So I came up with below for updating BIOS as part of imaging workflow via powershell. My goal was one script that would work across all of our dell models that could be added to our HI imaging process.
My script assumes
- You're copying down the latest BIOS version for each model computer as part of imaging workflow (I use this method for deploying drivers vs deploy anywhere which makes adding BIOS to workflow pretty seemless). I just add another folder to our driver share for each model called BIOS.
- You also have to copy the bios flash utility down.
- You create tokens in CMS for your bios password(s).
#Get Bios File Name
$BiosFileName = Get-ChildItem c:\drivers\bios\*.exe -Verbose | Select -ExpandProperty Name
#Update Bios
c:\drivers\biosflash\Flash64W.exe /b=c:\drivers\bios\$BiosFileName /s /p=%biospwtoken% /l=c:\drivers\bios
This works except you have to account for your environment likely blocking unsigned powershell scripts. You can nestle the task in a job that disables the powershell signing policy, runs your script, and then re-enables it, but this seems risky to me as we don't want machines out there with signing policy disabled. Maybe it's less of a risk if you enforce signing policy as part of a GPO and run above before binding to AD.
Are there any other powershell options out there for running a script via CMS - where I want to tokenize the password and not have it locally on the machine?
I was trying to get this working as part of a command script to avoid the Powershell signing thing & got pretty close with below, but it's complaining about the bios payload (same payload/file works fine via powershell so I know the file is ok). Anyone a better scripter than me and see my error?
@ECHO off
FOR %%F in (c:\drivers\bios\*.exe) do (
set biosname=%%~nF)
c:\drivers\biosflash\Flash64W.exe /b=c:\drivers\bios\%biosname% /p=%biospwtoken%
If I echo out the last line, it seems to be sending the correct command, but I get bios payload error. If i type exactly what's echoed back, it runs fine locally on the machine.
I don't script all that much so if anyone has ideas, I'd appreciate them.
Reference link that helped me