Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, seeĀ https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add the hability to deploy 'Data and User Profiles' to Computers Collections

    Hello,

    Data and Users Profiles are good to get rid of the equivalent GPO settings. However, they lack the possibility to be deployed to Computers Collections.

    Offline Folders for instance can be set as 'Computer setting' with GPO and you can't do the equivalent with SCCM as you can only deploy to 'Users Collections'.

    Best regards,
    Michael De Bona

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Desired Configuration - Remediation Client Log

    Currently, there is no client logging when a Configuration Item is remediated. This is all that there is:

    1) An entry in CIAgent.log:
    "Invocation succeeded for policy platform job <GUID>"

    2) 2 entries in %PROGRAMFILES%\Microsoft Policy Platform\PolicyPlatformClient.log:
    "Starting job [<GUID>] with the following parameters"
    "Mode = Remediate, JobPriority = Foreground, PrincipalId = [SYSTEM], ScopeFilters = # filter[s]"

    The other other place that there's evidence of remediation are in the Baseline reports on the client and the SSRS reports on the server.

    None of these locations show any detail about when _individual_ configuration items were remediated. I recently had to troubleshootā€¦

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Approval process on DCM - Configuration Items

    As it is with the Scripting Node, there are some that may utilize the feature that Scripts need to be Approved; would like to see a mechanism on DCM on the Configuration Item that requires review/approval before it can be attached and deployed in a baseline. The goal is to keep operators from skirting the scripting approval process by using a DCM Object to perform the actions they want to execute that they could not do via Scripting due to lack of approval.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Use Configuration Item Results in SCCM

    I would like to be able to use the results of a configuration item to create collections.

    An example would be I have a CI that collects the value of a registry key on computers. I am returning the value of that reg key. I would like to be able to create collections based on the value of the reg key result I had returned.

    If I have it return the string ā€œ1234ā€. I want create a collection based off of computers that return 1234.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. deployment under software update groups

    I wish the deployments under Software Groups would show percent compliance

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Enable settings to silently configure OneDrive for Business profile

    If you create OneDrive for Business profile to enable Known Folder Move, it only works if the user has an existing OneDrive for Business profile.

    It would be very helpful, if SCCM could also silently enable OneDrive for Business profile for the users if they don't have it.

    There should be 3 new settings to enable OneDrive for Business silently:
    - Silently Enable OneDrive for Business: SilentAccountConfig (most important)
    - Enable OneDrive Files on Demand: FilesOnDemandEnabled
    - Maximum OneDrive Size Before Prompting: DiskSpaceCheckThresholdMB

    21 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Import/use ADMX to create Compliance Settings

    Import or use ADMX Files to create compliance settings/items and us SCCM to deploy these Settings instead of active directory gpo

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Run Scripts: Expand Uses to Applications and Configuration Items

    With 1902 we have the ability to now link a script, in the "Run Scripts" feature, to a step in a task sequence. This is a great step forward, but it could be expanded more.

    A number of businesses have a need for version support/change management/auditing, etc. Its also nice to have your scripts located in ONE location, rather than many. It would be awesome if we could leverage the current Run Scripts as more of a repository, and allow them to not only be used for the actual "Run Scripts" feature, and in task sequences, but also in CI'sā€¦

    21 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Wired network authentication profiles

    For networks that require port-based 802.1x authentication, group policy wired network profiles is the recommended way to manage the authentication settings for LAN interfaces. It would be really useful if ConfigMgr could manage and apply the wired network profiles. Managing the settings from ConfigMgr would allow us to take more steps away from using Group Policy to manage device settings.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Certificate Profiles for Servers

    We have some workgroup servers which are unable to access the enterprise CA so we want to deploy some root CA certificates to them per sccm.
    Currently it is only possible to select client OSE's on the supported plattform page. Please allow server OSE's as well.
    Thanks

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Compliance state always 'Compliant' when remediation script runs

    Use the output from Remediation to test and see if it was actually successful rather than assuming it was successful. Only way is to have a true non-compliance is to throw a non-zero exit code when using a script.

    For more details see: https://social.technet.microsoft.com/Forums/windows/en-US/0f0f3e6f-7e9f-4376-a926-fc0b6aef5bf1/sccm-compliance-state-always-compliant-when-remediation-script-runs

    18 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Configuration Baselines only create QWORDs

    Right now if you use HKCU and try to create a DWORD value that does NOT exist, even though you set remediation up properly and select the box that says to create the value as a REG_DWORD, it still does not create the entry at all and the baseline reads as compliant. The creation of DWORD values using baselines has been a common post on forums for many years.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Convert CI from Operating System type to Application Type

    It happens (quite often) when I'm creating a CI in the console that I blaze thru the wizard (accepting defaults) and start building out all my settings, rules, etc. When I'm all done, I close out and then realize that I forgot to configure the CI as an APPLICATION CI with a detection method.

    So now I have to delete my CI, and start all over from scratch. ANNOYING! I would love the ability to "convert" an Operating System CI type to an Application CI type and be able to go back in and add a detection method as appropriate.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Enable All Subfolders search for Compliance Settings

    Currently you cannot search 'All Subfolders' within Configuration Items or Configuration Baselines. You can only search the current node/folder.

    35 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. report to show which compliance item is non compliant for a compliance baseline

    report to show which compliance item is non compliant for a compliance baseline

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Set A configuration Baseline as dependency in Deployment type

    At the dependencies tab in deployment type configuration, be able to select a configuration baseline to be evaluated/apply a remediation. Think is a powerful way to set some required settings

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. If you set "Configuration Baselines" of "Windows Defender Firewall Policy", the event "Invalid namespace" occur

    If you set "Configuration Baselines" of "Windows Defender Firewall Policy", the event "Invalid namespace" occurs as "search configuration error".
    This event only occurs in workgroup environments, but not in domain environments.

    The workgroup client wishes that this function can be used because domain GPO can not be used.

    21 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Please finish implementing the Set-CMComplianceSupportedPlatform powershell cmdlet

    The Set-CMComplianceSupportedPlatform does not seem to be finished. When I use it against a CI it states the following:
    $CIRule | Set-CMComplianceSupportedPlatform
    WARNING: The 'Set-CMComplianceSupportedPlatform' cmdlet is a beta-quality and is not yet complete. It may not be fully functi
    onal, and may be changed or removed in a future release. It is provided for testing purposes and should not be used for produ
    ction purposes.

    I don't have a way to set which OSes apply to a configuration item via powershell. See this forum post for more info.
    https://social.technet.microsoft.com/Forums/en-US/b494dc56-2952-4bf6-809e-481628ceafec/setting-configuration-item-supported-platforms-with-powershell?forum=ConfigMgrCBGeneral

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. The ability to run a configuration baseline on a collection that has the baseline applied to a parent collection.

    Currently we have certain Baselines that are applied to our master collection of all computers in the organization. However, when we replace a lab we should be able to run that baseline without having to run it against the master collection.

    0 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Allow Compliance Settings to to disabled

    Unlike Applications you cannot disable a compliance setting. Currently I have to change there name and add "Disabled" in the front so when they show on the baseline list people know that they are currently not in production.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base