Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the 🙂 button in the top right corner and choose “Send a Frown”. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer – our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Active Setup Integration - Wizard / GUI

    Some (MSI) applications (e.g. usually CAD software) will be configured via HKCU Registry hive, files in %appdata% or another files in user paths.
    It would be nice if a new user logs on (e.g. after OSD), these settings takes place automatically.
    This can already be done rudimentary via Active Setup, but not really comfortable (e.g. you have to do logging by yourself, no out of the box feedback in case of success / errors, etc).
    Please integrate Active Setup or a new fully solution for that cases as a GUI / Wizard in Application Management.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  4 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. AD Authentication for PXE boot

    It would be useful to integrate AD authentication in the WinPE boot image for PXE boot OSD.

    When deploying operating systems with MDT and WDS, users are prompted to authenticate against AD when PXE booting. However, in SCCM the only supported way to secure the PXE point is with a DP password that all users share.

    There are third party "hacks" which can integrate AD authentication in the WinPE boot image (Johan Arwidmark's ADSI drivers) but it seems like this would be simple to implement within the product itself since it is already done in MDT/WDS.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
    Noted  ·  sangeev responded

    Updated by bobmn for sangeev/OSD

  3. Allow user to select 'automatically restart' when applying all required changes.

    When the user received the 'Software changes must be applied to your computer' there are two radio options:
    'Apply all required changes now (recommended)'
    'Apply all required changes outside my business hours'

    There is also an checkbox that say 'Restart my computer automatically if needed'. However, this checkbox is disabled when the first radio option is selected. I would ask that it remains enabled for both options. We are trying to train users to take an active role in installing updates according to their own schedule. The reboot process has become a large portion of the update process. So if…

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  1 comment  ·  Software Center  ·  Flag idea as inappropriate…  ·  Admin →
  4. AD Group Discovery should not write DDR for invalid records

    When System Discovery finds an object that seems invalid, currently it won`t be imported (which is good).
    ERROR: System <systemname> is a unsupported operating system, unsupported version, or malformed AD entry. Reported system type is: ().
    However if the same object has an AD Group Membership and AD Group Discovery finds it, it won't check if it is valid, but write the DDR and create the object record in SCCM DB.

    Please change AD Group Discovery so it validates new objects too.

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  2 comments  ·  Client Discovery  ·  Flag idea as inappropriate…  ·  Admin →
  5. suport Azure PaaS for SQL DB

    Support ConfigMgr to be installed on Azure VM IaaS using SQL Paas as DB.

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  2 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriate…  ·  Admin →
  6. Have the ability to pre-deploy an available application on a user’s primary device.

    Today in the application model you can only pre-deploy a required deployment of an application on the users’ primary device but this has 2 drawbacks:
    • Required means that the user doesn’t have the means to uninstall the application and potentially repair the application (uninstall+install).
    • Required means also that when the user logs on to another machine, maybe just to consult a web page, the required applications also get installed unless the global condition primary device equals true was set.
    This is all about provisioning a new machine for a user. Of course there are always common applications, like…

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  2 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Maintenance Window for EP Definition Updates/Security Updates

    Please add the possibility in a MW to "apply this schedule to"
    - EP Defintion Updates (you may want to allow daily defintion updates, but you don't want to install anything else at that time)
    - Security Updates (not all Software Updates, as it is now, but only Security Updates)

    In this case make it multiselect too.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Client Push by OU

    Having the ability to use Client Push more granularly would be awesome. We have about 6 domains, and multiple OUs are defined in System Discovery, yet I don't want Client Push enabled on them all, so it is currently disabled. Maybe having an option in the Discovery area, for an OU that is added (right where it says "Search AD Groups and Search Child containers") that enabled Client Push on that discovered OU. Or More granular settings on Client Push itself, maybe a small GUI attached to it

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  4 comments  ·  Client Deployment  ·  Flag idea as inappropriate…  ·  Admin →
  9. sccm catalog store fully integratedin windows store

    sccm catalog store fully integrated in windows business store directly.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Right Click on a Computer no matter where I am looking at in SCCM and do a Virus Scan.

    Right Click on a Computer no matter where I am looking at in SCCM and do a Virus Scan.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow to skip maintenance window for superseded appliciations made available to user collections

    Currently when a superseding application is deployed to a user collection I can enable the option "Automatically upgrade any superseded versions of this application". With this option set I'm able to specify a scheduling for the deployment. But the option to allow the installation or maybe the system restart outside the maintenance windows is greyed out.

    Would be nice to have the option to skip the maintenance windows for this type of deployment as well.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  3 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Have a Task Sequence Step to call the Uninstall of an Application and support both the Standard Install and Dynamic Install.

    While a Step for Run Command line can be used for most Windows Installer, if an application uses a EXE it would be nice for the application to be downloaded and the exe used.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
    Noted  ·  sangeev responded

    Updated by bobmn for sangeev/OSD

  13. Maximum allowed Management Points for a Primary Site.

    We use a multitenant SCCM environment with clients/customers in untrusted forests.
    Because we target users, we also deployed the Management Point role in all untrusted forests.

    At this moment Configmgr only supports up to 15 management points per primary site coming from 10 in the past.

    We would like to see the maximum allowed management points per primary site bumped to a higher level.
    This will give us the ability to stay with a single primary site setup and avoid CAS.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Multi-Tenant/ISP  ·  Flag idea as inappropriate…  ·  Admin →
  14. App-V 5 Deployment Type publishing option

    App-V 5 Deployment Type should have the option per-deployment type of how the App-V 5 package is installed (per-machine, per-user or determined by target)

    Allow for this would offer;
    1. Consistency of options between deployment types (same as for MSI..)
    2. Ensuring a consistent application deployment which will ease admin management (decrease management overhead when removing the application as a sample)
    3. Allow to control deployment type based on end-point, not target collection.
    4. By allowing admins to set per-machine publishing a fully functional application can be ensured, which would leverage all integration points (not possible when using per-user publishing).

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  2 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Decouple site component backup service from database server

    Configuration Manager currently installs binaries and configures the SQL backup site component service on the database server, running under LocalSystem authority. Many environments have separate groups that host and manage the SQL Server enterprise environment, and do not allow for services or additional software to be installed on them, creating unnecessary conflict and drama when SCCM needs to be installed. SQL Server is a networked service, there shouldn't be a reason to install software on the database server running under a privileged account in order to leverage backup routines.

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  1 comment  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to assign pre/post tasks to maintenance window

    Ability to assign pre/post tasks to maintenance window and prioritize content application within the window.

    Example:
    1. patches
    2. appilication deployment A has higher priority than application deployment B
    3. packages
    4. task sequences
    5. settings mgmt remediation

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  1 comment  ·  Collections  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add auto remediation to a Software Update compliance baseline

    At present SU compliance baselines can identify missing updates but not remediate by installing them. Please add the option to have the missing updates installed either from a DP or Microsoft Update.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  0 comments  ·  Compliance Settings  ·  Flag idea as inappropriate…  ·  Admin →
  18. Create folders under "Deployments"

    Allow the creation of folders under "Deployments"

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  2 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Open multiple files from command line with cmtrace

    What the description says. I'd love to open multiple files with CMTrace so it can more easily be integrated with 3rd party utilities!

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  9 comments  ·  Tools  ·  Flag idea as inappropriate…  ·  Admin →
  20. Integrate a References tab on Application objects

    Application objects should have a References tab that is identical in functionality to the References tab on Task Sequence objects.

    The current References tab in an Application object's properties is very limited (Shows App dependencies, App Supersedence, and Virtual Environments).

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Noted  ·  5 comments  ·  Application Management  ·  Flag idea as inappropriate…  ·  Admin →
1 2 5 7 9 32 33
  • Don't see your idea?

Feedback and Knowledge Base