I am deploying Dell machines and I set up Admin passwords on them, however, this prevents then Dell Command from doing BIOS updates. Even if I run Dell Command Update as Admin and put in the password, it's like it doesn't save it? The "Show password" button is greyed out and the BIOS updates won't install.
I did also want to try and use DCU CLI but as soon as I open it - it closes. Any ideas as I'm pulling my hairs out (whatever has left of them)
I am receiving the error message "BIOS update failed as password is not configured. Please configure the BIOS password in settings and retry" on one of the dozen Precision 3571's I have in my environment. This is the 1.15.0 version released July 11, 2023. I have 5 other models in production, about 140 computers in total. I'd hate to have to set a BIOS password on every single one of these just to get a BIOS upgrade if this appears for other models as well...
Is there anyone running into this lately? Any workaround? I've tried using SupportAssist, Dell Command | Update and manually tried to install the BIOS update.
In case anyone else was interested, an update to version 4.6 introduces a feature set that we’ve been requesting for quite some time from Dell.
We have always struggled with pushing out laptop, driver, and firmware updates, because certain ones may require a reboot, and so we did not want to negatively impact our end users, and have their system reboot in the middle of a meeting, etc.
4.6 introduces the ability to defer install and reboot by a certain number of hours in addition to defining how many times the user can defer the install or reboot.
We’re in the process of getting the new configuration file pushed out to all our machines as this will help us to ensure that everybody’s computers drivers are up-to-date, without having to engineer and architect a more complicated solution.
Just wanted to share, would love to hear others thoughts.
Thanks.
Hi,
I'm deploying drivers, firmware and bios updates with Dell Command Update tool with SCCM. The password is encrypted with the -encryptedpassword option. In most cases the password is correct. The issue is that if the bios password is incorrect on some devices, the tool returns exit code 0 which is a success code. So the deployment will come as success while in the log, it appears that the password is incorrect. It is an issue since it breaks the result in the monitoring. A possibility would be to read the last lines of the log file and detect the line that says the password is incorrect, but is there any other with this tool ?
Thanks
Hi all- We’re looking to install the Dell Command Update Classic 5.5.0 across all of our endpoints. We already have a set BIOS password on all of our Dells, but what we’re trying to do is install DCU with our current BIOS password added into its settings (end goal is to stage and push BIOS updates automatically from Intune using DCU)
I can’t find any formal documentation on this or if this is even supported. Does anyone have any idea if this is achievable?
Hi all,
I don't know why it doesn't work. I've got my super basic ps1 script
$DCU_folder = "C:\Program Files\Dell\CommandUpdate"
$DCU_report = "C:\Temp\Dell_report\update.log"
$DCU_exe = "$DCU_folder\dcu-cli.exe"
$DCU_category = "bios,firmware,driver,application,others"
try{
New-Item -Path "C:\Temp\Dell_report\" -ItemType DirectoryStart-Process $DCU_exe -ArgumentList "/applyUpdates -encryptionkey=""supersecret"" -encryptedpassword=""moresupersecret"" -silent -reboot=disable -updateType=$DCU_category -outputlog=$DCU_report"Write-Output "Installation completed"
}catch{
Write-Error $_.Exception
}
When running, everything looks fine, it's scanning, finds the bios update, downloads, tries to install und fails. Execution completed program exited with return code 1.
What am I doing wrong? I'm at the end and can not find my problem.
Can someone help?
Thank you!
Hello everyone, I know there are already several discussions on the subject. But I haven't found a specific answer to my need.
Currently, we have deployed DCU on all our Dell computers. And we would like to configure the BIOS password in the DCU application, apart from importing the password from the command line using a script. I haven't found any other way of doing this. I have imported the Dell admx but there is no option to set the BIOS password in DCU.
What is the correct way to do this?
Thank you
Looks like in 3.0 they added BIOS password but removed CLI??
So our choices are:
-
Use 2.4 and NOT have a BIOS password (or do some clever scripting to remove, update, then set the password)
-
Physically go to all 900 computers to update all drivers
Docs say it will be added back in future versions but it's been over a year since 3.0 was released. HP's Image Assistant is ROCKING it, super simple.
Am I missing something? I have missed things before.
DCU 3.1 has been released. Use it instead. There are alternatives. SCCM has support for third party drivers and Dell Repository Manager 2.x.
If you're using DCU at all in a managed environment, you should know that even your scripted CLI updates are default reaching out to public Internet unless you leverage Dell Repository Manager.
https://www.dell.com/support/home/us/en/04/drivers/driversdetails?driverid=v104d
Use repository manager instead.
So we got a bunch of new Optiplex pcs in and I'm trying to figure out Dell Command and Configure so we can easily rollout out custom bios preferences from pc to pc.
I downloaded the Dell Command and Configure software, ran the wizard and exported the settings we'd like import on another pc (same model optiplex). However after running the exe on another pc to test it runs and changes some bios settings but fails on some. For example it fails to change the "secure boot" preference to off.
To try something else my coworker built me a WindowPE usb with Dell CC on it (command line). On the pc in question that has secure boot on, I ran the following via the command line from the WPE enviornment:
cctk.exe -H --secureboot
(this showed that it was enabled but that the option IS supported on my current machine)
followed by:
cctk.exe --secureboot=disabled
Which results with "Error in setting the value".
Now in flexing my google fu on this issue I found this link from dell saying I need to first go into the bios on our test machine, enable custom keymode and then "delete all keys" for PK.
This link: https://www.dell.com/support/kbdoc/en-us/000205212/dell-client-configuration-toolkit-returns-an-error-when-setting-secure-boot-mode-to-audit-mode
I've done that, rebooted and entered the password it prompts you for to confirm this change and tried changing the option again from cctk command line and it still fails.
Any tips what I might be doing wrong to change secureboot via cctk?
PS: I can change some bios settings via the command line and the gui version options but not secureboot and I'd like to be able to do so.
Thanks for your time.
For security reasons, i enabled Bios passwords on a few pc in the network, without realising I would need to unlock the pc Bios if a bios update was available using dell command update tool. How do you guys push out Bios update on bios password protected pc's
I'm starting to think the Dell unique-per-device passwords are more trouble then they are worth, I've read several reports of people losing passwords if they initiate a device reset etc.
In my case I am setting up a fresh Intune tenant, I onboarded two test Dell devices yesterday which succeeded and unique passwords were set and visible in the Management portal. I then made some changes to the config profiles so I manually removed the BIOS passwords (I did this for speed, I know it can be done in the BIOS policy), wiped the devices (using install media rather than Intune), and onboarded again. The Management Portal is showing the device names, a current check in time, but the passwords are from the previous onboard.
Luckily, I was able to pull the current passwords from MSGraph, but does anyone know why this happened and if it is possible to fix? When working, the Dell portal is a much more efficient way of grabbing these passwords.
Thanks
Update: I set the BIOS policy to remove unique passwords, it succeeded on all devices and the passwords are blank, but a day later and only one of them shows as blank in the Dell portal, the rest show as an old password. I suspect when I enable the feature again that if I’m lucky, one will show the correct password and the rest will be old in the portal. Can’t see a way to remove the device from the portal so it can be added back fresh. It has promise but poor in its current state…
Hello all. My company is currently looking to update the BIOS for all their Dell machines on the network in response to an IAVM. We operate in highly secure conditions which has ruled out using any built in Bios settings to automate Bios updates. The reason for this, is that any updates need to be performed in an offline fashion (meaning I can't use a tool that requires internet access to download the update).
Instead we have been asked to automate a push of any BIOS updates to our devices with, ideally as little user interaction as possible. However this has led to a few complications.
Firstly, there doesn't appear to be a command to pass the bios password into the exe for the bios update (Ideally we want to encrypt the password before passing it into the update).
Secondly, we haven't found a way to run the updates silently as of yet. We want as little user interaction as possible.
For our HP devices I was able to find a tool called HP Image Assistant. For our dell's, well I'm still searching for a similar tool.
I can't imagine that we are the first ones to encounter a conundrum like this. As of yet I haven't found much of any use when googling it though. Is there anybody else here who has a solution to this problem?
EDIT: I am currently looking at Dell Command| Update. Though I'm not sure just yet if that is the tool I'm looking for.
I have a Dell Vostro 3350 and its asking for a Admin Password to unlock boot setup. All I know is my service tag (2JW9QR1). I dont know what hash my computer uses, but I've tried all passwords available on this websitehttps://bios-pw.org/. I wanted to install Windows on my computer but I cant create any partitions because my disk controller is disabled. I cant even boot into my bios. I bought this PC for 200 bucks spent 80 dollars to get its motherboard fixed and now they are asking me another 50 dollars for fixing this.🙁
Is their any fix please help.