System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

How can we improve Configuration Manager?

TRusted Source locations - Complete the Trusted Source story

I would like to see Trusted Source locations to be added to ConfigMgr as a Node in Administration, and permission so that only Full Administrator or a specific RBA Role can manage these locations.

All ConfigMgr wizards that allow path data-entry will be changed to become a drop down list of approved Trusted Source locations. The User will be able to navigate into the folder structure of the Trusted Source location, creating new directories with a restriction on placing content on the root of the Trusted Source location, since this can induce data-loss if the sub-folder is not specified in rare conditions.

No new Source locations will be allowed to be entered, unless created by a Full Administrator or an Administrator with the appropriate Security Role.

This will remove A) free-styling of UNC paths B) Fat-fingering during data entry of paths C) Data loss due to placing content on the root of a location and aborting then cleaning up by deleting everything in the specified folder (root folder). Other MVP's have witnessed this condition occur, Trusted Source locations and a restriction on placing content in the root of a location will resolve this issue without any code-changes required in other areas of the product (to solve the deletions of other content by mistake) and finally D) invalid or inappropriate Content Source locations being configured on-the-fly (really fat fingering) by support teams with enough rights to do so.

Brian Mason added: I have this share out there already: \\Apps\apps$ and under that share is say Workstations and Servers and DCs. When I create the DC scope, I get to add the UNC Source I've named as DC. The DC team never has to enter the name of the share, but instead they browse to that share, see their root folder and pick a sub-folder. No UI ever lets them pick the root either. Anytime they make a package\app\etc., they browse to where I've limited them to and must pick a folder there.

Please add in suggestions to compliment this proposed solution, and vote it up to complete the Trusted Source Story. Being in complete control of our source locations should be on every administrators "I want that feature right now" list

34 votes
Sign in
Sign in with: Facebook Google
Signed in as (Sign out)
You have left! (?) (thinking…)
Robert Marshall - EM MVP shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
Sign in with: Facebook Google
Signed in as (Sign out)
  • Mirko Colemberg commented  ·   ·  Flag as inappropriate

    I have one in addition, how about to make that share available as a secure repository for add-package from Powershell too?

Feedback and Knowledge Base