Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building System Center Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, seeĀ https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the System Center Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Microsoft Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add separate security role permission for CMPivot

    Console users must have "Run Scripts" security role permission to use CMPivot. Can you add a separate security role permission for CMPivot so we can make administrative users with CMPivot permission but not "Run Scripts?"

    46 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Allow exclusion of OU's from Active Directory System Discovery

    Have the ability to include/exclude certain OU's from both Active Directory User and System Discovery.

    E.G. I might have an "All Users and Groups" OU at the root domain level, which may contain sub OU's containing service accounts or mailbox accounts etc. that I don't want being picked up by discovery. The ability to pick which sub OU's to discover/not discover would be really handy in this scenario. The same applies for system/computer discovery also.

    45 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    6 comments  ·  Client Discovery  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. Enable a column for Windows 10 Build Version!

    Please add a column with the OS Build version to the console. It's really a pain when reports or collection querys have to be used to get this information.

    45 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Separate defining company logo from Intune subscription

    If displaying the company logo and color scheme is further expanded to several end-user dialogs that are not necessarily Intune related, please enable defining a company logo to display in them without having an Intune subscription. Branded dialogs with company colors and logo are less likely to be misinterpreted and help end-users identify that the dialogs are originated from our organization's ConfigMgr and can be trusted.

    44 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    6 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. Download only applicable ConfigMgr upgrade packages with ServiceConnectionTool.exe

    If you have deployed offline Service Connection Point, ServiceConnectionTool.exe now (in ConfigMgr 1511 - 1606) downloads ALL published ConfigMgr update packages when you use -connect parameter. E.g. if your site only requires post 1606 hotfix, ServiceConnectionTool.exe downloads 1602, 1606 installation packages although they are installed! Currently it will download over 7 GB of updates, when you just need about 25 MB update package. This is just waste of time, network traffic & disk space.

    Please improve ServiceConnectionTool.exe, so it would only download the update packages that are applicable for the current installation.

    43 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. SCEP for Mac - Add support for macOS High Sierra 10.13

    macOS High Sierra 10.13 was announced nearly 6 months ago for developers and beta testers. It has been released to the public for over 2 months.

    Please update the SCEP for Mac application to support the latest version of macOS.

    43 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    7 comments  ·  Endpoint Protection  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. OSD Task Sequence (1703) Not Displaying

    When running a task sequence to deploy a 1703 based image, the second part of the task sequence: "Setup Operating System" does not display.

    The screen saying "Just a moment..." is displayed instead of the SCCM task sequence screen, meaning you cannot see the progress.

    If the machine is left, it does actually complete the steps, but it would be nice to see the SCCM screen once again!

    42 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Thanks for all your suggestions and feedback, updating status to completed since this appeared limited to earlier Windows releases.
    Testing with 1803 (Redstone 4) and 1809 (Redstone 5) have been fine also with Task Sequence Progress UI shown. The ā€˜Just a moment..ā€™ is not something under task sequence control, installing manually shows the same behavior.
    If you do see issues please file a bug or another UV item and we’ll investigate.

    Also, SCCM 1902 fast Ring released today
    Blog: https://techcommunity.microsoft.com/t5/Configuration-Manager-Blog/Update-1902-for-Configuration-Manager-current-branch-is-now/ba-p/376516
    Docs: https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1902

  8. Secret task sequence variable value Exposed

    We have the need to run a command line in the task sequence and leverage a secret value TS variable ADMACCTPW set with the local admin account password. Example Run Command Line "net user admin %ADMACCTPW%
    The issue is in the SMSTS.log the variables are all expanded like the ProgramName = 'net user admin mynewadminpassword' InstallSoftware 7/1/2016 12:58:58 PM 4468 (0x1174)

    Thereby exposing the secret value TS variable

    42 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    8 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Thanks for the additional comments.

    There was a bug where if the task sequence steps were reordered then the variable was replaced by a GUID, this was fixed 8 September. Any Technical Preview from 1809 onwards would have the fix – https://docs.microsoft.com/en-us/sccm/core/get-started/technical-preview

    Please note, we don’t always look back on comments for items that are marked closed. For bug reports please use Feedback Hub or Send a Frown to submit this to the product group. For more information, see: https://docs.microsoft.com/en-us/sccm/core/understand/find-help

    Updating to completed – this item is addressed in our 1806 release. Thanks for the suggestions and feedback

    General Blog: https://cloudblogs.microsoft.com/enterprisemobility/2018/07/31/update-1806-for-configuration-manager-current-branch-is-now-available/

    Docs: https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1806

  9. task sequence auto clear cache option after application install

    When we deploy an operating system we like to deploy the majority of the required applications at that time to ensure the computer is locked for the entire process and when the user then goes to use the computer all the applications are available. The issue is some of our applications are large and we have to break up the install application step with a clear cache step to ensure the applications install successfully. Now with 1702 we can have up to 99 applications in the install application step but with out the intelligence built into the task sequence toā€¦

    41 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating status to completed – see https://docs.microsoft.com/en-us/sccm/core/understand/find-help#send-a-suggestion for an explanation of each value.

    Our 1906 release is now available and this contains a new option on the Install Application task sequence step to clear the cache once installed.

    Blog: https://techcommunity.microsoft.com/t5/Configuration-Manager-Blog/Update-1906-for-Configuration-Manager-current-branch-is-now/ba-p/775553

    Docs: https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1906

  10. Validate Endpoint is online for Peer Cache

    When using Peer Cache, if the Peer is no longer online or not available for connect there is a 7.5 min delay to fail to the next system. if the first connection was a validation of the systems online status ("Are you there") the need for this delay would not be needed. the requesting client could attempt to make connection (presumably when it's doing the resource checks for Battery, CPU load, Disk IO and available connections) and if the connection times out (very short reasonable time) it moves to the next peer on the list.

    41 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Content  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. Don't Set CCMClient to Provisioning mode if running Compat /SCANONLY option

    Currently, anytime you run the upgrade OS step, it set the client into provisioning mode, despite the options you're choosing. Could this be changed, that if you pick "Compatibility scan without upgrade" it would NOT put the client into provisioning mode.

    I've had users reboot the computer when the scan was running (silently in the background), and then the client was in provisioning mode.

    40 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →

    Updating Status to completed. This was addressed in our 1806 release – thanks for the suggestion and feedback

    General Blog: https://cloudblogs.microsoft.com/enterprisemobility/2018/07/31/update-1806-for-configuration-manager-current-branch-is-now-available/

    Docs: https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1806

    As this item is now closed weā€™ll likely miss any new comments, to report issues see https://docs.microsoft.com/en-us/sccm/core/understand/find-help

    re: Gary Blok
    Which version of SCCM are you using? We have multiple checks to reset ProvisioningMode to false in event of Rollback.
    Would you be ok with contact to gather logs from one of the rollback and some other info.?

  12. Provide a method for expiring standalone media

    There are many ways to expire standalone media but most involve using a date stamp to compare with system time to determine if the sequence is still supported. Changing the system time circumvents this process. With Windows Servicing, it will be critical that an administrator be able to limit installation at or near the end of a support cycle. A supported process for expiring media programmatically ensures new devices aren't installed outside of a supported servicing window.

    39 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Show version incompatability and allow ability to upgrade console to match the Primary site version of Configuration Manager

    Today, you can be running a console with one version, that is not in synch with what is running on the primary. The only way you'll know is if you are missing features added to a newer release or if troubleshooting leads you down that route. You have to check the about page in the console to verify version number and compare that against what is installed on the Primary site server to see if they match, what I'm proposing is an easy visual way in the console to inform you when your versions don't match, and to offer theā€¦

    39 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Allow all Admin Console access to require MFA

    Make everything more secure by requiring Multi-Factor auth for console access. Bonus: make it work over the internet securely.

    38 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    7 comments  ·  Admin Console  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. 12 months to decommission any SCCM site servers running on Windows 2008 and Windows 2008 R2

    Now that Configuration Manager vNext Build 1511 has been released, we have 12 months to decommission any SCCM site servers running on Windows 2008 and Windows 2008 R2.

    All the details can be found here - https://technet.microsoft.com/en-us/library/mt210917.aspx

    I'm working in a large organization and our SCCM infrastructure is made of 1 central site, 4 primaries and 622 Distribution Points running the Windows 2008 R2 OS...and we can not migrate as many servers in just one year...especially in the middle of the fiscal year where the IT budget has already been reviewed numerous times and approved by our management several monthsā€¦

    38 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    completed  ·  3 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Role-Based Administration - Document what permissions control... or at least start!

    The Role-Based Administration documentation does not describe what the individual permissions actually control, and they are not self explanatory. For example, under Collection, you see several different 'modify' permissions and it isn't clear what they each control:

    -Modify
    -Modify Client Status Alert
    -Modify Collection Setting
    -Modify Folder
    -Modify Resource

    Please provide even a basic amount of information about what they control in the console. This will help prevent us silly sysadmins from just giving people tons of permissions so we don't have to reverse engineer what each of the settings does in order to let people do just what theyā€¦

    37 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Documentation  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Allow copying text from deployment monitoring "More details" window

    The "More Details" right-click function in the Asset Details view under each monitored deployment currently does not allow you to highlight and copy any of the text. This might sometimes be handy while sending deployment information to colleagues or building hand-made lists of computers with a specific error status, etc.

    37 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    9 comments  ·  Deployment Monitoring  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. Enable deadline randomization for Applications and Packages in addition to software updates

    Deadline randomization is currently in place for software updates only. We were hoping that would expand to both applications and packages as well. This would reduce the demand for applications and package installations in a shared environment (virtual). We currently have this available with software updates. We'd like to see the scope expanded to include package and applications.

    37 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Support Evaluation of "On Battery" for Most Client Activities

    To reduce potential for failures due to low battery situations and to minimize the ConfigMgr client's impact to system battery life, introduce a check for certain client actions to allow them to be delayed or bypassed when the system is found to be running on battery or running critically low on battery:
    + Software distribution
    + Compliance settings
    + Inventory
    + Anti-malware scans

    36 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Client Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  20. Make Cloud Distribution Point fully functional

    Enable appropriate distribution point functions on Cloud DPs like Group Relationships, Content, Boundary Groups, Schedule, Pull Distribution Point, and Rate Limits.

    of course, PXE and Multicast would not be appropriate Cloud DP functions.

    36 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    completed  ·  2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
1 2 5 7 9 21 22
  • Don't see your idea?

Feedback and Knowledge Base