Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Run Script Needs Better Logging on the Server Side

    The scripts.log on the client is great, but I have seen where the console never gets results. I've waited 10 minutes and it just sits there showing the green progress bar. The script itself runs in less than 2 seconds. The MPRelayMsgMgr.log and SMSMessageProcessingEngine.log on the server don't show the machine name, and the information they do show is limited. Makes troubleshooting really difficult when the script that needs to run allows you to remote into a machine (remoting is blocked by company policy and a PowerShell script is needed to run in order to enableā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Run Script Needs Better Logging on the Server Side

    The scripts.log on the client is great, but I have seen where the console never gets results. I've waited 10 minutes and it just sits there showing the green progress bar. The script itself runs in less than 2 seconds. The MPRelayMsgMgr.log and SMSMessageProcessingEngine.log on the server don't show the machine name, and the information they do show is limited. Makes troubleshooting really difficult when the script that needs to run allows you to remote into a machine (remoting is blocked by company policy and a PowerShell script is needed to run in order to enableā€¦

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Tenant Attach multiple device selection

    Have the possibility to multi-select devices, like we can do in ConfigMgr, mainly for CMPivot scenarios when helpdesk would like to check for more than one device without having to use the stand-alone CMPivot tool.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Ability to collect client logs via Tenant Attach

    It would be great if we could, like we can do in the console, to collect client logs in Mem/Tenant Attach so that helpdesk technicians can do this without using the console

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Use a Stronger Cipher for Client Notification Server Communication

    Use a stronger cipher for Client Notification Server communication.
    A MECM client connects to the Client Notification Server on port 10123 and (on Windows 10) uses the cipher TLSRSAWITHAES128GCMSHA256 to communicate.
    This cipher is marked as weak by some security vendors because it doesn't use ephemeral keys, and past communication is not protected.
    (https://en.wikipedia.org/wiki/Forward_secrecy)
    In an organization where this cipher is disallowed in the org for security reasons, client communication with the Client Notification Server falls back to HTTP, which is completely insecure.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Search filter for Client Operations in Monitoring

    Client Operations in Monitoring allways open with 1000 oldest. Maybe a better start filter could be recent summarized. there's also a saved search filter but no search option!

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. Peer Cache

    We are currently having an issue with Peer Cache where it will reuse folders in the Cache directory causing a Hash Mismatch error.

    We suggest either Peer Cache checks to make sure a folder doesn't already exist before it downloads or we suggest that the Task sequence does fail and just moved on to the next Super Peer.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. CMPivot Functionality

    What if CMPivot changed to a client notification methodology. Send the CMPivot "Question" to each client, and let the client answer with its results with randomization. Afterward, the CMPivot query would record its last run time and cache the results for a period of time, which would be visible in the console. Moving to a notification style procedure would avoid waiting for synchronous CMPivot (Slow) results and allow for distributed processing (Fast).

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. be able to clean multiple client operations at the same time on the monitoring node

    Currently we are only able to clean 1 client operation by 1, when it comes time to cleanup it's so long ...

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Allow CMPivot to query HKU keys with Registry()

    Currently, CMPivot uses Get-Item in PowerShell to gather Registry() information. By default, only HKLM and HKCU exist as a PSdrive. CMPivot could work around this by creating a HKU on the fly during a query.

    New-PSDrive -Name HKU -PSProvider Registry -Root HKEY_USERS

    This would allow greater capabilities in querying the registry and searching for profile/user based registry keys.

    Futher explanation here: https://twitter.com/PotentEngineer/status/1327354096932827138?s=20

    49 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Inventory and reporting on User Installed Software

    There are many applications now that users can install without admin rights, including some from Microsoft (like TEAMs). They are installed in the User's profile on the machine, and there is no way for SCCM to inventory it. This is making it difficult for us to 1) identify certain applications we do NOT want on our systems, and 2) identify versions of these applications that may have problems or vulnerabilities we need to patch.

    The issue is shown here in this blog:
    https://www.enhansoft.com/user-installed-software-and-why-you-should-care/

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Add extra details in CMG Proxy log (SMS_CLOUD_PROXYCONNECTOR )log

    Add extra details in CMG Proxy log (SMSCLOUDPROXYCONNECTOR )log

    More details for below errors to clearly point out that Network Split tunnelling or Web proxy is bloacking connection /communication would be helpful

    ERROR: Failed to handle response from server. Cound be intermittent network issue. Exception: System.Net.WebException: The underlying connection was closed: The connection was closed unexpectedly.

    This error is collected from SMSCLOUDPROXYCONNECTOR.log

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Software Center does not handle a refresh upon policy change very well when it's open.

    Software Center does not handle a refresh upon policy change very well when it's open. I constantly have tell my users to hit F5 in the open software and wait for the application to arrive. I have this problem in my lab environment when testing software all the time and it's not limited to new deployments. This behavior is seen sometimes even after software just installed. If you have software center open and install software, sometimes it says 'installed' while other times it reports something else until you hit F5 and refresh. Can a screen refresh be triggered upon policy/appā€¦

    16 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Add run script possibility to CM generated nodes/"collections"

    Make it possible to run powershell scripts directly from CM created "collections" eg when you click on somethig under monitoring to check client problems and it brings you bak to Assets and Compliance whith a collection of the devices with a certein problem.

    So that you wont have to make a new collection of these devices and then run the script.

    Sometimes you just want to fire & forget, and then later maybe check back in on the monitoring tab.

    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Add a description column in the "Scripts" node in the Software Library

    It would be nice to have a "Description" column in the Scripts node in the Software Library. I have multiple scripts in my library and keeping track of them gets tedious without having a readily available description of each script.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Run Scripts: Add the option for scripts to access package content

    Add an option to scripts to be able to define a package source so that you can access additional files from your script without needing to point to a network location. Not everything fits neatly into a single script and sometimes you need additional files for modules, config files, etc. This could work similar to the "Run Command Line" task sequence step.

    Yes I know you can just use a package for these, but packages are so 2007. Besides, we all want speed!

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Hide parameter values in Run Script log

    Task Sequence can hide values from being recorded in the task sequence log. It would be nice to have this ability to do the same for the Scripts (Scripts.log). I know it is not recommended to use passwords while using the Scripts feature, but there are cases which I want to send passwords. I don't really have any concern in certain cases. However, I just do not like how the password (script parameter) can be viewed later within the Scripts.log. It would be nice to have the same feature to hide parameters as the Task Sequence will hide credentials inā€¦

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Run Scripts: Allow the possibility to limit Run Script execution to one device only

    It would be really useful, if not mandatory, that some scripts under "Run Scripts" feature allowed to be executed only on one device at a time, avoiding the possibility to run it under a collection or a selection of multiple devices.
    The reason is, according to my point of view, avoiding the possibility to run scripts that need device-specific parameters.
    For example, runnin a script that renames a device. If by mistake that script were run on a device collection, it would probably end up with all devices with the same name.
    I guess this option (a checkbox maybe) shouldā€¦

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Run Scripts: Add Description

    I'd like the ability to add a description for the Script I'm adding into "Run Scripts". Right now I try to make the names descriptive, but would like to go into further details about what parameters they can use, what's going to happen, etc.

    35 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Run Scripts: Allow for specifying the number of concurrent jobs

    Run Script: Define # of concurrent jobs (optional)

    It would be nice if, optionally, we could limit the number of machines the script is being executed on simultaneously.

    For instance, I created a script that is collecting some local logs and pushing them back to a network location.
    I do not want it to run on 1000+ servers simultaneously so if I could define the maximum number of servers the script should be run from concurrently, that would be nice.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Client Operations  ·  Flag idea as inappropriateā€¦  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base