Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  SDK, PowerShell, and tools  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Option to deeplink to application in application catalog

    Would like the option to send a direct deep link into a specific application in the application catalog.

    Why?
    When the servicedesk want to inform a user of a specific app available from the catalog it would be a lot easier if they could send a link directly to the app instead of the startpage.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Application management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. WTGCREATOR.EXE

    WTGCREATOR.EXE
    enable the prestaging of multiple USB Sticks at the same time.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating system deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
    declined  ·  sangeev responded

    Marking as declined.
    The tool is owned by Windows and they are not investing further in WTG.

    Updated by bobmn for sangeev/OSD

  4. IsSupervised field needs to be set when device is enrolled after a wipe/reset

    This is a bug that needs fixing.

    Using ConfigMgr 1710 in a hybrid configuration with Intune and devices synced from Apple's DEP after the initial enrollment if you wipe the device to enroll for a new user the IsSupervised field does not get set and the Activation Bypass options get greyed out.

    Having a logged a call a workaround is possible by manually adding a record to the MDMDeviceProperty table but when you are managing 750+ devices with a high staff turnover manually adding this record every time really isn't practical.

    The support team have told me to add thisā€¦

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Intune Hybrid User Affinity w/ 2FA and Apple DEP

    Right now there is no way to assign user affinity to a device procured through Apple DEP with Microsoft MFA enabled.

    There is a workaround on the Intune standalone where it pushes the company portal app then the user signs in, but on the Hybrid side we cannot accomplish this and must resort to No Device Affinity profiles.

    Having the option of "Optional User Affinity" would work as we could just skip past the Apple Configuration piece that doesn't work with MFA but accomplish the same thing by signing into the Company Portal after the fact (which doesn't work whenā€¦

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Leave unenrolled mobile devices in the database

    Cureently, when you unenroll a device from the Intune Company Portal, it gets removed from the SCCM database immediately, and we can't query or report on unenrolled mobile devices. It would be nice to have them remain in the database for a period of time, maybe 90 days, so that we can create a query, collection, or report to find recently unenrolled devices.

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. invoke-cmdevicewipe

    One of my client asked me to create a script to automatically selective wipe a mobile device that have not connect since 2 months.

    I tried with invoke-cmdevicewipe but I can't do selective wipe. This powershell command is for a full wipe only.

    It is possible to add a switch to this cmdlets or a new one to selective wipe a mobile device?

    I also tried invoke-cmdeviceretire and it's not doing what they want.

    Thanks

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  SDK, PowerShell, and tools  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Allow for SDK process to add to hardware inventory

    I want to be able to add business data to computer resources in ConfigMgr, without the need to populate hardware inventory on the client.

    I want to use the SDK to add additional properties/tags - things like production/nonprod, warranty information, application grouping, etc.

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  SDK, PowerShell, and tools  ·  Flag idea as inappropriateā€¦  ·  Admin →

    There’s two approaches you can do to this today.

    The most simple approach is by sending a custom DDR with additional properties. See: https://blogs.msdn.microsoft.com/ameltzer/2014/10/02/sdk-creating-ddrs-on-the-site-server-using-the-client-messaging-sdk-part-2-creating-system-ddrs/ for more details on this.

    The second approach is to extend hardware inventory. See: https://blogs.msdn.microsoft.com/ameltzer/2013/04/10/sdk-creating-custom-inventory-classes-for-clients-with-the-client-messaging-sdk/ for more details on how to do this.

    I hope that this addresses your needs!

  9. Azure Aware SCCM Hybrid

    I don't like that the Azure device dashboards throw multiple errors when running SCCM in Hybrid mode. I have to go to Azure to configure Conditional Access and the multiple errors are annoying at best. I guess this is more an Azure development but I would like the dashboard to be aware that MDM authority is with SCCM and adjust the blades/views accordingly

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Cloud services  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Full phone number on Samsung Devices is not displayed

    When I click on a Company Own Samsung mobile device profile the phone number has the first 6 digits as asterisks.

    This causes a major issue with reporting.

    There should be no reason the phone number should be hidden. It's not a private piece of information. If you are having your phone joined and managed through InTune, as the administrator, I should be able to know the full phone number of that device so I can actually call the user if there is an issue with their device.

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Improuving Powershell cmdlet performances

    I have written thousands of powershell lines to manage SCCM from powershell. I really don't understand why powershell cmdlets are so slow comparing to wmi ones. I really suggest to try to improve it.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  SDK, PowerShell, and tools  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. cumulative updates versions for consoles

    When installing a cumulative update on console , the version seen in windows "program and features" or in sccm resource explorer - installed application is not updated. making the CU deployment difficult to follow up. Could you be sure this is updated with the CU installation. screenshots for CU3 in attached doc

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  General  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Declare the CI settings better for iOS Kiosk Mode

    When I setup a Kiosk Configuration item, the Wizard show me, that I Am able to configure the Touch Screen. When I set it to dsiabled, the Touch Screen is working, on Enabled the Touch screen is not working.
    Or if you check the attached picture, with the Current Settings, the Volume Buttons are disabled on the Device.
    This is very misleading and should be corrected!

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Compliance and settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Identical to the anti-malware policy, configure DirectAccess clients to have the option to download security updates/fixes from Microsoft.

    Identical to the anti-malware policy, configure DirectAccess clients to have the option to download security updates/fixes from Microsoft. This will remove the need to have a cloud DP or CMG be configured just to have the DA clients be updated with security fixes/patches. If this can be tagged against a boundary group or collection that will be great!

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. Replace .wim download via tftp with wimboot via http with ipxe

    The idea of wim download via tftp is so 20 century. Takes 59 sec to download wim in my environment during TS PXE boot (then the actual boot process)
    Same .wim bootted with ipxe/wimboot via http takes 15 seconds all in! (that is less then a 1/4)

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating system deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Provide the ability to separate retire, wipe and delete resource permissions for different security roles

    At the moment, a person requires the delete resource right to wipe/retire a device. Some organisations would prefer to separate the ability to delete, wipe and retire devices.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Cloud services  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Support for Windows Server 2016 Nano OSD

    Support for Windows Server 2016 Nano OSD

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Operating system deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Add Mandatory Option for Terms and Conditions Policy during Intune Enrolment Process

    Currently, the Terms and Conditions policy in Intune is useless because is not mandatory. Users still can enrol their devices in Intune without confirming the Terms and Conditions.

    Like on any stores (Amazon), if you don't accept terms and conditions, you won't be able to buy your items.

    Since the solution control BYOD devices, it's important to make sure the users is aware of all operation tasks that can be made on his device. (Wipe)

    Currently, terms and conditions acceptance is reported in Intune but as no value if it's not mandatory. Telling the users to go on the portalā€¦

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. .chache Inheritance is disbaled

    My customer is running into this issue:

    By default after the client installation 1702 +UR1.
    1. In %Appdata% of the Users Software Center Folder ā€žInheritanceā€œ is enabled
    2. But on the ā€ž.chacheā€œ folder ā€žInheritanceā€œ is disabled

    All other Folders and Subfolders have the Inheritance enabled under Appdata. Is this not a BUG? Why is on the .chache folder the ā€žInheritanceā€œ disabled?
    Customer doing appdata redirection and enabled the Inheritance on the .chache because they need this. Later on after SCCM Client Upgrade all setting are back on default again.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Need to have a dashboard or report to see when passcodes/PIN expiration are.

    Frequently, IOS users will not see the notification of when their Passcode/PIN will expire. I need to be able to view a dashboard or run a report of upcoming expirations in Endpoint Manager.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Cloud services  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base