Omnia/Azure-Dell-BIOS-Password-Solution
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update readme.md

Browse Source
This commit is contained in:
samsamfin
2026-05-05 10:31:12 +00:00
parent 2487fcc969
commit 094c575f8a
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
readme.md
+3 -5
View File
@@ -4,7 +4,7 @@ Manages Dell BIOS Admin password across the fleet using Intune Remediation scrip
## How it works
The solution uses Dell's native WMI security interface (`root\dcim\sysman\wmisecurity`), specifically the `PasswordObject` and `SecurityInterface` WMI classes. These are exposed directly by Dell UEFI firmware via Windows' built-in ACPI WMI bridge driver (`wmiacpi.sys`) **no Dell Command | Monitor or Dell Command | Update installation is needed**.
The solution uses Dell's native WMI security interface (`root\dcim\sysman\wmisecurity`), specifically the `PasswordObject` and `SecurityInterface` WMI classes. These are exposed directly by Dell UEFI firmware via Windows' built-in ACPI WMI bridge driver (`wmiacpi.sys`) - **no Dell Command | Monitor or Dell Command | Update installation is needed**.
> **Note:** The `root\dcim\sysman\wmisecurity` namespace will **not** be present on generic virtual machines (Hyper-V, Azure, VMware) that lack a real Dell UEFI firmware profile. The solution targets physical Dell endpoints only.
@@ -15,14 +15,12 @@ The solution uses Dell's native WMI security interface (`root\dcim\sysman\wmisec
- Network access to Azure Blob Storage from the endpoint
- Intune Remediation (requires Intune P1 license or Intune Suite)
~~Dell Command | Monitor or Dell Command | Update~~ *(not required)*
## Instructions
Create an Azure storage account and a new container inside it. Generate a SAS URL for it. Inside the container, upload two Base64-encoded `.txt` files:
- `current-content.txt` the current BIOS Admin password (Base64 encoded)
- `old-content.txt` all known previous passwords, one per line (Base64 encoded), plus one blank line to handle devices with no BIOS password currently set
- `current-content.txt` - the current BIOS Admin password (Base64 encoded)
- `old-content.txt` - all known previous passwords, one per line (Base64 encoded), plus one blank line to handle devices with no BIOS password currently set
As passwords change over the years, update both files in the storage account accordingly.