BIOS Update and Config in WinPE with SCCM

My first blog, so don’t blame me for it ;-)

During a migration from Windows XP to Windows 7 x64 with the help of SCCM 2007 of exiting machines a requirement was to upgrade all BIOS verions to the same level and set the BIOS config. AHCI or IDE cannot be changed after Windows is deployed to the disk. The only way is to preconfigure it before applying the operation system to the disk.

With a little modifications we have used the script from Dell BIOS Upgrades for Enterprise Clients with Microsoft System Center Configuration Manager 2007 and created two SCCM packages within SCCM. One contains the upgrade scripts and one with the BIOS configuraton for each model including Dell CCTK Toolkit.

Important here is when using the Dell CCTK Toolkit, you will have to use the 86-bit bootimage. By using the x86 versions you’re still able to deploy a x64-bit Windows OS.

              1. First thing to do is download all BIOS executables, the installation one-liner, the actual command to silently update the bios

 

              1. Create a package from the Dell CCTK Tookkit and create a simple CMD file to copy the toolkit during the task sequence execution to X: drive (WinPE).@ECHO OFFSet DPUsed=%~DP0%
                pushd %DPUsed%
                xcopy.exe “%DPUsed%\X86\*.*” “x:\CCTK\X86\” /E /C /I /Q /H /R /Y /S

 

              1. It could happen that there is already a password set within the BIOS or you want to change it to a new one, we need to remove it. First we have to enable the Dell HAPI Driver.Note: as seen in the screenshot below the password is set as a task sequence variable so they aren’t listed in plain text. To achive this, encode a script and set in the begining of a task sequence, encode the script for example with Encode a Script which can been found here. This way they are a bit harder to find ;-)

                X:\CCTK\X86\HAPI\hapint -i -k C-C-T-K -p X:\CCTK\X86\HAPI\
                Dell Hapi Driver
              2. Clearing the current password, if there are multiple passwords, use the option ‘Continue on Error’ in the task sequence step and execute it again for each password.Clear Bios Password
              3. Adjust the script with you models, version and executuables. Also keep in mind, for some models a mimimum version is needed to be able to upgrade to the latest version. So you will have to copy the script modify specific model, and run it again, after a reboot of course. Within a SCCM Task Sequence you will have for example 6 steps to upgrade the BIOS. For example the Dell Latitude
                E6420.sccm Task Sequence bios upgradejpgScript contents:
                ‘Update BIOS
                On Error Resume Next

                DlgTitle = “BIOS Upgrade”
                Set WshShell = CreateObject(“Wscript.Shell”)
                Set WshNet = CreateObject(“Wscript.Network”)
                PathToScript = Left(WScript.ScriptFullName,(Len(WScript.ScriptFullName) – (Len(WScript.ScriptName) + 1)))
                CompName = WshNet.ComputerName
                Set objLocator = CreateObject(“WbemScripting.SWbemLocator”)
                Set wmi = objLocator.ConnectServer(CompName, “root\cimv2”,,,,,128)
                For Each Instance in wmi.ExecQuery(“Select * From Win32_ComputerSystem”,,48)Model = Instance.Model
                Next
                For Each Instance in wmi.ExecQuery(“Select * From Win32_SystemEnclosure”,,48)ServTag = Instance.serialnumber
                Next
                For Each Instance in wmi.ExecQuery(“Select * From Win32_Bios”,,48)BIOSRev = Instance.SMBIOSBIOSVersion
                Next
                Model = Trim(Model)
                Select Case ModelCase “Latitude E7240” : ExeToRun = “E7240A06.exe” : NewBIOSVersion=”A06″
                Case “Latitude E7440” : ExeToRun = “E7440A06.exe” : NewBIOSVersion=”A06″
                Case “Latitude 6430U” : ExeToRun = “6430UA04.exe” : NewBIOSVersion=”A04″
                Case “Dell System XPS L322X” : ExeToRun = “L322XA08.exe” : NewBIOSVersion=”A08″Case Else : ExeToRun = “NA”
                End SelectIf ExeToRun = “NA” Then
                 wscript.echo “We do not currently provide a BIOS upgrade for a ” & Model & vbcrlf & vbcrlf & “If this is an older model system, please excess the equipment.”
                 Set oTaskSequence = CreateObject (“Microsoft.SMS.TSEnvironment”)
                 oTaskSequence (“rebootts”) = “false”
                Wscript.Quit(0)ElseIf BIOSRev = NewBIOSVersion Then
                 wscript.echo “The current BIOS[” & BIOSRev & “] for this ” & Model & ” is up-to-date and does not require an upgrade.”  
                 Set oTaskSequence = CreateObject (“Microsoft.SMS.TSEnvironment”)
                 oTaskSequence (“rebootts”) = “false”
                 Wscript.Quit(0)ElseIf BIOSRev > NewBIOSVersion Then
                 wscript.echo “The current BIOS[” & BIOSRev & “] for this ” & Model & ” is newer and does not require an upgrade.”
                 Set oTaskSequence = CreateObject (“Microsoft.SMS.TSEnvironment”)
                 oTaskSequence (“rebootts”) = “false”
                 Wscript.Quit(0)
                End If
                If Model = “Latitude E7240” Or Model = “Latitude E7440”  then
                 WshShell.Run Chr(34) & PathToScript & “\” & ExeToRun & Chr(34) & ” -NOREBOOT -NOPAUSE”, 1, False
                Else
                 WshShell.Run Chr(34) & PathToScript & “\” & ExeToRun & Chr(34) & ” -NOREBOOT -NOPAUSE -FORCEIT”, 1, False
                End If‘New Dell models are very fast, in order to upgrade the BIOS successfully a sleep command is needed.
                WScript.Sleep 10000Set oTaskSequence = CreateObject (“Microsoft.SMS.TSEnvironment”)
                oTaskSequence (“rebootts”) = “true”
                Wscript.Quit(0)
                 sccm Task Sequence BIOS steps
              4. As you can see during the excutions of the script it will check if the BIOS version is equal or higher else it will run a bios upgrade. During excution of the script  a SCCM task sequence variable is set if a reboot is needed or not, variable ”rebootts’. Meaning if a BIOS upgrade has been performed a reboot will take place, its depening on the variable.sccm Task Sequence BIOS reboot
              5. The next step will be setting the correct configuration. To configure the BIOS the Dell HAPI driver must be loaded again. See step 2 and 3.Dell Hapi Driver
              6. Now we have to find out which model it is. You can use the script below to find out wich model it is and eventually it will be set to a SCCM variable.Set objLocator = CreateObject(“WbemScripting.SWbemLocator”)
                Set wmi = objLocator.ConnectServer(CompName, “root\cimv2”,,,,,128)
                For Each Instance in wmi.ExecQuery(“Select * From Win32_ComputerSystem”,,48)Model = Instance.Model
                NextModel = Trim(Model)Set oTaskSequence = CreateObject (“Microsoft.SMS.TSEnvironment”)
                oTaskSequence (“CurrentModel“) = Modelwscript.echo “The current model is: “& model

 

            1. For each model you can create a ini-file (the actual BIOS config), which can be set.Filename: ‘Latitude E7440.ini’  contents:[cctk]
              bluetoothdevice=disable
              bootorder=legacytype,-floppy,+hdd,-usbdev,-cdrom,-embnic
              controlwlanradio=enable
              cpuxdsupport=disable
              embnic1=on
              embsataraid=ahci
              wirelesswitchnlanctrl=enablesccm Task Sequence BIOS CurrentModel
            2. Last thing we need to do is to set the password again.
              Command: x:\CCTK\X86\cctk –setuppwd=%NEWPASSWORD%

sccm Task Sequence BIOS SetPassword

Leave a Reply

Your email address will not be published. Required fields are marked *