Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we can’t promise to reply to all posts.

If you believe you have found a product bug, please use Feedback Hub. For more details, see: https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

Standard Disclaimer – our lawyers made us put this here ;-) We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

How can we improve Configuration Manager?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add a priory order option to Compliance Items 'settings'.

    Add a priory order option to Compliance Items 'settings'. Currently you can have multiple settings but you don;t know in which order they process. if you have 'setting 1' dependent on 'setting 2' you can't specify the order in which they process. Same might go for Baselines but that not my current need.

    0 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
    • Deploy Application via Baseline Compliance

      Right now you can deploy a base line to see if system have all the require local apps. Would be nice if you allow the system to have remediation for the missing application, that is specify by the company. As of now the only thing you can have baseline auto fix is Registry value & Script (by running remediation script) & WQL Query. If it could auto and manually fix application that would be outstanding. I would allow it in these two ways, if the system detects it missing an app it auto deploys that package ID to itself (Check…

      3 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
      • Configuration Item Checkout

        When automating the creation of Configuration Items, every time a new setting is added the version increments. Depending on my input file, the revision could be in the upper hundreds, particularly when adding Windows Defender and Firewall exceptions.

        It would be nice to check out a configuration item, make the necessary edits, and then check in the changes.

        3 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
        • Separate the application dependancy from configuration item application detection method

          Currently when setting up a configuration item with application settings, you are able to point to an application in ConfigMgr to use for a detection method. The issue is that if you want to export and share the CI, the import fails is the application does not exist the COnfigMgr site. It would be better if it grabbed the detection method from the application but added that to the CI to be independent of the application. So instead of pointing to the application for the detection method, the method gets copied over (copy instead of pointer).

          3 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
          • VPN-Profiles from sccm should not recreate other VPN-profiles

            I recently upgraded to windows 10 1803 and SCCM 1802, not sure if this is an issue with other combinations.

            I have a VPN-Profiles deployed and it gets setup as it should. But when an unknown event happens all of my connections are recreated, even connections which i have created myself....

            From DcmWmiProvider.log:
            Deleted MDM_VPNv2_01.ParentID="./Vendor/MSFT/VPNv2",InstanceID="asbsad"
            Remediated VPNv2 asbsad

            The connection above has been setup by myself and it uses the VPN provider FortiClient which i have installed from Microsoft Store.

            It would be great if the client did not touch the connections which hasnt been deployed from sccm.

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
            • Support "Any of" in addition of "All of" Options for String Arrays Compliance Rules

              Currently, the only value option for string arrays in a compliance rule is to specify that it must contain "All of" the specified values. I would like to be able to say that it should contain "Any of." Similar to how regular strings have "One of."

              Ideally, an "Any of" value would support any combination of any number of values in the list, but only values in the list.

              4 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
              • transcript

                I would like to turn off powershell transcripting in configuration item. If I run PS script in user mode (means "Run scripts by using the logged on user credentials" is enabled.) then it creates a folder under user's mydocuments folder. It is very annoying.

                3 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                • Report on Local Admin Permissions

                  For many years now Microsoft has strongly recommended that Local Admin Rights be removed. Would it be possible to have SCCM report on the contents of the Local Administrators group? Also, could we maybe have a wizard under Compliance Settings to configure these settings. I know Sherry Kissenger from MNSCUG has done a lot of work with this. Maybe the product team could pattern the solution after her work.

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                  • devices compliance status on SUG - drill into non-compliant list/collection/query

                    on the software update dashboard I want to monitor and pursue the non-compliant machines - I cannot see a way, as in other pie charts and other graphs in the various dashboards around the console, of drilling into the list of devices

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                    • remember last registry location when creating CI

                      When creating compliance settings for new applications I often like to grab settings from a known machine. It works well and pre-fills a lot of the rules for me, unlike manually entering the value.

                      But I am fed up of having to re-navigate to the remote registry location I am grabbing these values from. Please please please can you get the console to remember the last registry location used when creating CIs?

                      The same would be useful for file/folder paths too

                      1 vote
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                      • Add option for various actions based off CI status

                        Configuration items has statuses of compliant, non-compliant, unknown, and error. It would be a nice expansion of the compliance settings feature to be able to act upon the individual CI status and not the just add to a collection based off baseline compliance.

                        Actions that would be of benefit are:
                        Add to collection
                        Install individual software update or software update group
                        Install package
                        Install application
                        Run task sequence
                        Run script

                        6 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                        • Folder Redirection Improvements to Permit OneDrive

                          Currently the folder redirection feature in SCCM doesn't take an environmental variable as a good path; it requires \\SERVER\SHARE.

                          With OneDrive being common place in Office 365, please allow us to enter a command such as:

                          %userprofile%\<SyncFolder>

                          where Sync folder is the name of your organization's onedrive folder.

                          as documented by the Office team.

                          https://support.office.com/en-us/article/redirect-known-folders-to-onedrive-for-business-e1b3963c-7c6c-4694-9f2f-fb8005d9ef12

                          So that we can use SCCM to manage this.

                          Thanks! :)

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                          • Custom Client settings for Compliance Scheduling

                            There is no option currently to create a custom client settings for Compliance Scheduling for specific Compliance Baseline deployment.

                            It would be great if we get an option.

                            3 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                            • Improvements for Device Guard management

                              1. Using the Microsoft knowledge base for Device Guard, I would like to create a new CI policy by using New-CIPolicy. Then, I want to merge it with the Configuration Manager Code Integrity policy (Merge-CIPolicy). This should be possible from the gui as well.
                              2. Adding other trust rule methods via gui. (ie. PCACertificate, hash)
                              3. Deploy device guard trusted installer policies via osd. This would allow policies to be active immediately after domain join and before any software is installed.
                              4. This one is key but is heavily dependent on #2:
                              a) Use case 1: An executive needs to…

                              9 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                              • Manual Remediation Option for Configuration Baselines

                                I think it would be beneficial if there was a manual remediation option in the Configuration Manager applet, to let users manually run remediation steps. I know a Non-Compliant collection could be created and a application/package pushed to it, but I'd like the option to manually run a remediation step for Non-Compliant computers.

                                3 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                                • Fix powershell remediation script to pass failed value from detection script

                                  Have a failed compliance baseline pass the output of failed powershell script to remediation rather than the compliant value

                                  6 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                                  • There should be an option to select existing packages other then PS,VBS & JS scripts for Compliance remediation.

                                    There should be an option to select existing packages/application other then PS,VBS & JS scripts for Compliance remediation. most orgs just miss out some pcs and compliance is mainly used by many company's to get the software installed to the missing ones.

                                    We can create a collection for non compliant systems and deploy app/package to them manually, but giving an option in remediation option will make it easy/simple and user-friendly.

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Populate OS versions for "Valid operating system builds" in compliance policies

                                      In the new condition "Valid operating system build" added to Windows 10 (w/o CM) compliance policies it would be very useful to have a drop down with build version numbers translated to meaningful names. Otherwise we have to go external and find a version list. Even better if it could be pulled from the CM DB for existing versions in the same way you can with collection queries.

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        1 comment  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Declare the CI settings better for iOS Kiosk Mode

                                        When I setup a Kiosk Configuration item, the Wizard show me, that I Am able to configure the Touch Screen. When I set it to dsiabled, the Touch Screen is working, on Enabled the Touch screen is not working.
                                        Or if you check the attached picture, with the Current Settings, the Volume Buttons are disabled on the Device.
                                        This is very misleading and should be corrected!

                                        4 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                                        • 1 vote
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4
                                          • Don't see your idea?

                                          Feedback and Knowledge Base