Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add Delivery Optimization and Connected Cache Monitoring to Endpoint Analytics

    An extra log workspace in azure is required to monitor delivery optimization. It would make sense to integrate the monitoring of DO and MCC into the endpoint manager. In addition, it would be helpful to get suggestions in which group do/mcc is not working well and something needs to be optimized.

    Endpoint Analytics would be the right place to collide the monitoring data with the other client data.

    Monitoring is the basis for building an efficient DO network.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  2. Microsoft 365 Apps update to newest version only

    The Monthly Enterprise Channel for Microsoft 365 updates receives two updates every patch Tuesday. One update for the previous months version (e.g. 2010), and the new version for the current month (e.g. 2011).
    Currently there is no way to distinguish between those versions in an ADR, this leads to the automated deployment of both versions if no one is on cleanup duty.

    Unfortunately the SCCM client is not intelligent enough to select the correct version for installation. My clients often end up installing the previous months update (e.g. 2010) before the one for the current month (e.g. 2011). Which causes…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  3. allow for software updates to be converted in to packages

    It will be helpful to allow sccm to convert software updates via a wizard into individual packages. This will help to deploy updates to clients that have difficulty reporting into wsus. or as an alternative to wufb, when enabled for comanagement.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  4. Expose third party update category in the Configuration Manager Console

    When syncing third party updates, consider recording category information for each update. Then that information could be exposed in the console, which would make searching, selecting and deploying/targeting third party updates easier. Especially for third party updates that are drivers, this would make the experience similar to "native" Drivers in OSD, where we can put drivers in (multiple) categories and use that information to better organize drivers and facilitate cleanup. Also, in the current absence of cleanup options, this would make clean up of third party drivers from WSUS easier as it would replace the need for administrator to parse…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  5. Expire third party updates when they no longer belong to any selected categories

    When a category is deselected from third party update catalog, updates belonging to that category remain in Configuration Manager but are no longer updated. Consider expiring and removing third party updates from Configuration Manager when they no longer belong to any categories selected in the third party catalog, similar to how Microsoft updates are expired and removed when their Product is deselected from the SUP component properties.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add cleanup of WSUS update files to WSUS maintenance

    Consider adding cleanup of WSUS update files on default SUP to WSUS maintenance feature/capability. This would be similar to running “Unneeded update files” option from WSUS Server Cleanup Wizard on default SUP and it would facilitate cleanup of expired/declined third party update content from WSUS content location. This option could be made available only when third party updates are enabled and/or there are published third-party updates. The option could be added to either existing WSUS Maintenance options or as a Third Party Updates option in the UI that becomes available with other third party update options when third party software…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  7. Automatically check for corruption in %windir%\system32\grouppolicy\machine\registry.pol

    The above file is well know to corrupt and when it does so it causes software updates to fail with:

    Failed to Add Update Source for WUAgent of type (2) and id {GUID}

    in WUHandler.log

    There are documented ways of testing this file for corruption; please could the scheduled client health check look at this file and for the above errors. The fix is easy - delete registry.pol from the above location and trigger a group policy update to recreate it.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  8. While creating an ADR to deploy the updates, can we have an option to choose the updates release times as "between so an so hours" option.

    While creating an Auto Deploy Rules(ADR) to deploy the updates, can we have an option to choose the updates release times as "between so an so hours" option. We only have options like "Last 1/2/3/4/8 hours" etc, I need to deploy something that got released between last 4 to 12 hours" as an example. I'm trying to deploy the definition updates in a phased manner to 3 different collection. Cert, Pilot & Prod. So that the prod collections will have patches released between last 8 to 12 hours and should not contains anything that released in the last 8 hours.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  9. child SUP content version

    Currently a client receives an 'available' SUP list to select a SUP to sync from with the sproc MPGetWSUSServerLocationsWithBGR. This sproc requires a parameter called iContentVersion, which the client receives through machine policy and is the ContentVersion of the Primary SUP, even if the client is using a secondary SUP. The sproc however does not offer SUPs with lower ContentVersions, thus if the client's secondary SUP is at least 1 version behind its Primary's the current secondary (Boundary Group local) SUP won't be offered for the client. Also, if Fallback is enabled and due to the ContentVersion mismatch…

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  10. Child SUP sync notification

    At the moment a child SUP syncs with the parent by receiving a notification file which is sent from the parent via standard file replication. This is sub-optimal because if other files like packages are already maxing out the enabled sender threads, or if the sender is limited or closed via sender settings, the child SUP sync will be delayed.
    Suggestion is to notify the child SUP via DB replication.

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support Microsoft 365 Updates download via CDP

    According to https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/hierarchy/use-a-cloud-based-distribution-point#limitations, and as we experienced, Microsoft 365 Updates will fail to download M365 Update content from the CMG's Cloud Distribution Point.

    They simply fail to download from the CMGs CDP resulting in a horrible user experience and support nightmare.

    Companies like ours are unable to leverage the Office CDN, with its many, many possible IPs behind it, due to limitations of the VPN split tunnel software, the web proxy, and / or the Firewall in dealing with these CDNs with their many possible IPs.

    As such, it would benefit many of us in this situation, in supporting…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  12. Alert and email on node failure orchestration group

    Need the ability to get an alert and email when one of the nodes in an orchestration group fails. Currently there is no alerting in the console or a way to send out an email to be notified when one fails.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  13. Automatic Deployment Rule creates new Deployment Package

    We use the ADR monthly to create a New Software Update Group for all the updates released in the last month for the categories that we specify

    We then use the ADR to automatically create the Deployments for our Phased Release of that "Month" of updates.

    So a new SUG is created monthly. However the Deployment Package just keeps growing and needs to be manually changed every couple of months.

    Therefore please can the ADR also create a new Deployment Package with each cycle and distribute to the specified Distribution Points

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  14. Enable sending a Decline for an update to WSUS from CM console

    As above - it would be very useful to be able to pick an update from the CM console and choose to Decline it, with the Decline being sent back to WSUS on the next Sync. This would help with software update efficiency as endpoints would not scan against the declined updates. This can of course currently be done manually on the SUP but it's generally advised to do as little direct WSUS management as possible and leave it to MECM to do it.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  15. Pre Download Feature Update before showing in Software Center

    It would be nice to have an option PreCache Feature Updates before they become available for the user to run. Some sort of way to reduce the run time of Feature Updates for remote users or in general improve the experience for the end users.

    So that when the Feature Update is available in Software Center it is already precached and ready to install right away.

    It could possibly be dependant on what type of Deployment you're using, a Required-deployment might not have the possibility to PreCache as you want it to run ASAP after deadline.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  16. Provide a consistent deployment strategy for updating MS applications

    Different products teams decide how they will deploy there updates and various methods are needed to control deployments.
    Example: MS 365 Apps, Edge, AIP are available as software updates which is very good. OneDrive they ask you to go out to this site and check when the update will be available to the enterprise ring. https://support.microsoft.com/en-us/office/onedrive-release-notes-845dcf18-f921-435e-bf28-4e24b95e5fc0?ui=en-us&rs=en-us&ad=us. You then have to download it and deploy it before the date to stop it from pulling down from the internet. Teams no way to control it and no idea when it will update. PowerBi have to go out download and deploy it.…

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  17. Can expiration setting be split for Software Updates and Feature Updates.

    Recently, we meet old feature update has been refreshed bundle issue and this make previous feature update be superseded by later one. Previous feature update become expired and removed from the update deployment group. Can we split expiration setting for normal security updates and feature update so that the feature update refresh will not make old feature update be explired?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  18. Updates

    Please stop updating laptops or PC in between work. This issue needs to be fixed. There should be an option to set the update or restart. And it should also ask permission before restarting. This way we don’t lose our unsaved data.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  19. Microsoft Edge Chromium (WSUS SUP MEMCM) Updates for Server based Systems

    Please make the Updates and Management also available for Server based Systems.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add Last Software Updates Server column to Collection views

    Please add a "Last Software Updates Server" column that can be added to your view when viewing a collection.

    Thanks.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 25 26
  • Don't see your idea?

Feedback and Knowledge Base