Configuring Dell BIOS with built-in Intune feature

Managing BIOS settings remotely across multiple Dell devices can be a time-consuming and error-prone task. Well, Intune provides a streamlined approach to configure Dell BIOS settings remotely, without needing to physically interact with each device. This built-in support allows you to automate the configuration and ensure consistency across all your managed devices. I use this for settings BIOS password usually. It is possible with other devices as HP and Lenovo but needs another way of doing it.

Password can be set IF it doesn’t has been set before in other ways!!

Prerequisites

Before you start, there are a few prerequisites to ensure everything works smoothly:

  • You must have an active Microsoft Intune subscription to manage devices and create configuration profiles.
  • For Dell devices to interact with Intune’s BIOS management capabilities, the Dell Client Management Extension must be installed on the device. This can be deployed through Intune. Link to the EXE.
  • Supported Devices: Dell devices must be supported by the BIOS management feature. Most modern Dell laptops and desktops are compatible.

Once you’ve met these prerequisites, you’re ready to start configuring BIOS remotely. Push the Dell extension with Intune as an regular app. Run the installer an extract. Take the DCECMI.msi and publish in Intune, a tip is to add it to all devices and user filters to filter out only Dell devices.

Creating the BIOS config file

You need a device with the Client Configuration Tool Kit app installed.

Open upp Dell CCTK Configuration Wizard

Click Create Package

You can choose multi-plattform or this systems file. Picking this systems file it will only show the current possible settings for that specific device, if its a Dell of course. 🙂

Do a search for password and tap enter until you seee sets the setup password

Set the system password and Save.

Now you can also set other stuff for the BIOS as needed, The password as an example above is not a requirement for setting other stuff.

Next thing is to click Export Configuration and save the .cctk file locally.

Head over to Intune portal and create a config policy.

Navigate to Devices > Windows > Configuration Profiles. Select + Create Profile, and in the platform dropdown, choose Windows 10 and later. Under profile type, select Templates. The template we are using is BIOS configurations and other settings.


Click Create
Name the policy and go to next tab. Here we add the .cctk file we created and saved earlier. YOu can also see that we have one other setting here.


Disable per-device BIOS password protection:

No: Intune generates a unique device password for each device. To access and update the BIOS configuration on the device, users must enter this password.

Yes: There isn’t a password protecting the BIOS. Any previous passwords are removed. End users can access the BIOS and change the BIOS settings on the device.

Got a need top protect the BIOS settings? Then choose No

Deploy to your Dell devices. Use a est group as usual. BIOS settings can have huge impact if something goes wrong and its deployed to all devices.

It’s an easy way of getting adjustments to BIOS on Dell devices set. Hopefully we can use the same way for other brands in the future. In the meanwhile we have to use each of the manufacturers apps and way to do it. It can always be packaged in a Win32 app with scripts to automate with Intune.

Leave a Reply

Your email address will not be published. Required fields are marked *