Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Some models pre-download driver packages for other models (Add an "Exact match" checkbox)

    We have a lot of different kinds of Dell client computers and some of the model names are very alike.

    We also have a network which doesnā€™t allow us to use peer-to-peer techniques to lower bandwidth usage so we need to create rings and make a couple of computers at the time pre-download osupgrade packages and drivers before deploying an IPU to the mass.

    Two of the models we have are "Latitude 7390" and "Latitude 7390 2-in-1".
    (This is not the only combo of models that suffers from this behavior)
    We've created one driver package for each of them.
    Butā€¦

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Extend "Model" field to Packages & Applications for Pre-caching of Task Sequence content

    The new Model field on drivers is useful, but needs to be extended to other content types, like Packages & Applications, where Model specific items need to be installed (e.g. specific HP SoftPaqs, or video drivers that need to run from .EXE etc).

    29 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Variable with Full OU path

    Take the OU path from 'Network Settings" and turn it into a variable e.g. _SMSMachineOUpath
    I use dynamic variables to determine the OU based on location and device so my Domain OU path has OU=%devicetype%,OU=Location,OU=workstations,DC=Contoso,DC.com
    so it would be nice to have the actual value in a variable that I can reference later say in a script to move existing object to the above created OU. I can see the full path in the SMSTS.log, but not in a variable. Also removing the LDAP:\ from the start could be handy in some situations I guess.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Hi Marty,

    Vlad ask to pass this on:

    He can try at the beginning of TS to add steps to set variables that I listed in my reply to the same strings that he entered in the UI of Network Settings step? Which will result in Network Settings step take the values from these global variables (not from UI, even though they may be the same). But it will also have a side effect that these variables will be available during task sequence for whatever he wants to user them for.

    I’ll have a bit of time at the weekend. I’ve a couple of ideas about removing the LDPA:\\ you mentioned. Can you describe the scenario you want to address, please?

    Thanks

  4. Have the console alert when the task sequence size is reached

    The task sequence has a 32MB size limit for all policy. But for some reason they are actually limited to 16MB. But the Product Group is aware of the problem. I know they are working on fixing the 16MB limit.

    This will help us troubleshoot and determine when the task sequence has reached this size.

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Bitlocker Network Unlock with WDS-less PXE

    With Bitlocker Network Unlock, a WDS server can automatically unlock your bitlockered device without requiring the user typing the PIN at boot. (https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock).
    As we all go forward using the SCCM WDS-less PXE-provider instead of WDS, it would be a good idea, if it supported Bitlocker Network Unlock, too.

    9 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Enable Bitlocker: Add Option to Skip if No TPM

    The 'Pre-provision BitLocker' step has an option to skip the step when the devices does not have a TPM or when the TPM is not enabled.

    I'd like to see that option added to the 'Enable Bitlocker' step. Whether it's enabled by default is another question I guess. However, this is one of the many things that hang up new admins trying to get their first Task Sequence off the ground. Just spent an hour or so trying to get past this step.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Store output of run command line to TSEnv with "RunAsUser".

    Running a step as a user prevents you from using the TSEnvironment in order to store any data returned.

    The step could be anything, like getting a byte array of a certificate, ad-groups of the computer or primary user or as in this example, getting the TPM OwnerAuth from MBAM.

    I would rather store it directly in the TSEnv instead of in a temporary file and run another script to read the file just to be able to use the password, as a variable, from a ā€œRun commandlineā€-step.

    The only other workaround Iā€™ve found this far is running the stepā€¦

    11 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Add support to Cloud Distribution Point for dynamically defined content

    Add the support for dynamically defined content in an OSD task sequence to Cloud Distribution point. Today in an on-prem environment you can use OSDDownloadContent.exe to pre-cache or download driver packages, BIOS packages and other items that are machine specific.

    However this functionality is not available on Cloud Gateway/Cloud DP. The sequence will execute but support for Dynamic Variables Task Sequences so we can modify the packageID in sequence and then then trigger the OSDDownloadDownloadPackages command to download that content while the sequence is running is not.

    Back in 2018 Tweeted about this https://twitter.com/PaulEAndrews/status/1030155355236560897.

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Allow additional customization of the task sequence dialog

    Please allow additional customization in the Task Sequence High Impact Dialog Box. Enable or Disable the Individual Comment Boxes completely, and allow Hyper Links to launch a web page with more information.

    6 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. allow export all task sequences or folder of task sequences

    We have many task sequences, sorted into folders for multiple users, when it comes to archiving them, it's tedious, we'd like to archive multiple task sequences by user (or by folder), this would be great, right now you have to export one task sequence at a time which is tedious.

    45 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Allow entering XML data within task sequence apply OS step

    Allow you to be able to paste in an unattend.xml file directly into the Apply Operating System Image task sequence step instead of having to use a package. Similar to how you can add a PowerShell script directly in to the task sequence step in SCCM 1902.

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Task Sequence Detection Method

    It would be very useful to be able to control if a Task Sequence has been "Installed" or not by adding a custom detection method like we have in the AppModel.

    This is valid in scenarios where we do a bare metal required rollout and in in-place-upgrade scenarios. Combined with having different versions of a task sequence being deployed.

    30 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to Noted – see https://docs.microsoft.com/en-us/configmgr/core/understand/find-help#send-a-suggestion for an explanation of each value.

    We recently introduced Task Sequence as a deployment type for applications – see https://docs.microsoft.com/en-us/configmgr/core/get-started/2020/technical-preview-2001-2#bkmk_tsdt

    This is also in our 2002 release which is in the opt-in phase at the moment.

    With this you can specify detection methods the same way you would for applications.

    Regarding your comment for bare metal – could you elaborate on your scenario? With bare metal the machine is wiped and would have no ‘history’. In a bare metal case the registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CM_DSLID records the package ID of the image used, that may be of use to you here? Any more detail you can provide would be great, thanks.

  13. Enable New-CMBootableMedia to use a Cloud DP (or Content enabled CMG)

    This Cmdlet does not support using a cloud distribution point as the distribution point source (and neither does the GUI).

    This means that in order to use this feature we have to have an on-premise DP purely for this purpose.

    Regards
    Wayne

    19 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. AD computer object description

    Setting the AD computer object description should be allowed inside a task sequence during the domain join operation.
    Whether or not this is on the dialog box, is not important to me. I'd be happy setting a TS variable (ie. OSDComputerObjectDescription)

    Alternatively, we could use a PowerShell script using different credentials (which Task Sequences also do not allow). Similar to the way
    the "Run Command Line" allows the input of credentials.

    Right now we have to use a kludgy "Run Command Line" using credentials and run
    a batch file that calls something like: PowerShell.exe -executionpolicy Bypass -command pscommandhere
    or: PowerShell.exeā€¦

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Build Task Sequences under the Applications folder and be able to advertise, filter and add icons

    Build Task Sequences under the Applications folder and be able to advertise, filter and add icons.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to noted.

    Thanks for your feedback. We have added a Task Sequence deployment type which should address your ask.

    The opt-in phase of our 2002 release (fast ring) is now live and contains the changes for task sequence as a deployment type.

    You can opt-in and then download 2002 through their Admin Console now.
    Blog: https://techcommunity.microsoft.com/t5/configuration-manager-blog/update-2002-for-microsoft-endpoint-configuration-manager-current/ba-p/1272670
    Docs: https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-2002
    Support Information: https://aka.ms/cmcssreleaseinfo

    Try it out and let us know your feedback.
    Same additions are also in recent Technical Preview releases.

  16. Windows 10 ADK Timeline parity with SCCM Build Releases to Support 30 Month Fall Release Support Cycle

    It would appear at a high level that adjustments were not made to coordinate support timelines across the architecture of components for SCCM, Example, while extending Windows 10 1709 Ent. support to 30 months, I would expect the ADK to be supported with the Configuration Manager release 1810, (1903, 1909, etc.) to maintain parity with bug fixes.

    2 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Thanks for your feedback.

    For ADK support we always support N-1 i.e. current and previous version. This is the matrix we use for testing each release and forms this statement – https://docs.microsoft.com/en-us/configmgr/core/plan-design/configs/support-for-windows-10#windows-10-adk

    Each ADK can be used to deploy current and earlier versions of Windows 10. Between releases (either SCCM or ADK) there’s no fundamental change with how we interface.

    Can you elaborate some more on what your request is here, please?

    Thanks and regards

  17. Boot Image Azure Powershell

    Include option to inject Azure Powershell Cmdlets (including Azure Automation) into Boot Images. As many organizations are moving to the cloud, including the ability to login and run tasks in Azure is a must.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Thanks for your feedback. Updating status to noted.

    This item is very similar to "Add “AD Powershell Module” as Optional Component for boot images"

    We had to decline that as we cannot ship or take a dependency on the AD module. Similarly we won’t be able to take a dependency on Azure PSH module – we can only add what’s in the ADK.

    Your ask covers a bit more ground with the ability to run tasks in Azure so I’ll leave as noted for now.

  18. Upgrade Operating System Built-in Step: Add Option to Keep Files Only

    Customer does not have the store installed and using the built-in TS step keeps files and apps. I know that the "OSDSetupAdditionalUpgradeOptions" variable can be used, but it would be nice to have the option on the built-in TS step.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Thanks for responding.

    We cannot provide a different migration options for the reasons I outlined below. Anything other than ‘Applications, Data and Settings’ will leave the machine unmanaged – while we developed the new upgrade step we tested them all.

    I’ll see if I can source steps for reinstalling the Store without having to complete a restore.

  19. Allow Limiting the number of characters in a Collection Variable

    We use collection variables when imaging a new machine, Specifically the OSDComputerName variable is used for naming the machines. Sometimes machines get named incorrectly and have too many characters. If I was able to limit the amount of characters that could be used in a Collection Variable, I could set OSDComputerName to be only 15 characters and our task sequences would not fail because the name is too long.

    I would also appreciate if we could exclude special characters from being typed. Thanks!

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Supported Move OU step in task Sequence

    A supported step to reassign a OU in a task sequence instead of having to rely on vbscripts or powershell scripts to perform this function. Seems this could be based off the network settings step easy.

    8 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1 3 4 5 8 9
  • Don't see your idea?

Feedback and Knowledge Base