Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

Ideas

What features would you like to see?

All of the feedback that you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Microsoft Endpoint Configuration Manager, though we canā€™t promise to reply to all posts.

Please do not use UserVoice to report product bugs or for assisted support.
If you believe you have found a product bug, please send us a bug report through the Configuration Manager Console (1806 and newer). To do this, press the šŸ™‚ button in the top right corner and choose ā€œSend a Frownā€. For more details, see https://docs.microsoft.com/en-us/sccm/core/understand/find-help.

If you require assisted support, please see https://aka.ms/cmcbsupport for more details.

Standard Disclaimer ā€“ our lawyers made us put this here ;-)
We have partnered with UserVoice, a third-party service, so you can give us feedback. Please note that the Microsoft Endpoint Configuration Manager feedback site is moderated and is a voluntary participation-based project. Please send only feature suggestions and ideas to improve Configuration Manager. Do not send any novel or patentable ideas, copyrighted materials, samples or demos. Your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy, including the license terms.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add an additional Maintenance Windows type specifically for Application Deployments only

    Add an additional Maintenance Window type specifically for Application Deployments only. Software Updates and Task sequences have their own and there is an "All Deployments" type. There needs to be one on for Apps to better segregate the nature of the changes occurring in the environment.

    94 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Application Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  2. Create folders under Software Updates

    Allow the creation of folders under Software Updates\Software Update Groups, Deployment Packages and Automatic Deployment Rules.

    93 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  11 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  3. LDAPS Support on the Active Directory Discovery Methods

    Allow the Support of LDAPS:// as valid path for the Discovery Methods.

    92 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  4. Apply Configuration Baseline/item during OSD

    When trying to move away from Group Policies to Configuration times/baselines and in every other scenario as well, add a step in Task Sequence to evaluate and remediate select Configuration items/baselines. Then we can select which one of the Configuration Items/baselines should be applied during OSD so the settings are present when the user logs on for the first time

    92 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  5. software center custom notification

    I often get questions from users saying "is this legit?" referring to the toast/balloon notifications presented on their desktop from Software Center. The notification states "Software changes are required. Your IT department requires changes to the software on your computer. click here for options." This could easily be confused with spoof antivirus popups claiming your computer needs to be fixed!

    I would like the ability to customize these notifications in the Administration > Client Settings node > Computer Agent settings. The "Organization name displayed in Software Center" shows on the Title page AFTER you open SC, but it would beā€¦

    92 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  6. Resume Task Sequence Failure

    Provide an option to RESUME an already running OSD task sequence deployment that failed in a specific area versus having to start the deployment all over again. In the event of a failure, this would allow for us to resolve the issue right away and then allow the admin to RESUME the OSD task sequence deployment from the exact point of where it failed (not have to start everything over again).

    91 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  7. AD System/User discovery on disabled accounts

    SCCM is not synchronizing disabled accounts, so it is not synchronizing the change in the UserAccountControl-attribute, so from SCCM perspective every machine/user is active. This creates problems e.g. in Software Asset Management since collections canā€™t select AD active accounts only. SCCM should synchronize changed attributes or at least UserAccountControl of AD disabled accounts if the account exists in SCCM

    90 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Client Discovery  ·  Flag idea as inappropriateā€¦  ·  Admin →
  8. Available application which is not applicable must not show up in Software Center

    [This is sort of an extension to https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/13002684-software-center-show-only-available-software-hid?]

    Obviously, we can create applications with multiple deployment types in SCCM, each with its own set of requirements. Now say I create a simple MSI-based application with one deployment type, which has a requirement that Primary device must be true. If I make this available to a user collection, then it shows up for each of those users on their primary devices as available in Software Center. All great so far.

    However, if one of those users logs in to a non-primary device, the application still shows up as available, andā€¦

    90 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  3 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  9. Upgrade SCCM directly to rollup version

    Be able to upgrade SCCM directly to a rollup version or hotfix versions. Not everyone upgrades SCCM the moment a new version is released and by the time we have tested and are ready to upgrade there is often a rollup or hotfix available. Due to change management procedures, we are forced to upgrade to a version that has potential known issues before we can start a new change process to upgrade again to the update version. Being able to upgrade direct to the rollups would prevent installing a broken version for weeks prior to upgrading again.

    90 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    6 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  10. Ability to Rename Programs within Packages

    In Software Library > Packages...

    When you create a new package or import an MSI there are predetermined "Programs" that are labeled "Per-system unattended" or "Per-user unattended" it would be great to have the ability to rename these existing programs. The only option currently is to delete the program and recreate it.

    90 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Application Management  ·  Flag idea as inappropriateā€¦  ·  Admin →
  11. ConfigurationManager PowerShell module should register itself as an Env Variable

    Today, when you install the CM Console, the PowerShell module will be placed under the %CMInstallDirectory%\AdminConsole\Bin\ConfigurationManager.psd1

    This makes sense given where the user is choosing to install the console, and that's fine. But placing it here off the beaten path means that it is not importable using PowerShell's module autodiscovery features. For instance, if a module is found in any of the standard user or system paths (or registered under the $ENV:PsModulePath) the user can easily import the module without having to specify the full path, a big user quality of life win. This is the way that SQL Serverā€¦

    88 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  3 comments  ·  PowerShell  ·  Flag idea as inappropriateā€¦  ·  Admin →
  12. More accurate registry Compliance Settings

    When creating the Configuration Item (Create Configuration Item Wizard, Settings step) and choosing Registry setting type for the Create Setting window, there are some bizarre registry types mentioned in Data type drop-down box: String, Integer, Date and Time, Floating Point, Version and String Array. Most of these data types are all REGSZ type. But where is REGMULTISZ? REGEXPANDSZ? REGDWORD? REGQWORD? REGBINARY?
    There is also possibility to set/check compliance for those registry settings with script, but why the Registry Configuration Item in first place?
    These actual registry data types need to be implementedā€¦

    87 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    Noted  ·  12 comments  ·  Compliance Settings  ·  Flag idea as inappropriateā€¦  ·  Admin →
  13. Perform AD discoveries from servers other than Site Server

    In flat SCCM infrastructure deployment across multiple domains it becomes troublesome to perform User/Group/Forest/System discoveries in domains other than Site Server domain, especially in DMZ, this is because Site Server has to be able to talk to other domains domain controllers and security requirements not always allow that.

    This could be improved upon if we could choose to perform AD related discoveries from Site Systems (for example MP or specialized role for that purpose) other than Site Server as illustrated in the picture attached.

    87 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    0 comments  ·  Setup and Server Infrastructure  ·  Flag idea as inappropriateā€¦  ·  Admin →
  14. Display progress of Office 365 Client Updates into WUAHandler log

    When deploying the Office 365 Client Updates with ConfigMgr, there is no information currently written into the WUAHandler.log. All other software updates (including Office 2016) appear in the WUAHandler.log with an entry showing they are missing and once installed, an entry showing the install was finished, the exit code, and whether or not a reboot is required.
    1) 1. Update (Missing): Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4015217) (4a4cfa3f-337e-496e-9d32-a143afcb27f4, 200)

    2) Update 1 (4a4cfa3f-337e-496e-9d32-a143afcb27f4) finished installing (0x00000000), Reboot Required? Yes

    There is currently no such information displayed for any Office 365 updates. If the WUAHandler.log containsā€¦

    86 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    3 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  15. 86 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    4 comments  ·  Software Center  ·  Flag idea as inappropriateā€¦  ·  Admin →
  16. Task Sequence deployment option of "While no user is logged on"

    Give us the option to restrict a required Task Sequence to "When no user is logged on" This would be particularly helpful when using Task Sequences to push out Application updates. That way if the TS tries to run while a user is logged on it won't fail as soon as it hits the applications which are set to "When no user is logged on"

    86 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    2 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
  17. Add option for setting BITS client setting based on current IP address

    Add an option for setting BITS client settings based on the current IP address of the client. We have a number of users with laptops that roam between the home office (LAN), remote offices (low bandwidth WAN), and VPN. Right now we have to configure the laptop client setting for the lowest common denominator for bandwidth usage (WAN). Would like to be able to have the BITS setting change based on the current IP address of the client.

    85 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    1 comment  ·  Content  ·  Flag idea as inappropriateā€¦  ·  Admin →
  18. The Office 365 updates behavior in SCCM 1802 still feels off and unpolished

    We still see prompts for closing running office applications and while Software Center displays a reboot required, the update doesn't seem to get installed unless manually triggered through the in-app notification.

    85 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    7 comments  ·  Software Updates  ·  Flag idea as inappropriateā€¦  ·  Admin →
  19. Allow Applications with interactive deployment methods in a task sequence

    In SCCM 2007 we utilized package with multiple programs. One install program that was silent to be used in a task sequence. One with interaction (appdeploy toolkit e.g.) for distribution to existing PCs. Once we moved to application we created multiple deployment methods with the appropiate filters. However if one of the deployment methods does contain the 'allow interact' option the application can not be added to a task sequence even though there are deployment methods that would apply to a OSD situation were it would pick the non-interactive one. Would like to see a logic check in the taskā€¦

    84 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    5 comments  ·  Operating System Deployment  ·  Flag idea as inappropriateā€¦  ·  Admin →
    Noted  ·  sangeev responded

    Updated by bobmn for sangeev/OSD

  20. SCEP Malware Alerts - Customized

    SCEP Malware Alerts - Customized
    The ability to customize the text and have the ability to select which fields you wish to include within the Malware email alert.

    84 votes
    Vote
    Sign in
    (thinkingā€¦)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinkingā€¦)
    6 comments  ·  Endpoint Protection  ·  Flag idea as inappropriateā€¦  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base