Ideas
What features would you like to see?
All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we can’t promise to reply to all posts.
If you require assisted support, please see https://aka.ms/cmcbsupport for more details.
-
Improve the process for using certificates within ConfigMgr
Setting up and managing the certificates for MPs, DPs and boot media is not straight forward. Could you improve the certificate management process to reduce the complexity and overhead in managing it. So automation with internal CAs for automatic certificate issuing would be good.
7 votes -
ADK Presence check on Remote SMSPROVIDER in SCCM CB Upgrade Setup
MS Case : 17052664 >> Post upgrade of SCCM CB 1906 we realised that one of remote SMSPROVIDER server was not working properly. This remote SMSPOVIDER never had ADK installed on it since SCCM infrastructure was setup. Error never reported in the past in any upgrade but it stopped working post successful upgrade of 1906. In order to fix this issue in future it should be part of Prerequisite check in upgrade setup.
7 votes -
Allow Site system proxy to be configured as Winhttp proxy when we enable PullDP to fetch the content from CDP
Hello, When we try to configure the PullDP to use CDP as Source, the pullDP only uses the proxy configured on Winhttp service, neither the proxy configured in site system property or the Configmgr control panel applet are used. Seems at moment the admin has to configure Winhttp proxy manually to allow the pullDP to get the content from CDP, whereas this should be handled by sccm, whenever the Pulldp is being enabled in the console, the proxy configured on the Site system props has to be applied in the winhttp service on the system context as well.
Got to…
7 votes -
Put the complete SCCM Version into the database instead of having to query registry keys to get it
Currently the Database contains the build number and shows the base version such as 5.00.8498.1000 where the updated version is 5.00.8498.1700 or 1702 (currently in my case).
It cant be hard to store the "Friendly" version information in the database.
You could even break it down into Site version, Console Version and Client version if necessary if these components are likely to get out of step due to hotfixes.
7 votes -
Improvements to SQL AlwaysOn Pre-Requisite detection
Improve the SQL AlwaysOn Pre-Requisite detection so that "Set Trustworthy" and "Enable CLR" are flagged; if that's not possible prior to DB creation, could a note be added to the pre-req page with a warning stating these pre-reqs for SQL AlwaysOn? Today using 1606 baseline media, the installation nearly completes and then logs this error when those pre-reqs are not installed:
INFO: SQL Connection succeeded. Connection: <myserver> CMXXX, Type: Secure Configuration Manager Setup 1/26/2017 4:11:30 PM 5276 (0x149C)
SELECT dbo.fnConvertBinaryToBase64String(thumbprint) FROM master.sys.certificates WHERE name='ConfigMgrEndpointCert' Configuration Manager Setup 1/26/2017 4:11:37 PM 5276 (0x149C)
[42000][6263][Microsoft][SQL Server Native Client 11.0][SQL Server]Execution of…6 votes -
Service accounts should be domain aware to prevent account lockouts
Service accounts should be domain aware so that they do not attempt to authenticate against the wrong domain to lock out service accounts with the same username but on another domain.
6 votes -
Geographical view that allows for adding site system location
With the ability to support 250 DPs and 2000 PDPs on a site, it would be helpful to be able to see the site systems on a map. Currently, the geographical view only accommodates site servers. DPs also make good sense, since they are typically geographically dispersed and would make a pretty map to show off to management.
6 votes -
Allow Slash (/) Character in Organizational Units for Group Discovery
When Group Discovery for the whole Domain is activated and there are Organizational Units containing the Slash Character in the Name, you get "failed to bind to Container" Errors in SCCM.
As long a Slash is an allowed character in LDAP, SCCM should be able to process these OUs correctly.
6 votes -
Allow scheduling of SCCM upgrades
For those running a Tech Preview lab, you may forget sometimes to update your lap and your release may expire.
In production sites, it would also be nice to trigger the upgrades on a schedule to not have to be in front of the console to start the upgrade.
It would be great if you could schedule the servicing upgrades to be ran on a schedule based on release date. Start X days after release at X time, much like an ADR. You could also expose this to PowerShell to provide more customization.
6 votes -
Pre-Req Checks
Perform permission checks on key locations where sccm will be setup. We had a problem experienced a few years ago where we had a "hash mismatch" error b/c the account I was using to perform the upgrade did not have permission to the install directory.
https://sccmf12twice.com/2017/02/sccm-2012-r2-sp1-failed-upgrade/
this problem is still possible in CB
6 votes -
Allow More Clients To Be Supported on a Primary site
Ability to support more clients than 150k on a single Primary site. Our environments could get rid of bottlenecks and less administration overhead if there is no need to deploy a CAS. It would be great if a Primary site supports up to 200k clients, because we have currently 160k in our environment.
6 votes -
Please make inbox/outbox system webservice based instead of SMB based
It would be lovely to not rely on SMB for inbox and outbox operations since these are very fragile in high latency environments. Changing this to a webservice would be so much like year 2020 technology.
6 votes -
Provide same MP forwarding for clients connected to standalone MPs than for Secondary Site MPs
When clients upload Information to a Secondary Site MP, that Information gets consolidated, compressed and then sent up in the hierarchy by ONE single file, in order to minimize WAN issues.
However at standalone MPs each small Client communication is being sent up using one little file, resulting in many little packages consuming lots of unnecessary WAN bandwidth.
That prevents us from getting rid of our secondary sites even though we urge to do so, i.e. because they caused critical failure when updating to ConfigMgr 1511 (classified by Microsoft as known Bug)6 votes -
Use a PKI certificate for the SQL Service Broker (SSB) instead of a self-signed certificate.
Some enterprises are disabling the use of SHA-1 certificates in their environment. To avoid using a SHA-1 certificate for the Data Replication Service (DRS), you must move to SQL 2017 where the self-signed certificate defaults to SHA-256. The use of a PKI certificate would provide more flexibility/security going forward.
6 votes -
Status Message Query - Double Click to Run
At the moment if you double click a Status Message Query, it edits it, So to run it you need to right click it or select it and click the button on the ribbon.
It would be better if this was reversed so that double clicks run the query and to edit it you right click it
6 votes -
SQL Native Client
The Components which were installed during the SCCM Setup should be updated during the Current Branch process if it's an necessary feature for the Environment.
For Example the SQL Native Client. The most Companies got an separated SQL Team and got an Problem of responsibility during the Upgrade process.
6 votes -
Add ability to configure location of OfflineImageServicing location
Would like the ability to configure location of OfflineImageServicing location.
6 votes -
CSS DCR : Expose BCP setting on the ConfigMgr console
Some replications groups are big like 'Configuration Data' and for big enterprises could go up to 30-50 Gigs. The issue is that is the BCPIn fails for some reason, the retry count is only 3 and until we realize we are in failed state. So if we fix the issue after sometime we have to again reinit the big group and that is again waste of time and bandwidth.
Currently we expose these settings in the SiteControlFile.
//
select * from SCComponentProperty where name like '%bcp%'BCPOutRetryCount
BCPInRetryCount
BCPInBatch
//
We want to modify these settings say BCPInRetryCount…5 votes -
Check if Cloud Service name is valid during Cloud Proxy Wizard
When deploying the new Cloud Proxy Service role in SCCM 1606, the user is asked to provide a Cloud Service Name. However, the UX does not explain that this is needs to be globally unique in all of Azure. I chose the name of 'SCCMCloud' turns out someone else already got that one though, and so the wizard completes and then fails in provisioning.
This is sloppy. The UX should include instructions for the end-user to validate their name first (which can be done in Azure -> Cloud Service -> New, you're able to test various names until you find…
5 votesNoted ·
Admindjam
(Product Director, or Executive, Microsoft Endpoint Configuration Manager)
responded
Thanks for early feedback. We have to make this simpler to not get wrong.
-
Display site system roles installed on boundary group references/resources
The introduction of preferred management points in SP2/R2 SP1 is GREAT! But I'd like to see the following added to the console to improve usability.
When viewing the properties of a boundary group in the console, you can add/remove site system servers on the 'References' tab. Pre SP2/R2 SP1, all you were adding here were DPs... now, those site systems can be DP's, MP's, and SMP's.
By simply looking at the list of site system servers, you cannot tell whether the server is a DP, MP, SMP, or any combination.
Please add 3 more columns or similar (one for each…
5 votes
- Don't see your idea?