Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Powershell cmdlet for creating MSIX deploymentType

    I would like to script MSIX import in SCCM. Through the console, when you import a msix detection method is created automatically. Add-CMAppxDeploymentType only works with *.appx files. It would be nice to be able to create MSIX deploymenttype like Script, MSI and XAP

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. references in task sequence to include "security scope" column

    When looking at a task sequence references, it would be helpful to see the security scope for all packages so we can insure it is set correctly.

    4 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Auto Phased Deployment

    Scenario: Right now I have about 8000 computers that need feature updates. I don't want to update them all at one time. It would be nice to tell CM to update one big collection, but do a set number per week. For instance, create a collection of 8000 machines, and set it to update 250 per week until it is done, or set a gradual duration of say 6 months to update the whole collection. This would work great for large application deployments as well. This way, the deployment could also be stopped if problems arise.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Better SCCM and WSO Co-Managment

    Please add the ability for admins to use ConfigMgt and WSO together. We currently can not deploy Autodesk or Adobe via WSO due to being over 5GB and our organization is not willing to upgrade this limitation on WSO.

    Please make it optional for Software Centre to be allowed to install required and available applications and packages.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Report that tells me how many approvals were done in a specific time period

    There should be a standard report that shows how many approvals were done over a specific time period. This is useful for my Licensing team to receive an automated report showing who requested what, when, if it was approved and if it was actually installed or not.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Reporting  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Run CMPivot queries against site status/state messages

    CMPivot queries are easy to learn and very powerful. It would be very useful to run CMPivot (ie Kusto) queries against site status/state messages.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. bitness of apps

    Under the apps view in addition to version it would be useful to see the bitness of the app versions. For example if your doing a migration from a 64 bit app to be able to track and monitor the cleanup or target for cleanup. For example we have had a lot of Teams 32-bit getting installed and we don't want any 32-bit Teams in our environment and block it via GPO but they keep getting installed.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Desktop Analytics  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Windows 10 20.04

    After creating new deploymentshares, and then building a new 2019 deployment server. MDT can't deploy Windows 10 20.04. 6 days spent reading forums, docs and so much more. I have applied the bdd patche as requested but I still get a total failure.
    Sysprep simply does not open or run. The system restarts with out running sysprep. There is nothing on the subject to help me.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Co-Management Management Insights

    As we move workloads to Intune, there may be an existing, legacy mechanism that prevents the workloads from successfully being enabled. A Management Insight would alert the admin, if a client scoped for co-management, was also assigned a policy that would prevent the workload from moving successfully.

    For Example:-


    1. Moving the WUfB workload to Intune.

    A legacy GPO that "Disables Automatic Updates" will render updates disabled after the workload is moved to Intune - there is not an equivalent CSP that "Enables Automatic Updates" that gets pushed from Intune Policy to override/block the GPO


    1. Move Office C2R Apps to Intune
    2. ā€¦
    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Allow Device and Collection Variables to be Queries via Global Conditions/Requirements

    If we allowed device variables and collection variables to be evaluated at the time of app install, it would greatly reduce the effort in Application Packaging when determining exception processes and/or complicated scenarios around Applications that need specific versions of dependent applications.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Application Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Inject an application into a windows image, similar to "schedule updates"

    Allow for a feature similar to "schedule updates" to inject an existing application within the console into a Windows image. Rather than recapturing the entire image to update an application that isn't very friendly to production deployment, simply add it to the image and all new PC's built through OSD will receive it.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Multiple computer selection for "Clear Required PXE" option

    Currently you can right click on a single device, or an entire device collection, to run the "Clear Required PXE deployments" option - what would be great is if we could select multiple devices within a collection and have the option available. (It's currently disabled if more than one item is selected)

    4 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Task Sequence Step to Add Info to SMSTS.log

    I'd love to see a built-in step to add information to the SMSTS.log. Basically just a single-line text field that would parse TSVariables just like any other step that has text fields.

    This would allow:
    1. Easy way to dump a specific TS variable value at a specific point in time to the log for troubleshooting.
    2. A potentially easier way to search the SMSTS.log file for a specific point in the task sequence. While you can search for task name, there are many entries that contain the task name - you could make the content of the step uniqueā€¦

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Have Software Centre Updates include more info than status: past due will be installed

    Instead of having a status: past due will be installed. Include a date and time when the update will either try to be installed or will retry.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Add auditing for changes to Cloud Service settings

    Based on observation, there does not appear to be Audit logging for changes to cloud services from the MEMCM console. For example, a change was made to firewall and virtual networks but the activity log and Status Messages Queries did not reveal any data about the change.

    It would be helpful to know what and when changes were made along with who made them and possibly a section the person who made the change can add a note.

    Attaching a screen of a change that was made without logging.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. PowerShell cmdlet for new detection clause with custom scripts

    PowerShell cmdlet for new detection clause with custom scripts

    It would help to have a new-cmdetectionclause to add in a snippet of powershell/vbscript as the detection method.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Trigger log collection from task sequence either automatically or via client action

    The new option in the console for Client diagnostics - Collect Log files, need to be able to trigger option from the client running a task sequence. The reason for this is when a task sequence logic encounters a error and you want to auto capture the logs, this client action will be key to automating the log captures. Also for Windows 10 Servicing where the machine runs on the Internet and capturing the logs works great over the CMG, but again just want to automate the log capture than rather manually capturing the logs.

    0 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Troubleshooting & Support  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Full Support for client certificates using Elliptic Curve Cryptography

    A month ago, our server team updated client certs on all workstations to ECC certificates with sha-384 hash algorithms. This caused clients in my environment to stop communicating with my MP. Fortunately, this is only a test environment as we are still building Configuration Manager. Had this been production, this would have been a disaster. There is no official Microsoft documentation indicating this type of certificate is not supported, so neither my team nor the server team would have known. Please provide full support for these certificates in the next major release and update documentation.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Add ability to set a time for when Client Settings are deployed

    The ability to set a time (similar to a deadline on a software deployment) in which a deployed custom client settings would become enabled would be a wonderful feature. Consider a scenario in which a custom client setting is created with the following settings:

    State Messages every 5 minutes
    Computer Restart: amount of time after deadline to restart = 2 minutes
    If I have a deployment with a deadline of 10pm, deploying this custom client setting to a collection at 3pm would not be very wise. But, if the ability to deploy the client settings with a configurable "take effectā€¦

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Allow pre-caching of an Upgrade Task Sequence content to resume after connection loss

    It seems the pre-caching of an Upgrade Task Sequence stops when the client is unable to reach the DPs due to a disconnected VPN.
    I.e. this happens after a disconnect:
    Download timeout has met. DTS job {0816377A-FAF6-4100-ACE9-D8B68597965E} will quit.

    When the VPN gets re-connected the pre-caching doesn't resume automatically.
    Only option is to reset the client policy.

    Would be great to allow clients to resume downloading via a VPN, esp. for large OS upgrade packages.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1 3 4 5 211 212
  • Don't see your idea?

Feedback and Knowledge Base