TechCenter Blogs

Updating Secure Boot BIOS Configuration using OMCI 8.1.1 to upgrade to 64bit Win8 OS

TechCenter

TechCenter
DellTechCenter.com is a community for IT professionals that focuses on Data Center and End User Computing best practices. Here you can learn about and share knowledge about Dell products and solutions.

Updating Secure Boot BIOS Configuration using OMCI 8.1.1 to upgrade to 64bit Win8 OS

One of the recent and most featured announcements from Microsoft is the launch of Windows 8. For corporates intending to upgrade from Win 7 to Win 8 may choose to enable secure boot in BIOS to increase security in their systems,  this will be considerable effort if done manually for IT administrators to upgrade the systems.

The UEFI specification adds a feature known as Secure boot, which can secure the boot process by preventing the loading of drivers or OS loaders that are not signed with an acceptable digital signature. For more information on UEFI and secure boot kindly refer the following : http://www.uefi.org/home/

With the release of Dell OpenManage Client Instrumentation (OMCI) 8.1.1, this effort has been made a lot easier. The OMCI offers support for Microsoft Win 8 OS and It also supports enabling of  Secure Boot feature in BIOS .

Hence now the IT administrator sitting in the remote location can easily enable Secure Boot on the system. Kindly refer to the OMCI documentation at the below URL for more information about the product

http://en.community.dell.com/techcenter/systems-management/w/wiki/1773.openmanage-client-instrumentation-omci.aspx

 

The procedure to update secure boot is as follow :

  1. First download and install the latest BIOS from the dell support site.
  2. Ensure that the system is rebooted so that the new BIOS is loaded. After the BIOS update you will see that the boot mode is default legacy and secure boot is disabled.
  3. Once the system is rebooted, Run the below VB Script (attached with the blog - kindly remove the .txt extension from the file)

'**********************************************************************

'*** Name:SampleSecureBoot.vbs

'*** Purpose: To enable Secure Boot.

'*** Usage: cscript.exe //nologo SampleSecureBoot.vbs <systemname>

'***

'*** This sample script is provided as an example only, and has not been

'*** tested, nor is warranted in any way by Dell; Dell disclaims any

'*** liability in connection therewith. Dell provides no technical

'*** support with regard to such scripting. For more information on WMI

'*** scripting, refer to applicable Microsoft documentation.

'*** NOTE: Replace <Password> in line 53 (inside the quotes)

'*** with the desired values if there is any password set in the system.

'*** If both passwords(Admin and Boot) are set please replace it with Admin Password.

'*** If there is no password set in the system please leave it as empty.

'**********************************************************************

 

Option Explicit

 

'*** Declare variables

Dim strNameSpace

Dim strComputerName

Dim strClassName

Dim strKeyValue

Dim objInstance

Dim strPropName

Dim strPropValue

Dim oInParams

Dim objWMIService

Dim returnValue

Dim ColSystem

Dim strAttributeName(2)

Dim strAttributeValue(2)

Dim strAuthorizationToken 

'*** Check that the right executable was used to run the script

'*** and that all parameters were passed

If (LCase(Right(WScript.FullName, 11)) = "wscript.exe" ) Or _

   (Wscript.Arguments.Count < 1) Then

             Call Usage()

             WScript.Quit

End If 

'*** Initialize variables

strNameSpace = "root/dcim/sysman"

strComputerName = WScript.Arguments(0)

strClassName = "DCIM_BIOSService"

strAttributeName(0) = "Secure Boot"

'*** All possible values for Secure Boot are as follows:

'*** 2 = Enable

strAttributeValue(0) = "2"

strAuthorizationToken = "<Password>"

 

returnValue = 0

'*** Retrieve the instance of DCIM_BIOSService class

Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate," &_

                                  "AuthenticationLevel=pktprivacy}\\" & strComputerName & "\" &_

                                  strNameSpace)

Set ColSystem=objWMIService.execquery ("Select * from " &strClassName)

 

For each objInstance in ColSystem

    Set oInParams= objInstance.Methods_("SetBIOSAttributes").InParameters.SpawnInstance_

    oInParams.AttributeName = strAttributeName

    oInParams.AttributeValue = strAttributeValue

    oInParams.AuthorizationToken = strAuthorizationToken

    Set returnValue = objInstance.ExecMethod_("SetBIOSAttributes", oInParams)

Next

 

'*** If any errors occurred, let the user know

If Err.Number <> 0 Then

       WScript.Echo "Enabling Secure Boot failed."

End If

'*** Sub used to display the correct usage of the script

Sub Usage()

        Dim strMessage

        strMessage = "incorrect syntax. You should run: " & vbCRLF & _

                              "cscript.exe /nologo SampleSecureBoot.vbs <systemname>"

        WScript.Echo strMessage

End Sub

'**********************************************************************

       4. This script will enable secure boot on your system and will also set the boot options to UEFI and disable legacy option ROM feature.

       5. At this stage, you will be able to boot into your current OS only if it has been installed with UEFI support.

       6. You will now have to install the new Win 8 OS through the CD-DVD/PXE.

Note: Factory delivered Windows 8 systems will have default Secure Boot enabled in BIOS configuration.

Attachment: sampleSecureBoot.vbs.txt

To post a comment login or create an account

Comment Reminder

Unrelated comments or requests for service will be unpublished. Please post your technical questions in the Support Forums or for direct assistance contact Dell Customer Service or Dell Technical Support.. All comments must adhere to the Dell Community Terms of Use.