Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support V3 and newer certificate templates for HTTPS mode

    Hi,

    PKI- Make V3 Template compatible with SCCM Current Branch.

    88 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    19 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Update the Conole UI to save my changes to the column views

    Every time you add additional columns to display in the views it is lost when you close/reopen the console.

    87 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    12 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Software Center: Add support for direct link to application and direct link to installation via protocol handler.

    The new Software Center supports the "Page" command line option, but I could not find a way to jump directly to an app details page (the one that shows the Install button).

    (I'd like to change my application catalog notification tool to open softwarecenter instead of iexplore with the app details page.)

    Additionally it would be nice if the tab/page changes respecting the new command line given when software center is already open.

    85 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    11 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Set a default or preferred boot image for PXE

    Have an option to set a specific boot image for PXE. In an environment where there are multiple boot images, when a device PXE boots it will first download whichever boot image (that is PXE capable) associated with the most recently deployed task sequence. It would be nice to have an easier way to just set a default or preferred boot image for PXE instead.

    84 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating Status to completed

    The behavior is document at the link below – How is the boot image selected for clients booting with PXE?
    https://docs.microsoft.com/en-us/sccm/osd/deploy-use/use-pxe-to-deploy-windows-over-the-network#how-is-the-boot-image-selected-for-clients-booting-with-pxe

    As this item is now closed weā€™ll likely miss any new comments, to report issues see https://docs.microsoft.com/en-us/sccm/core/understand/find-help

  5. Icons and cosmetics for applications

    During the Create Application Wizard on Application Catalog step there is possibility to add some beautiful icon. BUT! The icon (.ico) size is limited to 250x250. Could you make it possible to add an icon file with picture size at least 256x256 (which is quite common size for pictures in .ico files)? Another thing as well, the icons in SCCM Applications/Packages list (Software Library-Overview-Application Management-Applications). They look all the same! Could you make them more attractive, say, the way they look in Application Catalog? Otherwise, whats the point in Icon column (which appears, by the way, as a defaultā€¦

    84 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Application Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Create an OSD variable for Secure Boot - _SMSTSSecureBootState

    Create an OSD variable for Secure Boot called _SMSTSSecureBootState. It should have three values depending on the state and the currently running OS: Enabled, Disabled, NA. This can be used during a TS to determine if Secure Boot should be enabled. Currently, a TS variable has to be defined and set based on if the registry key exists or not.

    82 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to complete.

    The opt-in phase of our 2002 release (fast ring) is now live and contains the changes asked for with this item – the new read-only variable _TSSecureBoot
    You can opt-in and then download 2002 through their Admin Console now.

    Blog: https://techcommunity.microsoft.com/t5/configuration-manager-blog/update-2002-for-microsoft-endpoint-configuration-manager-current/ba-p/1272670
    Docs: https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-2002
    Support Information: https://aka.ms/cmcssreleaseinfo

  7. Access log files from Console

    Make the log files directly accessible via the console rather than digging around in the file system trying to remember which file holds which logs and ideally make them accessible from a context menu in the relevant areas.

    81 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Troubleshooting & Support  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Distribution Points are by default NOT assigned the same priority

    CURRENT FUNCTIONALITY

    When a new Distribution Point (DP) whether it is a normal DP or a Pull DP is installed to a ConfigMgr 2012 R2 site, the priority assigned to this new DP is always the same by default.

    REQUEST FOR CHANGE

    It is often desired that Pull DPs are by default assigned lower priority than the normal DPs.

    MORE INFORMATION

    When operating a site with many (hundreds of) DPs installed, the normal DPs serve as source distribution points for the Pull DPs. It is therefore desired, that those normal DPs will have the new package files copied over beforeā€¦

    80 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Content  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Correct the "Add Selected Items" ribbon button functionality

    Currently when you select a collection(s) in the console, then utilize the "Add Selected Item" button you are able to functionally add the collection(s) selected to another collection as a member, however it does not actually add the member of the selected collection(s) to the target collection just the root collection itself.

    Example A:
    1. Open Console and navigate to Administration \ Assets and Compliance \ Device Collections \ Select a collection.
    2. Click the "Add Selected Items" button and then "Add selected items to existing device collection"
    3. Select the existing collection that is to be the target

    Theā€¦

    80 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Collections  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Task Sequence Pre-Cache for all Packages inside

    It would be nice to have the ability to conditionally pre-cache all packages in Upgrade TS and not only OS Upgrade step.

    To describe it in more details, in current design we are able to pre-cache only OS Upgrade step to computers based on conditions. This is not enough for companies with 20+ languages as best approach is to create en-us core image and then apply MUI on top of that. Doing this will cause system to report as e.g. de-de so we would need to download and distribute to 150+ DPs all supported Upgrade packages instead of distributing onlyā€¦

    79 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    11 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Fix very slow content download (and constant certificate checks) - in a HTTPS Only infra - for OS upgrades through Task Sequence.

    Basically we observe a very slow content download ("Upgrade Operating System" + "Download package content" step, for the driver packs) when doing Win10 in-place upgrade through a TS over HTTPS.
    Issue occurs on both Win10 1607/1703, using SCCM 1802 (back-end and client).
    Approx. 90% of the smsts.log entries are all about certificate validation (sometimes even multiple times for 1 downloaded file).
    After each selection/validation action, a status of <success> is returned.. but only seconds later the same selection/validation is attempted over and over again.

    77 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    15 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. Support the windows server OS being upgraded on Site Servers (in place), w/o backup & recovery or migration.

    Older version of windows server are falling out of support, or are deprecated for ConfigMgr current branch. i.e. Windows Server 2008 and 2008 R2. Support an easy way of upgrading those operating systems to newer versions of windows server.

    77 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    9 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Run PowerShell Script item in Task Sequences should allow alternate credentials

    Right now, if I need to run a PS script in a Task Sequence requires to use the Run Command Line item using PowerShell.exe. However, if I want to run a script with parameters, then I must use the -command option for PowerShell.exe, which has some odd parsing problems that can cause scripts to fail when run this way.

    76 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    12 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Integrate /ResetBase and WIM Optimization/Exporting into Offline Servicing

    In the interest in making my OS deployment task sequences as fast and as optimized as possible, I always optimize WIM files anytime they're updated or re-created.

    In my build/capture task sequence, I add a step at the very end before capture to run DISM /StartComponentCleanup /ResetBase so that all of the superseded updates are removed from the base image before it is captured. This results in a smaller WIM file and obviously, faster deployment times.

    With the built-in Offline Servicing option for OS images, once new updates are added, they remain in the component store of the image whenā€¦

    76 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    9 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. rba viewer

    RBA Viewer from the toolkit no longer opens after the application of CU1 for SCCM 2012 R2 SP1. I show this VERY useful tool to almost every customer of mine as most of them struggle with creation of roles correctly. The viewer crashes with the following message in the debug.

    73 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Integrate MBAM fully in Configuration Manager

    Integrate MBAM fully in Configuration Manager so Bitlocker key management can be done from Configuration Manager.

    73 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    6 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Add Option to Bypass Proxy for Local Address for ADR Content Downloads

    It would be extremely helpful to have an option in the software update point site system to bypass a proxy for a local address. The only options today are (see Current-SUP-Proxy-Options.png):


    • Use a proxy server when synchronizing

    • Use a proxy server when downloading content by ADRs

    The issue is when an ADR tries to download a third-party software update, it will attempt to use a proxy server and often fail because the proxy doesn't route correctly to the internal WSUS server. For example in patchdownloader.log, you will see something like <Download-Error-PatchDownloader.png>.

    There needs to be an option to not useā€¦

    72 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    7 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Add support for tftp windowsize

    I think it would be great if SCCM could have a configurable value in registry for TFTP windowsize just as it has with TFTP blocksize. Both WDS and bootmgr.exe seem to handle it but there is no easy way to get this option into the generated BCD file upon PXE boot. Seems like a low hanging fruit.

    70 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    6 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Reduce the amount of time needed perform a CM upgrade

    For most companies, Configuration Manager is becoming a mission critical service the requires less and less downtime. Upgrading large environments/DBs can take up to 5 hours for the CAS, and 4-5 hours for primary sites. Also, most customers want to get the latest hotfixes installed right after performing an upgrade. In some cases, the hotfixes take just a long to complete as the original upgrade. Overall, this can require long outages (sometimes 2 days) to get current.

    Potential Solutions:


    1. The ability to upgrade directly to the latest hotfix as noted here:
      https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/33166225-upgrade-sccm-directly-to-rollup-version


    2. Reduce the time needed to regenerate DRS sprocsā€¦

    66 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Allow us to copy information out of the "Asset Details" pane in the Deployment Status screen

    Currently the Asset Details window in the Deployment Status screen is a good overview of what is going on with any given deployment. However, many times assets in the Error or Unknown tabs require additional steps from us. I'd like to propose that the ability to copy information from the Asset Details window (much like Ctrl+C on a collection) is added to the Configuration Manager console.

    This would allow us to automate many actions with scripts and provide quick reports without having to write custom queries

    65 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    9 comments  ·  Deployment Monitoring  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base