Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add SharePoint Patching process built-into SCCM

    Out of box process for patching SharePoint should be available in SCCM. If its a pre-built task sequence, or SCCM detects the roles installed on each server and knows how to patch those components. This primarily relates to security patching, but the process should be much easier.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. The ability to log off disconnected users from servers.

    Hi All,

    We notice that when using ADR's, that servers will not restart in their defined maintance Window when there is a disconnect user running in the background.

    A option to log off all disconnected user within the deployment of a ADR of perhaps in server groups would be a great addition.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Install Feature Updates before other updates

    Similar to the change made to SSU's, it would be nice if CM could detect that a Feature Update has been deployed and install that before other updates.

    Currently, it will queue and install patches along-side the Feature Update. E.g. it might essentially waste time installing the CU for 1809 then immediately install the 1909 Feature Update right after. Once the Feature Update is finished installing and has rebooted, it will need to re-eval and install the 1909 CU.

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. It would be better include check box to select or deselect Software updates in SCCM.

    At the moment all we can select Software updates by clicking each of Software updates and sometimes it cause confusion. It would be good if we can have kind of Check box option where we can select or deselect Software updates in SCCM console.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Orchestration Group membership

    I have a few collections that use queries for membership. I would like to be able to have a query run once a week to check membership for Orchestration Groups instead of going through and creating a static list.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Provide method to easily convert update filters to ADRs

    Provide an in-console method to right-click on a Software Update Filter (saved search) and convert to an ADR Rule

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Orchestration groups - Granular behaviour for different types of update

    Adding more granular control to the behaviour orchestration groups depending on types of updates would improve the feature greatly.

    For example, specifying different behaviour for different types of updates - customers probably don't want to run pre-scripts and post-scripts or even potentially any orchestration for definition updates, whereas they might want to for other types of updates

    11 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Allow Delivery optimization / Connected Cache (DOINC) to be used for ConfigMgr Downloads

    Enable ConfigMgr to utilize Delivery Optimization for Downloads from Microsoft CDN (Windows Updates, Office 365 Updates). Currently This only works for Express Updates. All downloads nativily done by ConfigMgr Agent from the CDN, are using BITS, therefore bypassing DeliveryOptimization (and Connected Cache).
    My plan: Control updates deployment though SCCM, but don't care about contents, let ConfigMgr get them from the cloud, through DO (from Connected Cache when in CorpNetwork, directly if not, always trying DO P2P)

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Process Delivery Optimization Client Settings within OSD TS

    Process the DO Client Setting Policy while within a OSD TS to support also the packageless deployment of Software Updates during OSD without the need to download every update for every client.

    The current behavior in case of deploying software updates without a package during an OSD TS is that each client will download every update from MS instead of using DO and DOINC/MCC.

    The idea behind this scenario is, that you can eliminate the package distribution for Windows updates wihthin the ConfigMgr Hirarchy completely and just use DO as source while ConfigMgr is still the part to configure whichā€¦

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Like keep myself has to with work!!, and the other passwords off here know question about!

    I do PowerPoint it can be anything like a art work or a slide for someone birtday with photo's 3of them any photo's

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Include option to create Child ADR/Nested ADR

    For Example, if we want to create ADR's for Windows 10 and O365 updates, we need two ADR's to be created, because of the difference in configurations such as Title, Product, classifications - all differs on both. If it is nested then we have an opportunity to embed the child ADR in to parent and can be executed on the same time.

    Just similar to creating Child Configuration Item to the parent and deploying both of them using a Single Configuration Baseline.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Install Servicing Stack Updates (SSU) Before Other Updates When User Initiated

    The Current Branch 2002 release introduced a feature to install SSUs first but only when triggered by the deadline.
    From the docs:
    "SSUs are installed first only for non-user initiated installs. For instance, if a user initiates an installation for multiple updates from Software Center, the SSU might not be installed first."

    A lot of work has been put into encouraging user-participation in the patching process. I want the user to decide when they're ready to install the updates and avoid situations where the deadlines impact their work. In those scenarios the behavior introduced in 2002 therefore not helpful.

    Iā€¦

    129 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Third-Party Updates Should Not Attempt 3 Downloads from Internet (WUMU)

    When deploying third-party updates using CMG, the client will detect it's on the internet. In the CAS.log, you will see it things it should reach directly out to windows updates (WUMU) in the CAS.log. The DP returned on ContentLocation.log is actually the internal WSUS location of where the third-party update was downloaded. This path is not resolvable from an internet client and shouldn't be used.

    If the client detects it's on the internet, it should never attempt to download from windows updates, since these updates are not applicable for that scenario. The update will timeout after 3 minutes and 3ā€¦

    56 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Allow Applications/Packages to Show Up Under Updates in Software Center

    Allow admins to determine which tab applications, packages, and task sequences show up in Software Center. This is especially important for applications/packages being able to show up under Updates when wanting to update existing software thatā€™s more complex for Software Updates/SCUP. This would make it easier for end users to make sure they have updated all of their software at one time.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. More options for phased deployments

    Phased Deployments are generally limited to two deployments at a time, it would be great to extend this to reduce administration work over large deployments.

    Additionally you have to go into the deployment and manually configure additional options such as allow clients to download over tethering, it would be handy to configure this step from the phased deployment window so you do not need to go back and set this manually in the deployment.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. make "Prefer cloud based sources over on-premise sources" also apply to Microsoft Update

    Even though Microsoft Docs lists Microsoft Update as supported cloud sources (https://docs.microsoft.com/en-us/configmgr/core/servers/deploy/configure/boundary-groups#bkmk_bgoptions4), "Prefer cloud based sources over on-premise sources" does not seem to apply to Microsoft Update content in the case of an AlwaysOn VPN scenario where devices would show in "intranet" all the time.
    The only alternative option is splitting up update deployments (VPN vs Non-VPN) and working with the download settings on the individual deployments, which is very cumbersome. If a client falls into a boundary group which has the setting enabled, it should respect it and use Windows Update for source content.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Add ESU update classification

    Can you please add an update classification called "ESU" or something like that so that we can filter our ADRs to make updates work properly with ESU? (It seems that if we get a single update that is not allowed for ESU added to our software update group it will make all updates not available.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Control SUP source from boundary groups

    It would be good if we could control SUP download priority from boundary groups.
    Scenario is when on VPN ip range client should first try to get updates from Microsoft WSUS servers but failover to internal if they are unable to (example for failover back to internal is 3rd party patches).
    And for internal clients if they fail to get update from local DP try to get it from internet so traffic is not routed all the way to next internal datacenter.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Include a Patch Tuesday Phases template that can create both even and odd month ADR's to eliminate patching gaps

    For those that use phases (test, pilot, production) for monthly software update deployments with multiple collections before deploying to production, two ADR's that run every other month need to be created (one for odd months and one for even months) with deployments for each patch phase, otherwise there are potentially multiple week gaps in patching the environment. Guidance on configuring even and odd ADR's should also be added to the ConfigMgr online software update documentation.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. 1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1 3 4 5 23 24
  • Don't see your idea?

Feedback and Knowledge Base