Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Peer Cache Options

    Add an option to have Peer Cache to work with boundary groups, subnet broadcast or both. My understanding is that 1607 Peer Cache will broadcast local subnet for peers that have the content, 1610 it's based off of Boundary groups. In environment, using boundary groups for peer cache will not work, like to have the option to tell the clients to use boundary group, subnet broadcast or both?

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  4 comments  ·  Content  ·  Flag idea as inappropriate…  ·  Admin →
  2. SCCM Gateway Servers for Deployment to DMZ's

    We should be able to deploy SCCM Gateway servers for deployment to DMZ, Internet and Remote locations where opening ports to the management servers / domains are not feasible. We are unable to forward ports from the internet to our LAN and must use a DMZ. There is no way to implement SCCM for IBCM because of this.

    61 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriate…  ·  Admin →
  3. Pause a Task Sequence when you want, as many times you want with just a variable

    By default you can pause a Task Sequence by adding a step in the TS that will display a msgbox.

    It would be cool to be able to pause a TS when you want and as many times you want.

    It is possible by changing the ztiutility.vbs file and add the below process:
    - Create a new TS variable TSPause
    - If this variable is configured to True a msgbox is diplayed

    See a post I did about this:
    http://www.systanddeploy.com/2020/02/pause-task-sequence-when-you-want-with.html

    61 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    Updating status to completed.

    Our Task Sequence debugger covers this and allows setting break points for each step.

    https://docs.microsoft.com/en-us/configmgr/osd/deploy-use/debug-task-sequence

    Regarding popping a message box, there’s additions in our 2003 Tech Preview released yesterday you may find interesting. Links added to this item https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/15154383-include-the-serviceui-exe-functionality-in-task-se

  4. Add Windows 10 Build Subversion "UBR" collection to the default HINV classes

    The UBR registry key is responsible for displaying the subversion of a Windows 10 build to the end-user. For example 14393. where is the UBR string. If this is added to the HINV list of default classes this will allow for administrators to retrieve this information!

    This is located in: HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

    UBR REG_DWORD

    This will help administrators differentiate what intermediate builds of Windows 10 they have install and also support patch management because they can easily compare the released patches to the subversion build each month.

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Client Discovery  ·  Flag idea as inappropriate…  ·  Admin →
  5. Remove the need for App Catalog, by providing all functionality in Software Center

    Currently, some functionality is only available in the application catalog, and not in software center. Make it so everything can be done in software center, so we can remove application catalog... and Silverlight... and local site security configurations.

    59 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add a column to device collections not only for Operating System but build/releaseid

    Is it possible to add a column to device collections for OS build / release id (i.e. Windows 10 1703 or Windows 10 15063.xxxx) to easily identify the installed Windows 10 version. The column Operating System is sometimes not quite enough information. Thanks!

    59 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Admin Console  ·  Flag idea as inappropriate…  ·  Admin →
  7. PowerShell cmdlets for editing task sequences

    Being able to edit task sequences with PowerShell would make managing task sequences much easier. Some possible new cmdlets could include:

    Add-CMTaskSequenceStep
    Get-CMTaskSequenceStep
    Remove-CMTaskSequenceStep
    Set-CMTaskSequenceStep

    Add-CMTaskSequenceGroup
    Get-CMTaskSequenceGroup
    Remove-CMTaskSequenceGroup
    Set-CMTaskSequenceGroup

    58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  PowerShell  ·  Flag idea as inappropriate…  ·  Admin →
  8. Unable to import state message from 'co-management' enabled client

    nable to import status message when following condition.
     ・Clients with co-management enabled
     ・If the state message(.SMX) contains Japanese

    ◆Error Log
    [statesys.log]
    SQL MESSAGE: spProcessStateReport - Error: Message processing encountered a SQL error 241 at record 53 for TopicType 810:
    " Conversion failed when converting date and/or time from character string.", Line 0 in procedure ""

    ◆state message(.SMX)
    -<StateMessage SerialNumber="593" MessageTime="20180427063011.557000+000">

              &lt;Topic UserSID=&quot;&quot; User=&quot;&quot; IDType=&quot;0&quot; Type=&quot;810&quot; ID=&quot;CoManagementState&quot;/&gt;
    
    &lt;State ID=&quot;105&quot; Criticality=&quot;0&quot;/&gt;
    -&lt;StateDetails Type=&quot;1&quot;&gt;
    -&lt;![CDATA[&lt;ClientCoManagementMessage&gt;&lt;MDMEnrollment&gt;&lt;Enrolled Value=&quot;0&quot; /&gt;&lt;ServiceUri Value=&quot;&quot; /&gt;&lt;RegistrationKind Value=&quot;0&quot; /&gt;
    &lt;ScheduledEnrollTime Value=&quot;04/27/2018 06:30:11 午前&quot; /&gt;&lt;ErrorCode Value=&quot;2147549183&quot; /&gt;
    &lt;ErrorDetail Value=&quot;MDM enrollment hasn&#39;t been configured yet on AAD, or the enrollment url isn&#39;t expected.&quot;
    58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Co-Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Rework express updates for faster client installation

    Per: https://docs.microsoft.com/en-us/sccm/sum/deploy-use/manage-express-installation-files-for-windows-10-updates

    "Using express installation files provides for smaller downloads and faster installation times on clients."

    Through a case I opened with Microsoft, it was communicated to me that the current express update design is solely meant to reduce network bandwidth. There is no promise of expedited installation time. This is misleading and limits the purpose of express updates for remote office scenarios.

    Additionally the express update deltas have to be decompressed and recombined in order to complete the installation which requires significant CPU usage.

    The combination of these issues causes express updates to provide little benefit to customers in…

    58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
  10. Multiple hierarchies in Desktop Analytics

    We need support for multiple hierarchies in one Azure Tenant. Currently there is only support for 1 commercial ID and CM hierarchies. We have 4 spread over the world but only one Azure tenant.

    58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Desktop Analytics  ·  Flag idea as inappropriate…  ·  Admin →
  11. Need support for Option 82 in PXE DHCP handshake as network tenant based on BGP/MPLS needs it for forwarding to DHCP Client.

    In order to avoid using distributed PXE Servers a support of the Option on PXE DHCP Handshake would make proper inter tenant forwarding possible.

    57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    Updating status to completed – see https://docs.microsoft.com/en-us/sccm/core/understand/find-help#send-a-suggestion for an explanation of each value.

    Our 1906 release is now available and has added support for option 82. Please note this only applies to the new PXE responder.

    Blog: https://techcommunity.microsoft.com/t5/Configuration-Manager-Blog/Update-1906-for-Configuration-Manager-current-branch-is-now/ba-p/775553

    Docs: https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1906

  12. New Softwarecenter: Save View-Settings: list view vs. tile view

    The new Softwarecenter supports list view and tile view. users should be able to save the view-settings.

    57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Software Center  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow Multiple Custom Tabs in Software Center

    With 1806 we have the ability to add a custom tab to Software Center. This makes this the place to go for all your IT needs.

    We would like to see this extended further by allowing admins to add more than one tab to Software Center. Hopefully our users would never need to leave Software Center for their IT experience in Windows with this feature.

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Software Center  ·  Flag idea as inappropriate…  ·  Admin →
  14. CMPivot: Add an option to provide a code signing certificate for the generated scripts from CMPivot

    In our organization only signed scripts may be executed on the clients. However, the scripts from CMPivot queries are not signed and are therefore not executed. This restriction is set by GPO and cannot be overridden by "PowerShell execution policy" in the SCCM client computer agent.

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  6 comments  ·  Client Settings  ·  Flag idea as inappropriate…  ·  Admin →
  15. Option to set security scopes for SCEP policies

    SCEP policies do not have the ability to set security scopes. This is a problem because our SCCM is shared by several departments and colleges in the university. For example, someone may inadvertently (or intentionally) modify a policy for DCs which can have a catastrophic effects. Having the ability to set security scopes will restrict who has access to individual SCEP policies.

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. SCEP support for Windows Server 2016 Core

    Support for Endpoint protection on Windows Server 2016 Core.

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Stop CMTrace from asking us if we want to use it as the default viewer for log files in WinPE

    Please add the following registry keys to WinPE whenever a Boot Image is created/updated to prevent it from asking every time if we want to use CMTrace as the default viewer for log files:

    Reg add HKU\Software\Classes.lo_ /ve /d Log.File /f

    Reg add HKU\Software\Classes.log /ve /d Log.File /f

    Reg add HKU\Software\Classes\Log.File\shell\open\command /ve /d "&quot;x:\sms\bin\i386\CMTrace.exe&quot; &quot;%%1&quot;" /f

    See more here: https://miketerrill.net/2017/05/13/how-to-open-cmtrace-in-winpe-like-a-boss/

    51 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →

    Updating status to completed

    This is available in our 1802 release, details below

    General Blog: https://cloudblogs.microsoft.com/enterprisemobility/?p=69422

    Docs: https://docs.microsoft.com/en-us/sccm/core/plan-design/changes/whats-new-in-version-1802

    One question I’ve been asked a few times is ‘can I take the copy of CMTrace from the Tech Preview build and use it with my version of SCCM?’ – answer is Yes.

  18. Ring based deployment model in Application Deployment? It would be helpful if we have a similar to Windows 10

    It would be good if we are able to have a ring based model for Application Deployment and management as we have for Windows 10 CB rollout with early adopters ring, Pilot ring, Production ring . This will help a lot as we are seeing the benefit of the ring model in Windows 10 Deployment.

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Request for intelligent MP, SMP and SUP selection based on network location, like current DP selection

    This is a DCR requesting that we improve the logic around MP, SMP and SUP selection by clients. Currently, we gather AD Site and IP Subnet details for DPs, store that in DPInfo and include that information in the XML body returned on content lookup requests. Why can we not do this for other server roles so that the client can choose the best server to connect to based on matching AD Site and/or IP Subnet? This would provide a far better solution than having to populate AllowedMPs, too.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriate…  ·  Admin →
  20. Hardware inventory sould include Secure Boot state by default

    In ConfigMgr TP 1701 the Hardware Inventory now collects UEFI information. To complete the story the Secure Boot should also be included by default.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
1 2 5 7 9 24 25
  • Don't see your idea?

Feedback and Knowledge Base