Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

Azamat Berkimbayev

← Welcome to Configuration Manager Feedback

My feedback

  1. Support monitoring only for endpoint protection (no remediation)

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Forgot password?
      Create a password
      Signed in as (Sign out)
      Close
      Close
      You have left! (?) (thinking…)
      0 comments  ·  Ideas » Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
      Azamat Berkimbayev shared this idea  · 

    • 3rd Party Patching - SCUP Integration with SCCM Console

      3,736 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Forgot password?
        Create a password
        Signed in as (Sign out)
        Close
        Close
        You have left! (?) (thinking…)
        84 comments  ·  Ideas » Software Updates  ·  Flag idea as inappropriate…  ·  Admin →
        started  ·  Admindjam (Admin, System Center Configuration Manager) responded

        Phase one of these changes are in 1803 tp, as well as 1802 production. We will continue to add more integration in the future with a huge chunk coming for 1806 production.

        Updating to note the improvements went in to 1802:

        Automatically importing WSUS signing certificate (which is used to sign third party updates) into the SCCM database, and then that certificate is pushed down to clients Trusted Publisher certificate store. (If admin enables this on the SUP top level site components configuration).

        Enabling “Allow signed updates from an intranet Microsoft updates service location” group policy on clients, which tells Windows to allow them to install 3rd party signed updates during normal Software Updates sync/install (if admin enables this in Software Updates client agent settings).

        Azamat Berkimbayev supported this idea  · 

      • Fix the Software Update Task Sequence (built-in TS patching during OSD)

        1,590 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Forgot password?
          Create a password
          Signed in as (Sign out)
          Close
          Close
          You have left! (?) (thinking…)
          54 comments  ·  Ideas » Operating System Deployment  ·  Flag idea as inappropriate…  ·  Admin →
          started  ·  Admindjam (Admin, System Center Configuration Manager) responded

          I’m updating the status. For 1606 we’ve made some changes, listed below.
          As more are added we’ll update what Tech Preview/Release they appear in.

          Timeout scan is now configurable
          We added a new task sequence variable to allow a configurable timeout for scan. Variable name is SMSTSSoftwareUpdateScanTimeout, default is 30 minutes. Value is set in seconds so an hour is 60×60=3600

          Logging changes
          In the SMSTS.log we list the log files to check for updates download and evaluation.
          These are UpdateDeployment.log, UpdatesHandler.log, WUAHandler.log and WindowsUpdate.log

          New Option for full scan
          There’s a new checkbox added to the Install Updates step – ‘Evaluate software updates from cached scan results’
          If the checkbox is on we use cached results, if the checkbox is off we do a full scan
          Task Sequences that are upgraded will have this option checked on – this is parity with the existing behavior

          Power management changes…

          Azamat Berkimbayev supported this idea  · 

        Feedback and Knowledge Base

        (thinking…)