31 lines
1.5 KiB
Markdown
31 lines
1.5 KiB
Markdown
# Instructions
|
|
Create an Azure storage account, and a new container inside it. Generate SAS url for it. Inside the container, you will upload 2 base64 encoded .txt files - one containing the current BIOS password, and the other with all known previous passwords.
|
|
|
|
# Current setup
|
|
- Resource Group: `rg-IntuneRelated-Prod00`
|
|
- Sorage Account name: `stitbiosmgm`
|
|
|
|
## Azure
|
|
### SAS url
|
|
`https://stitbiosmgmt.blob.core.windows.net/mgmt?sp=r&st=2026-02-26T08:55:03Z&se=2036-02-26T17:10:03Z&spr=https&sv=2024-11-04&sr=c&sig=lBtObK2UmF3nzLvN4%2Biu1X9H6nC0Tc%2BRgvW0hM4eq9U%3`
|
|
|
|
### current-content.txt
|
|
`https://stitbiosmgmt.blob.core.windows.net/mgmt/current-content.txt?sp=r&st=2026-02-26T08:49:58Z&se=2034-01-08T17:04:58Z&spr=https&sv=2024-11-04&sr=c&sig=zS74OfiIR93eSpFz68xnqW99UF0pJPLCoUIB7X5rnnM%3D`
|
|
|
|
### old-content.txt
|
|
`https://stitbiosmgmt.blob.core.windows.net/mgmt/old-content.txt?sp=r&st=206-02-26T08:49:58Z&se=2034-01-08T17:04:58Z&spr=https&sv=2024-11-04&sr=c&sig=zS74OfiIR93eSpFz68xnqW99UF0pJPLCoUIB7X5rnnM%3D`
|
|
|
|
## Intune
|
|
### Remediation
|
|
|Setting|Value|
|
|
|:--|:--|
|
|
|Name|Dell BIOS Admin Password|
|
|
|Detection script|Detect-BiosPassword.ps1|
|
|
|Remediation script|Remediate-BiosPassword.ps1|
|
|
|Run this script using the logged-on credentials|No (run as System)|
|
|
|Enforce script signature check|No (unless you sign your scripts)|
|
|
|Run script in 64-bit PowerShell|Yes|
|
|
|Schedule|Daily or every 1 hour depending on urgency|
|
|
|
|
### Entra ID Group for deployment
|
|
Intune - Azure Dell BIOS Password Solution |