parameter to Get-CMSoftwareUpdate

    This will help identify updates from specific vendors that have been provided through Third-party Software Update Catalogues.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  0 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  12. Warning message for high-impact collection changes

    When I started working with SCCM years ago I was told that you're not really an SCCM admin until you accidently deployed MS Office to the whole company. Through my years of working with SCCM I've seen many people update a collection not knowing that there was a mandatory deployment attached which resulted in the deployment getting sent to systems that were not intended.
    I would like to see a check/notification box added when a query based collection is updated that reminds you of the required deployments attached. This message will only show if an unexpired required advertisement is still…

    73 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  1 comment  ·  Collections  ·  Flag idea as inappropriate…  ·  Admin →
  13. Have preview button when building collections

    When building collections (particularly query collections) it would be handy to be able to preview the devices/users in the collection as written before you commit. Today we have to edit the collection, update membership, refresh then confirm that the membership is correct. If you have a button inside of "Edit Query Statement" it would save a lot of hassle.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Collections  ·  Flag idea as inappropriate…  ·  Admin →
  14. Maintenance window recurrence pattern offset from a base day

    Allow the recurrence pattern for maintenance windows to be scheduled with an offset from a base day.

    Meaning, if we want a maintenance window on the Wednesday following the Second Tuesday of every month, we could configure a maintenance window for the Second Tuesday with a +1 offset.

    (This would be similar to the offset option added to ADRs in 1802.)

    646 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  23 comments  ·  Collections  ·  Flag idea as inappropriate…  ·  Admin →
  15. Phased deployment support for PowerShell cmdlets

    Phased Deployment Powershell Cmdlets

    47 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  2 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enable url-like shortcuts to nodes in the console (ie. deployment saved searches)

    I check up on deployments every few hours, would love to be able to create a shortcut on my desktop to "Microsoft.ConfigurationManagement.exe \Monitoring\Searches\Search99"

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  2 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  17. allow export all task sequences or folder of task sequences

    We have many task sequences, sorted into folders for multiple users, when it comes to archiving them, it's tedious, we'd like to archive multiple task sequences by user (or by folder), this would be great, right now you have to export one task sequence at a time which is tedious.

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  18. 86 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Software Center  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to create writable RAM drive when no other writable partiotions available

    The essential need to run executable content from package before drive partitioning step (or any other case of unavailability of writable partiotion). "Data Access" package feature seems not working in OSD TS.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    Updating status to Noted. See https://docs.microsoft.com/en-us/mem/configmgr/core/understand/find-help#send-a-suggestion for details on each status value.

    Thanks for your feedback, may I ask for more details. Are you saying the ‘Run another program first’ option on the task sequence properties is not working?
    Or how are you launching the executable content? Also, to run from the distribution point using q task sequence step e.g. Run Command Line step or Install Package the task sequence deployment must use "Access content directly from a distribution point when needed by the running task sequence’ set.
    For that that to be set, all referenced packages need the ‘Copy the content in this package to a package share’ set.

    Let us know more about what your trying and we should be able to help out.

  20. Variable with Full OU path

    Take the OU path from 'Network Settings" and turn it into a variable e.g. _SMSMachineOUpath
    I use dynamic variables to determine the OU based on location and device so my Domain OU path has OU=%devicetype%,OU=Location,OU=workstations,DC=Contoso,DC.com
    so it would be nice to have the actual value in a variable that I can reference later say in a script to move existing object to the above created OU. I can see the full path in the SMSTS.log, but not in a variable. Also removing the LDAP:\ from the start could be handy in some situations I guess.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Marty,

    Vlad ask to pass this on:

    He can try at the beginning of TS to add steps to set variables that I listed in my reply to the same strings that he entered in the UI of Network Settings step? Which will result in Network Settings step take the values from these global variables (not from UI, even though they may be the same). But it will also have a side effect that these variables will be available during task sequence for whatever he wants to user them for.

    I’ll have a bit of time at the weekend. I’ve a couple of ideas about removing the LDPA:\\ you mentioned. Can you describe the scenario you want to address, please?

    Thanks

← Previous 1 3 4 5 33 34
  • Don't see your idea?

Feedback and Knowledge Base