Microsoft Configuration Manager Reviews

The on-premises useability is very good.

The solution is stable. 

For the most part, for our needs, the scaling is fine.

Microsoft is already pushing users towards Intune, as opposed to SCCM. It's on the roadmap for them. It's inevitable. SCCM will be on Endpoint Manager in the future. I would say nothing needs to be changed.

The solution is on-premises. The cloud version of the product, if a person needs to be on the cloud, would be InTune, which already exists as an option. SCCM doesn't need to offer cloud features for this reason.

We have used the solution for the past decade. It's been around ten years at this point.

The solution is stable. There are no bugs or glitches. It doesn't crash or freeze.

SCCM is built for corporate networks. There is some advantage from Microsoft in terms of the content management gateway that we already have so that we can utilize the internet, however, scaling is fairly it's straightforward.

In our company, we have 44,000 devices. We do not need more. Scalability-wise we are good. We are not a company of hundred thousand devices. I'm not looking to scale it more. Therefore, I can't speak to what scalability would be like for those with 100,000 or more devices.

We have a support team that does technical support for us. I don't work directly with Microsoft. I go into priority calls, however, our technical teams manage that. Therefore, I can't speak to how helpful or responsive they are.

We are trying to transition from SCCM to Bigfix.

My understanding is that the installation is a two-day setup, however, I did not personally set it up, and therefore can't speak of the implementation or how easy or difficult it might have been.

I cannot speak on pricing. I let the procurement team deal with it. Therefore, I don't have any information on licensing fees, et cetera.

I have looked at comparisons between Bigfix, SCCM, and Intune. I personally prefer INTune as a solution, however, the company is moving towards Bigfix and away from SCCM.

We are just customers and end-users of SCCM.

We have been using SCCM for the past decade, however, now, the company is supposed to go with Intune for model management. However, we have a new CPO or CSO double hatting with security as well. He's more inclined in Bigfix features, which offer more robust patch management as well as vulnerability scan. SWe dropped the plan to go with Intune and will go with Bigfix, moving us away from SCCM.

Our CPO, CSO is mainly the driver for the change, not because it is on our roadmap or our partnership with the vendor or anybody else.

In general, I would recommend the solution to other organizations and companies. We've been happy with it over the years. I'd rate it at a nine out of ten.

We primarily utilize SCCM for deploying and updating applications across our network. This includes managing crucial Windows updates to ensure our systems are up-to-date and secure.

One of the standout features of SCCM is its application management capabilities. It allows us to create packages efficiently and deploy them to specific groups within our network. This streamlined process has significantly improved our software distribution workflows. Regarding remote control capabilities, SCCM does offer these features. But I haven't extensively utilized them in my role. I'm aware that SCCM allows for remote querying and control, which can be beneficial for IT support and maintenance tasks.

While SCCM offers robust features for application management, we don't currently use it for device inventory and asset management purposes. For these tasks, we rely on a separate inventory management system.

I've been using Microsoft Configuration Manager (SCCM) for about a month now. During this time, I've gained experience in deploying and updating applications, including critical Windows updates. SCCM has been instrumental in streamlining our application management processes.

I rate SCCM around an eight for stability. It has proven to be a reliable tool for application management and deployment within our organization.

In terms of scalability, I believe there's room for improvement. While SCCM is capable of handling our current needs effectively, scalability could be enhanced to accommodate future growth and larger deployments.

Regarding technical support, I haven't needed to contact Microsoft directly for assistance. The resources available through their documentation and online forums have been quite helpful in resolving any issues or questions that arise.

The console provides an organized interface for managing applications, updates, and device groups. This made the setup process relatively smooth for me.

I would recommend SCCM to others, especially for organizations looking to streamline their application management processes and ensure compliance with software updates. It's a valuable tool that has positively impacted our software distribution and compliance efforts.

We were replacing SCCM. It's been easy enough to do in terms of getting the devices and seeing what's being discovered from that type of info. We're looking for hardware and software data coming across. 

The solution is helping us by bringing the hardware details on it, and it's a software install. That way, we can account for the devices and identify and understand what is actually installed do the computers. 

It's very easy to use and understand. 

The solution is affordable.

It is stable and reliable. 

We've found scalability to be good.

Technical support was helpful and responsive.

The setup is simple and pretty standard. 

We'd like additional data related to security and the configurations of the hardware. 

On some hardware, we'd like an easier way to get peripherals attached. 

I've been using the solution for about six months. I haven't used it for that long. 

It is stable. It's reliable. There are no bugs or glitches. It doesn't crash or freeze. 

The solution can scale well. We weren't surprised about anything. It does what needs to be done. 

Technical support is excellent. When we had a question, we got prompt answers. We are quite satisfied with the level of support. 

Positive

The initial setup was pretty standard. It was not complex. 

We have witnessed an ROI.

The pricing is good. I'd rate its affordability eight out of ten. It could always be cheaper, however, we are pretty happy with the cost.

We are not on the latest version. However, we're getting to upgrade the product.

You need to understand what type of data you need and what it can pull. That's part of the configuration that needs to be done at the outset. If you know what you want and you make sure the system can do it, and it's configured right, and you'll be happy.

I'd rate the solution nine out of ten.

We use MECM for intelligent logic automation. About 400,000 users are impacted by the solution, but there are around 20 admins who work with it directly. We have multiple automation tools and use the one that makes sense as needed.

We're designing PowerShell scripts to automate patching the boot process. The ROI is there.

I like the data collection. 

The reports are too busy. They could be simpler. I'm a technician, so I don't care how pretty the reports look. They should be easy to read. I'm designing this for production folks. They need to read the reports quickly when they're patching in the middle of the night.

I have used MECM for about four or five months.

I rate MECM nine out of 10 for stability. 

I rate MECM eight out of 10 for scalability.

I haven't gotten support from Microsoft for MECM, but I've contacted them in the past for various tickets. They're professional.

I work in the lab. I design a solution before it's deployed in production. I wasn't involved in the actual deployment. Deploying things in the lab is different. It's a much smaller footprint.

So far, the ROI is pretty decent.

MECM is more expensive than Ansible, which is open and free. That's why we'll use other tools as needed for automation. 

I rate Microsoft Endpoint Configuration Manager seven out of 10. You need to have the right mindset to use it. The first question should always be: Can this be automated? From there, you'll see if the product will satisfy their automation requirements.

It is used for software deployments, PC operating system deployments, and security patch deployments.

Currently, we are using it on-premises, but we are slowly moving to the cloud solution that is called Intune or Microsoft Endpoint Management (MEM).

We have high availability for all of our deployments. We can trust this platform for all our deployments. We are quite happy with the fact that we can do what we want to do. It fulfills our goals for all deployments.

It is a very well-rounded product. It is a complete package with all the features using which we are able to manage our PCs very efficiently. 

One area of improvement is regarding the patching of Office 365 products. We have some difficulties on this side, and it can be improved.

Their support should be improved. Mostly, when we are doing patches on Microsoft 365 clients, we need to escalate to Microsoft support. It takes a long time to get to someone in their support team who has good knowledge of the product. Their support at level one is not quite helpful and knowledgeable.

In my previous company, we deployed SCCM two years ago.

And in my current company, I have been using this solution for more than one year.

Its stability is quite good, and its performance is quite good. There is nothing to complain about.

It is scalable, but we are far from reaching that limit. We don't have any problem with its scalability.

We have three people working on the SCCM side. In terms of the implementation, we have 6,000 PCs that have this installed. It is being used daily.

Mostly, when we are doing patches on Microsoft 365 clients, we need to escalate to Microsoft support. We are not quite happy with the support because it takes a long time to get to someone who is knowledgeable. When we have a tricky issue like this, it is very complicated to get appropriate support. We lose a lot of time with Microsoft support before we find someone who is able to understand and resolve the issue. 

Positive

We were previously working with BigFix. I also worked with HPE's solution. As compared to these two products, SCCM is much more integrated with the Microsoft ecosystem. We are fully on Windows, so it is much easier for us to manage our PCs with SCCM. It is easier to have a Microsoft product on Microsoft operating systems.

It is a Microsoft product, and we have an efficient team that is managing the solution. We have a lot of people who have the knowledge of doing its setup. So, deployment is not an issue for us. If you know the product, it is quite easy. You just need the knowledge of the product.

From the beginning to the end, it took about six months. It was deployed on all PCs.

We mainly had two people for its implementation. I managed the deployment, and I had one external resource who helped me in implementing the full product. To implement it, we needed to integrate all of the enterprise applications. This integration of the enterprise applications was outsourced, and there were a few people involved.

For its maintenance, we have a resource in India who is managing the solution. We need one full-time administrator for managing the solution. We also have one person who is integrating new applications and updates with this platform.

Its licensing is quite complicated because we are getting the license not only for SCCM but for the full Microsoft package. We don't need to pay for a separate license. We need to have one license that includes everything we need, such as Windows, Microsoft 365, SCCM, encryption, and so on. So, we don't have a specific price for it. Perhaps, it is good that it includes the full suite of licensing of Microsoft. It is expensive, but we are getting a lot of features.

In the next release, we are moving to the cloud, which also fits the strategy of Microsoft. We would like that the features on the cloud side are very similar to what we have on the on-premise side. We are looking to move to the cloud with Intune, but Intune is not like SCCM in terms of the features. We prefer that they develop all the features on the cloud.

I would recommend others to go for it if they are using any other solution to manage their Windows or Microsoft environment. It will make life easier. I would also recommend others to check the cloud solution before implementing the on-premise solution. They can see what can be done on the cloud. Cloud is not fully ready to replace the on-premise solution, but they can do some of the parts on the cloud and some of the parts on-premises.

I would rate it a nine out of 10.

This is a diverse tool so its use case varies. Most people use it for patch management and software distribution, and operating system deployment. It can also be used for policy management and for maintaining a baseline on the computer, depending on the company and its goals. We are consultants and resellers and deploy this solution on the cloud and on-prem. We use Azure for our cloud deployments. I'm a consultant and president and CEO of our company. 

The solution enables significant streamlining and reduces resources from a personnel perspective.

Patching is very effective and reporting is very good. In general, the software distribution and operating system deployment are very good. Most organizations with small support resources leverage it, along with the Azure Autopilot component or the Intune Autopilot component. The customer orders the solution, it's shipped to them, they open it, log on with their Azure credentials and it builds the machine for them as opposed to going to an imaging center, and having a dedicated staff for that particular function. 

I think the asset management component, the TSM piece, could be improved. That would allow them to compete with other products. It's currently very basic and rudimentary because there are no other connectors such as PeopleSoft that you can get.

I've been using this solution for 24 years. 

This is a very mature product so it's very stable. In the 24 years I've been using it, most of the kinks have been worked out. It's all about having a healthy network and a healthy, active directory structure. If those two things are in place, you'll have a really good experience. If not, it will definitely show its head in the SCCM product. 

The scalability is excellent. 

Technical support for SCCM is good. You have to get past the tier one person, but once you get to a dedicated MECM engineer, it's good. The support forums are also helpful. 

If the solution is being deployed by someone with experience, it can be done in about two hours. They're pretty good with hydration kits where you can configure all the prerequisites and all the components, and you're up and running in about two clicks. It's the customer and budget that dictates how complex or how involved a setup is. If they're only leveraging a couple of the core features of the product, it's pretty straightforward, but if they want to use more advanced functions and distribute that out and do low balancing and that sort of thing, it takes a little more time. Generally, clients allow us to integrate for them, we conduct a turnkey training solution, and then they take it over.

Although the solution is not as expensive as Ivanti, the cost is still quite high. Certain licensing arrangements can get you a better deal, but it's still expensive. It's based on a CAL license, so if you have a client on an endpoint, there's going to be a charge. I think it's around $US35 per license per year. It's not too bad. 

If you're new to the solution then it's worthwhile studying the documentation because it's not easy in terms of all the components that make it up such as SQL and so forth. 

I rate the solution nine out of 10. 

Systems management, inventory, pushing out deployment, and patching. It has multiple purposes.

It helped our internal IT get ahold of all the applications that we are actually running out there. With the SCCM inventory, we found a lot of rogue applications. We were able to identify them, find out who was running them, and either put them on our application list or remove them.

One of our goals with the patching of systems was to automate it so we wouldn't have to manually push out patches anymore. It gave us the ability to set up schedules, set up all the groups and collections and, according to what our security requirements are, to automate the patching of our servers and desktops. Everybody knows now exactly what days it will happen and what is going to get patched, on a schedule. That was a huge culture shift.

What's valuable is the basic management of the systems, being able to control who can access the systems.

You can remote control or RDP. That has been the most valuable because we can go into one console and can get to anything we want. Instead of going to all these different consoles, we centralized everything. That's the big one that we really are enjoying, that we have a central console for everything.

We run into little stuff all the time. There is a reboot issue with the patching. Sometimes, if patching runs into any issue whatsoever, it doesn't reboot but it doesn't tell you it errored out. It just sits there and we don't find out until the next day whether it patched or not. That was a big issue for us. We're working through that. They added some stuff in there now where you can actually tell reboot is pending. At least that tells us which ones didn't reboot, but before that got put in the 2018 version, it was really tough because management wanted a report of what patched and what wasn't, we couldn't give it to them.

We went into the feedback site and added our feedback and voted on it. The reboot pending was a big step forward, but we still need some kind of notification that if something fails or is pending, we know. We shouldn't have to go in and look. They don't have anything for that right now.

I would also love to be able to patch Linux servers. I would love that ability to be on one console and patch my environment. I know they're doing it with the Azure piece right. I saw that at Ignite last year, where they're looking to almost have SCCM as part of the cloud, and they will supposedly let you patch your Linux boxes from the cloud. Being a law firm, that is not going to happen for us. We are not cloud-friendly.

Finally, their compliance reporting is not accurate, and they admitted it on the phone when we had a call with them. We were trying to understand why their numbers didn't match on our compliance reports. Our security really liked the idea of being able to get compliance reports themselves, on patching etc. However, it is not accurate and you cannot depend on the compliance reports. The numbers just don't match, and we can't figure out why. We called Microsoft and they said, "Yeah, that's a known issue." But there is no word that they're working on it or anything like that. That's all they said, "It's a known issue."

We've had no stability problems at all. Things have been running great for a year, we haven't had any real issues with the system itself. We've had to tweak some things like everybody does, some registry keys here and there, but there has not been a stability problem at all.

It scales, but it gets expensive. If you're looking to do - and this is something I hear they're changing in one of the future versions - built-in HA, high-availability, right now you have to use Microsoft clustering. So you have to buy Microsoft clustering to make it highly available. 

As far as load balancing across, they don't have that support yet, so that you can actually build multiple primaries and have it load balance across. They don't have any of that functionality yet. That would be a nice feature, to scale that way. The way they have designed SCCM is to put the load in the offices. You put secondary sites out there where you put DPs on the sites and they pull from the local site, not from across the LAN. That helps with the load, it doesn't really hit the primary server.

We had to escalate our issue because you always get that person at first-level support who reads off a script. Then, after a couple hours, you say, "Escalate this." Once we got to the second person, we were able to figure our issues out. I would rate tech support at seven out of 10, based on our experience.

We used ZENworks for years. I used to work for Novell, so I was biased toward it too. We switched because we weren't sure where they were going. With Novell going away, Micro Focus taking over, and somebody taking over the whole umbrella corporation, we had no idea. They couldn't give us a real roadmap out for a long period of time. We were a little worried about being on a product that might not be around in five years.

We had no problems with ZENworks. It was fine, we loved it, but we were worried about the future.

I did a lot of research before I set it up. I watched a lot of YouTube videos, talked to Microsoft, demos, etc. I did enough homework so that when we set it up it was pretty simple. You just have to understand the SCCM infrastructure and how it works. If you don't understand that it might be confusing when you first install it. You have to understand your primary site, your secondary site, your distribution points and how they work, so you know how to set it up correctly.

After that, installing it was easy. Just understanding what connects to what. What has to go first, what has to go second, what services you need installed and set up, and how to set them up. Once you do your research on that it is pretty simple. But if you go in blind, I can see how it could be rather difficult.

Pricing and licensing are a downside of SCCM. It's expensive. I'd have to confirm this, but I think they changed the licensing to core-based instead of socket-based. It's not cheap, because you have to buy the software, you have to buy SQL. Another thing we learned from talking to Microsoft is that they provide you a license for SQL if you run it on the same box as the primary server. If you run it outside that box, you have to buy SQL. Microsoft does recommend you running it on the same box because of performance. But then, in order to run SQL, SCCM, and everything on the same box, you better have some resources.

It's an expensive solution. There's no doubt about it.

We looked at some small-time vendors, third-party stuff. No major names. There was one that we looked at that was really small and it actually seemed pretty powerful. It was called PDQ. But it turned out to be more for small business than enterprise-ready. 

The only enterprise solutions we came across were SCCM, ZENworks, and BigFix from IBM. Even though BigFix did Linux, it did everything, the price point was really expensive. It was something that wasn't even in our ballpark, and they didn't seem to want to deal with us.

We were already on ZENworks and we knew how it worked. We knew everything about it, but again, we didn't know its future. When it came down to having discussions with our team, myself, and other architects, we decided the more we keep with a single solution - we are mainly a Microsoft shop, Windows on the desktop, and mostly Microsoft servers - the more we keep the stack together. That's why we went with SCCM.

Do your homework. Understand the basics of it, how it works between services. When you go to install it's going to ask you specific questions, and you might not know what the question is unless you did your homework ahead of time.

Microsoft offers architectural sessions. Right before we installed it, we went to Microsoft and they sat down with us and did a session with us to understand how to architect it, how do design it. I would definitely advise doing that. I don't know who they offer it to, but that was very helpful. We met with their architects at Microsoft and they helped us understand how to architect it.

I give SCCM an eight out of 10. It's powerful. It's not a 10 because it has little bugs here and there. It has little issues that are annoying. For example, you may want to do something on a maintenance window. There's no way to say, "I want this maintenance window to be on the second Tuesday of the month." It's strict. This window is this and that's it. You can't fluctuate. There are little intricacies that are a little annoying. Sometimes we find the flexibility is not there in certain circumstances.

We use Microsoft Configuration Manager for patch management. 

The product has improved time and security. 

Microsoft Configuration Manager is integrated with other Microsoft products. 

The product needs to improve scalability. 

I have been working with the product for three years. 

I rate Microsoft Configuration Manager a nine out of ten. 

I rate the tool's scalability an eight out of ten. 

The tool's deployment is easy. It takes between five to 25 minutes to complete. 

I rate Microsoft Configuration Manager a nine out of ten.