Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Resource Explorer

    Can Resource Explorer be updated to include the device name of the object you are looking at in the title bar.

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Collections  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Sccm reads windows security logs at startup

    The sccm client startup process is very heavy. On our machines we have a very demanding security baseline which gives us a huge windows security eventlog. Reading out this eventlog alone takes over 30 seconds at 25% CPU which makes the startup process of the computers even slower than it is. As we understand it SCCM reads pretty much the entire security log every time the service is started. Even if it's started twice in 30 minutes for whatever reason. We aren't sure what the point is of reading out 100MB of security logs, but it seems a waste. We'dā€¦

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Client Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Thank you for your feedback. Do you have user device affinity enabled in your environment? If you do, is it configured to automatically determine affinity? Changing user device affinity configuration may reduce this overhead.

    For more information, see: https://docs.microsoft.com/en-us/mem/configmgr/apps/deploy-use/link-users-and-devices-with-user-device-affinity

    We will consider looking into ways to improve this in the future.

  3. New-CMOperatingSystemUpgradePackage need an Index switch

    New-CMOperatingSystemUpgradePackage need an Index switch. Unlike the wizard in the console where you can select a specific index to import, you cannot when using PowerShell. This is especially important when servicing the OS upgrade package via the Console.

    6 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Warn when deployed application hasn't been uploaded to distributed points

    Suggestion: If you try to install an application that hasn't been distributed, the software center indicates "installing" with a spinning blue wheel. This unnecessarily trips up people new to SCCM and can make for a frustrating end user experience.

    Can the Management Console warn when you're trying to deploy an app that's not distributed?

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Application Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Combine Resource Explorer and Properties

    It would be very helpful if the Properties window of a device included all of the information in the Resource Explorer.

    Motivation:
    1. I almost never open the Properties view because it rarely contains the information I'm looking for. The Resource Explorer, on the other hand, has almost everything.
    2. Having the Resource Explorer buried under a sub-menu makes it difficult to train and convince technicians to use it in their day-to-day workflow to find information and solve problems.
    3. Since Resource Explorer is far more useful than Properties, it should be the easier of the two things to getā€¦

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. OSD - Create Variable to control creation of DisableCMDRequest.TAG in Setup Windows & ConfigMgr Step

    During OSD, specifically the Setup Windows & Configuration Manager Step, the step creates the file DisableCMDRequest.TAG right before rebooting from WinPE into the Full OS

    This disables the F10 prompt during the Windows Setup.

    Could you allow us to change this behavior via TS variable?
    Example: SMTSTDisableCMDRequest = False

    [Bonus] Then also automatically set the it to false if TSDebugMode = True

    This would be helpful for troubleshooting Windows Errors during Setup before the TS kicks back in after setup. (SetupComplete.cmd runs)

    16 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Thanks for your suggestion. Updating status to noted – see https://docs.microsoft.com/en-us/mem/configmgr/core/understand/find-help#send-a-suggestion for an explanation of each value.

    Can you elaborate with some examples of why this would be needed?

    We already have the task sequence debugger and comprehensive logging. https://docs.microsoft.com/en-us/mem/configmgr/osd/deploy-use/debug-task-sequence

    Also, Windows developed SetupDiag which can be run from the task sequence or used on setup.exe completion https://docs.microsoft.com/en-us/windows/deployment/upgrade/setupdiag

  7. Install MECM Support Center alongside client by default

    I have no metrics to back this up, yet I feel Support Center is under utilized as it has to be installed separately and manually from the MECM client.

    Could you give us one or more of the following options?
    1) Add an checkbox in the client install settings area to have Support Center install after the MECM client is installed.
    2) Have Support Center install by default like the MECM client
    3) Make installing Support Center an option in the Add dropdown under a Tools folder, in the TS editor.

    15 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Tools  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Great ideas.

    We don’t package Support Center with the client at this time because it would add 15MB or so to the MSI package, and we’re trying to avoid bloating it as much as possible.

    That being said, there’s certainly no reason we can’t have other solutions in place to make it easier to get Support Center onto client machines or to otherwise opt-in to having it distribute with clients.

    We will look into ways to improve this in the future.

  8. Trigger log collection from task sequence either automatically or via client action

    The new option in the console for Client diagnostics - Collect Log files, need to be able to trigger option from the client running a task sequence. The reason for this is when a task sequence logic encounters a error and you want to auto capture the logs, this client action will be key to automating the log captures. Also for Windows 10 Servicing where the machine runs on the Internet and capturing the logs works great over the CMG, but again just want to automate the log capture than rather manually capturing the logs.

    0 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Troubleshooting & Support  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Missing cmdlet: Set-CMApplicationGroupDeployment

    We need the ability to deploy application groups with PowerShell.

    Similar to Set-CMApplicationDeployment - but for groups.

    22 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Do not create folders and collections trough desktop analytics

    Desktop Analytics create some folders and Device Collections (Deployment Plans, Pilot, Production, ...).

    I don't need it, I like to delete or at least to move this folders, do not re-create this folders and collections daily.

    4 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  2 comments  ·  Desktop Analytics  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Some models pre-download driver packages for other models (Add an "Exact match" checkbox)

    We have a lot of different kinds of Dell client computers and some of the model names are very alike.

    We also have a network which doesnā€™t allow us to use peer-to-peer techniques to lower bandwidth usage so we need to create rings and make a couple of computers at the time pre-download osupgrade packages and drivers before deploying an IPU to the mass.

    Two of the models we have are "Latitude 7390" and "Latitude 7390 2-in-1".
    (This is not the only combo of models that suffers from this behavior)
    We've created one driver package for each of them.
    Butā€¦

    5 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Install Servicing Stack Updates (SSU) Before Other Updates When User Initiated

    The Current Branch 2002 release introduced a feature to install SSUs first but only when triggered by the deadline.
    From the docs:
    "SSUs are installed first only for non-user initiated installs. For instance, if a user initiates an installation for multiple updates from Software Center, the SSU might not be installed first."

    A lot of work has been put into encouraging user-participation in the patching process. I want the user to decide when they're ready to install the updates and avoid situations where the deadlines impact their work. In those scenarios the behavior introduced in 2002 therefore not helpful.

    Iā€¦

    146 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Ability to create writable RAM drive when no other writable partiotions available

    The essential need to run executable content from package before drive partitioning step (or any other case of unavailability of writable partiotion). "Data Access" package feature seems not working in OSD TS.

    3 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to Noted. See https://docs.microsoft.com/en-us/mem/configmgr/core/understand/find-help#send-a-suggestion for details on each status value.

    Thanks for your feedback, may I ask for more details. Are you saying the ‘Run another program first’ option on the task sequence properties is not working?
    Or how are you launching the executable content? Also, to run from the distribution point using q task sequence step e.g. Run Command Line step or Install Package the task sequence deployment must use "Access content directly from a distribution point when needed by the running task sequence’ set.
    For that that to be set, all referenced packages need the ‘Copy the content in this package to a package share’ set.

    Let us know more about what your trying and we should be able to help out.

  14. API/PowerShell cmdlet to manage/automate CMG certificate renewals

    Companies are looking for alternatives to the large public CA authorities like Verisign and DigiCert, one such alternative is Let's Encypt. They offer free public-signed certificates, the only problem is the certificates need to be renewed every 90 days. The renewal can be automated using Certbot.

    However there does not appear to be any functionality in the current ConfigMgr release to allow for automated certificate replacement/renewal. This seems to be a gap in the PowerShell functionality.

    Sure its only a few minutes every 90 days to log into the console open up the CMG instance and update the certificate, andā€¦

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Full support for ECC Certificates

    Machines with an EEC client certificate can connect to the DP to download the content and install the agent but the client never registers with the site.

    once i suspected the ECC certs I was able to find thread on technet which confirms the same issue I was seeing
    https://social.technet.microsoft.com/Forums/en-US/cc9ec0ff-5998-4225-9ce1-2c7b5fe5677d/sccm-and-ecc-certificates-not-supported?forum=ConfigMgrDeployment

    17 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Client Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Integrate the Desktop Analytics Logs Collector

    When you need to troubleshoot desktop analytics you can use DesktopAnalyticsLogsCollector.ps1 but then you have collect the log files or have remote access to the clients.

    Can you integrate the Desktop Analytics Logs Collector into the Client Diagnostics work being taken as part of TP 1912).

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Desktop Analytics  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Add a vendor parameter to Get-CMSoftwareUpdate

    Add a vendor parameter to Get-CMSoftwareUpdate

    This will help identify updates from specific vendors that have been provided through Third-party Software Update Catalogues.

    18 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Tool to find out what cause SCCM Client installation/Communication failure on Workstations

    In our environment SCCM Server installs client on discovered resource but they failed to install due to machine specific issue, could you prepare a tool which we can give it to floor support technician to run on machine which have SCCM Client issue or Installation failure, the tool should check for all prerequisites for client install also firewall issues like (WMI and File and Print sharing not allowed ) it should the issue with which it becomes easy to fix the underlying problem and get the sccm client successfully deployed

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  0 comments  ·  Troubleshooting & Support  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Extend "Model" field to Packages & Applications for Pre-caching of Task Sequence content

    The new Model field on drivers is useful, but needs to be extended to other content types, like Packages & Applications, where Model specific items need to be installed (e.g. specific HP SoftPaqs, or video drivers that need to run from .EXE etc).

    38 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Show Client Version in HELP-ABOUT from ConfigMgr console

    While working with boot images, I need to click UPDATE DISTRIBUTION POINTS and see if the client within the boot image is the same as the client on the site server. It would be nice if I can see the current (latest) ConfigMgr agent shown in HELP-ABOUT from ConfigMgr console as a all-in-one screen so I would spare some time checking and updating the boot images

    1 vote
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to noted.

    Thanks for your feedback.

    Not sure what I’m missing here…
    The ‘About Microsoft Endpoint Configuration Manager’ shows ‘Site version:5.0.9012.1000’ – that’s an example from our 2006 release. The same is shown in the Boot Images view, the Client version column.

    The update Distribution Points wizard shows the current ADK version, the current production client version and in the table below the reload option we show the OS version of the boot image and the version of the client binaries.

    Could you let me what I’m missing? The information present in the wizard covers everything you’d need to know – in my opinion anyway.

    Thanks

← Previous 1 3 4 5 33 34
  • Don't see your idea?

Feedback and Knowledge Base