Update BIOS that has a password
In an enterprise environment it is common practice to have a BIOS password to stop users accidentally/deliberately accessing the BIOS and making changes that would affect the operation of the computer.
It appears that Distribution/Dell Updates cannot update a BIOS if it has a password set. This means that I have to go to ~1000 computers and upgrade the BIOS manually which is an extreme waste of time when KACE was purchased to do that sort of stuff automatically and it can't update a Dell computer's BIOS.
As previously announced, we adopted a new Dell Updates framework starting in the KACE Systems Management Appliance (SMA) release 11.1. This change was triggered by Dell’s plan to end of life the framework previously used by KACE. This new framework developed by Dell is supposed to bring additional capabilities as it matures. We are keeping a close eye on these incremental improvements made by Dell and are hopeful that things like mass passing of passwords will come in time to develop against.
The latest admin response acknowledges that it doesn't address this request. Please implement functionality to allow Dell Update schedules to update BIOS when a password is set. That is the request here, and it's nearly 10 years old at this point. The script workaround is not acceptable.
I have tested Optiplex 7050 and 7040 deployment of BIOS patches with the switches /s /f /p=password successfully. http://www.itninja.com/blog/view/deploying-a-current-model-dell-bios-update-when-there-is-a-bios-password
Jeff Arey commented
"Declined" and "idea closed" is the status on this request? Anyone know why? I'm in the same boat as other commenters and this seems like it should be an easy thing for Quest to implement into Kace. We use the same bios password for all computers, so just give us a box in "Settings" to save that password in, and then the Kbox should respond with that password if the bios update asks for it when it is pushed out.
I can't believe that this is not working. Massive disappointment after purchase.
Chris Breuer commented
You can follow this example script
Paul D'Amore commented
Add me to the list. We are a K-12 school district where we have to set a password. Otherwise, middle and high school kids would do it for us. I have drivers being deployed which works great. I just need to update bios's with the same ease.
I too would like to see this feature added in the K1000. Just spent many hours with tech support trying to figure out why the BIOS will not update. BIOS password is there for a reason, especially in a business environment. We also have to adhere to policies stating that a BIOS password is required. Workaround seems a bit lengthy and is well, a workaround.
I do this all the time. In fact I made exe's with the Dell Client Configuration Utility that goes out to all Dell Computers and sets the BIOS Settings (Password, Boot Order, PXE, etc..) and then I just make managed installs to update the BIOS.
Using smart labels I search for certain models that are not of a certain BIOS level and then attach the install to that label. It is a bit of a process to set up initially but once set up it works great. I have to primary exes that I script (one for desktops and one for laptops) to set BIOS settings so any new dell computer will automatically get the appropriate bios settings once the agent is installed.
Then with the labels and BIOS Managed installs all I have to do is update the smart label with the new BIOS revision I want to search for and update the install with the new BIOS Install file.
Someone already linked to information on how to install a BIOS to a computer with a password which is similar to what I do. If you search on itninja.com for DCCU or Dell Client Configuration Utility you may find helpful information on how to script out setting BIOS settings automatically too.
Iain Morrison commented
I can't believe that a Dell appliance designed for Enterprise use can't update Dell BIOSes used in an Enterprise environment, i.e. with a password. We are currently evaluating KACE appliances and if they can't get this right it doesn't inspire much confidence in the product.
Add us to the list of customers that would like this feature. We are currently using the work around that involves scripting in Kace http://www.itninja.com/blog/view/deploying-a-current-model-dell-bios-update-when-there-is-a-bios-password
This works, but the updating of DELL bios with passwords should be built into the k1000. If it's possible for users to create a script to do this, it has to be possible for this to be programed into Kace.
Managed to do this under Kace 5.4 using the Dell Client Configuration Utility.
Created 2 packages, one to disable the bios password and one to set it again.
Then scheduled a few scripts in sequence (Wake on LAN, disable bios, reboot systems, Update the systems with the new bios, set password and finally reboot systems again).
Took a bit of testing but I managed to get 150 dell systems bios updated this. I do also agree there has to be an easier way.
Rene Sonnenschein-Flohr commented
I agree this too. We have BIOS PW on all Clients and we are not able to update them automatically. So please implement this feature in one of the next Kace Releases... BIG thx!
Will Hopkins commented
I completely agree with Steve. We're using Dell machines and a Dell product. We should be able to bypass the BIOS password without disabling it manually.