logo
parallax-small

Set BIOS settings with a Compliance Baseline in ConfigMgr

Thursday, 28 March 2019

Set BIOS settings with a Compliance Baseline in ConfigMgr

In this blog I want to share with you how you can check and set BIOS settings using a Compliance Baseline in ConfigMgr. The PowerShell scripts for discovery and remediation in this blog can be used on HP, Dell or Lenovo systems.

For HP and Lenovo, you can use WMI to check or set BIOS settings. For Dell you should use the Dell BIOS Provider tool (latest version). The Dell BIOS Provider tool must be “installed” on the system before you can check or set BIOS settings on Dell systems.

You can use these links to install the Dell BIOS provider tool in your environment:

  1. https://www.dell.com/support/article/nl/nl/nldhs1/sln311262/dell-command-powershell-provider?lang=en
  2. https://www.powershellgallery.com/packages/DellBIOSProvider/2.1.0

In this example I will set the “Virtualization Technology (VTx)” to “enabled” in the BIOS on a HP system using a Configuration Item.

The following PowerShell scripts are used for discovery and remediation:

Example for Discovery:

Hewlett Packard (HP)

Discovery Hewlett Packard HP

Dell

Discovery Dell

Lenovo

Discovery Lenovo

Example for Remediation:

Hewlett Packard (HP)

Remediation Hewlett

Dell

Remediation Dell

Lenovo

Remediation Lenovo

Advise: Create for every BIOS setting a new Configuration Item. Add every Configuration Item (BIOS setting to check) to a Compliance Baseline. A Compliance Baseline can contain more than one Configuration Item (BIOS settings to check).

How to create a Configuration Item to check and remediate a BIOS setting:

  • Create a new Configuration Item using the Create Configuration Item Wizard. Give the Configuration Item a name and description (if desired). Example: HP BIOS Virtualization Technology (VTx) Enabled
  • Select: Windows Desktops and Servers (custom)
  • Click Next
  • Select only Windows 10 (or another platform)
  • Click Next
  • On Settings Tab, click New
  • On the General Tab of the Create Settings page, type a Name and Description (if desired). Example: Intel(R) Virtualization Technology

Create settings

  • Change the Setting type to: Script
  • Set the Data type to: Booloan
  • Click Add Script (Discovery script)

Discovery script

  • Select script language: Windows Powershell
  • Copy the Discovery Script above for HP, Dell or Lenovo
  • Click OK
  • Click Add Script (Remediation script optional)

Remediation script

  • Select script language: Windows Powershell
  • Copy the Remediation Script above for HP, Dell or Lenovo
  • Click OK
  • Click the Compliance Tab

Compliance rules

  • Type a Name and Description (if desired). Example Virtualization Technology
  • Select Rule type: Value
  • Select The value returned by the specified script: Equals True

The value returned

  • Select: Run the specified remediation script when this setting is noncompliant
  • Select: Report noncompliance if this setting instance is not found

Run Report

  • Click OK
  • Click OK
  • Click Next
  • Click Next
  • Click Next
  • Click Close

Add this Configuration Item to a Compliance Baseline and deploy the Compliance Baseline to a HP, Dell or Lenovo device collection. The final result is the “Virtualization Technology (VTx)” setting is enabled in the system BIOS. Depending on the deployment it will check every time and remediate if non-compliant.

Login Virtual Desktop Estimator

By Ferry Stelte, Senior Consultant at Login Consultants

A frequently asked question I receive from customers is: “How many SBC hosts or VDI Desktops can run on one Hypervisor host?" Many customers have difficulties with Excel sheets or with a calculator to perform calculations on the amount of SBC-VDI machines that can run on one single Hypervisor.

7 lessons I’ve learned using Scrum for infrastructure projects

Written by Bob Molenaar

I’ve been a consultant for almost 20 years. My recent experiences with Agile Scrum made me think of some of the infrastructure projects I have done and how Scrum could have made those projects easier. Scrum is known to have the best practices for software development projects, but the experiences I’ve had with Scrum, prove that this method is also a good way to manage infrastructure projects.  I believe that Scrum can be used for more than just software development. In this blog, I’ll share 7 lessons I’ve learned using Scrum for infrastructure projects.

Base Image Script Framework (BIS-F) – Version 6.1.0 build 01.101

the perfect way to seal your Base Image

by Matthias Schlimm, March 2018

The Base Image Script Framework (BIS-F) is the perfect way to seal your Base Image. Whatever your environment has run Citrix XenApp, Citrix XenDesktop with PVS or MCS,  Citrix AppLayering, VMware Horizon View, you must prepare your Base Image before you can distribute this Image to multiple devices. If you install your Base Image from scratch or update them with new software, for the sealing process of your Base Image run this framework (preparation), it makes it also unique if you booting up your cloned device (personalization).

Login Consultants becomes part of Orange Business Services

Monday, 18 July 2016

Login Consultants announced today that it becomes part of Orange Business Services. Orange Business orange obs logo lockup right black text rgb englishService is a provider of global IT and telecom services and a leading player in the VDI (Virtual Desktop Infrastructure) market in France, through its subsidiary Néoclès, it manages around 150,000 desktops and delivers 120 projects per year.

Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.
More information Ok