SCCM System Center Configuration Manager

How to upgrade BIOS with SCCM for all managed computers

 Hi all,

Today I will do an article about how to update / upgrade BIOS on all computer with SCCM. In my today test we will upgrade  Dell bios on all compatible models. I will creta an application and distribute as mandatory. I have done another article, link: where I demonstrate how to create a package and upgrade BIOS during a task sequence.

Now BIOS update, you should cover bot scenarios:

• Install the latest BIOS updates on the new computers or OS refresh during the task sequence
• Install the latest BIOS to all existing computer and keep your computer fleet updated.

Let’s cover the first scenario, create an app to update on demand all computers. For this example I will use a Dell computer.

• Go to Dell website to download the latest version https://www.dell.com/support 
• Copy the exe file OptiPlex_3060_x.x.x.exe in you share folder for SCCM repository
• Go to SCCM console to Software Library à Overview à Application Management à Applications and create a new application  
• In General Select Manually specify the application information 
• In General information add all the details 
• Application Catalog, fill with all the details 
• In Deployments Types, click Add 
• Create deployment Type Wizard, general, select Type Script Installer 
• General Information, fill with app details 
• Content, specify the path for the where you save the exe file.  For installation program enter the exe file plus Dell Bios installer switches, parameters "OptiPlex_3060_1.2.17.exe" /s /p=Password /l=C:\Temp\OptiPlex_1.2.17_3060.log . For more details about installer switches / parameters link: Dell bios installer switches parameters for sccm installation
• Detection Rule, here I have used in installation parameters the option /l to create a log file. I will use this file for my detection 
• User experience, Install for System, Whether or not a user is logged on, Normal, 
• Requirements,  I have nothing
• Dependencies, none
• Next and finish all wizard windows

Note: Now very important, the installer it will return to unusual codes for a successfully installation, 2 for Soft Reboot is Required, 6 for Hard Reboot is required. I have added them manually otherwise sccm it will not know how to interpret this exit code and it will consider a failed installation 

Great we have an app now distribute this app and deployed to you test machine. In deployment option I chose: Install, Required, Scheduling one week for deadline, User experience install but not restart

Now the computer it will receive an the app, it will start installation but it will wait for user to trigger restart. You can chose on deployment to restart, depend of the company deployment policy.

From the other side, the computer :)

In software center:

Computer logs, C:\Windows\CCM\Logs

AppDiscovery.log

+++ Did not detect app deployment type Dell BIOS 1.2.17(ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f, revision 9) for system. AppDiscovery 23/11/2018 10:23:58 11328 (0x2C40)
Entering ExecQueryAsync for query "select * from CCM_AppDeliveryType where (AppDeliveryTypeId = "ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_7cb6cd5d-acda-46f7-9f14-499afbe78ec6" AND Revision = 1)" AppDiscovery 23/11/2018 10:23:58 11328 (0x2C40)
    Performing detection of app deployment type MDOP MBAM - Windows Installer (*.msi file)(ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_7cb6cd5d-acda-46f7-9f14-499afbe78ec6, revision 1) for system. AppDiscovery 23/11/2018 10:23:58 11328 (0x2C40)
    Discovering MSI App: ProductCode - {AEC5BCA3-A2C5-46D7-9873-7698E6D3CAA4}, ProductVersion - , AppDeliveryTypeId - ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_7cb6cd5d-acda-46f7-9f14-499afbe78ec6, AppDeliveryTypeRevision - 1 AppDiscovery 23/11/2018 10:23:58 11328 (0x2C40)
    Found MSI application with product code {AEC5BCA3-A2C5-46D7-9873-7698E6D3CAA4} and version <not defined>. AppDiscovery 23/11/2018 10:23:58 11328 (0x2C40)
+++ Discovered MSI application [AppDT Id: ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_7cb6cd5d-acda-46f7-9f14-499afbe78ec6, Revision: 1, MSI Product code: {AEC5BCA3-A2C5-46D7-9873-7698E6D3CAA4}, MSI Product version: ] AppDiscovery 23/11/2018 10:23:58 11328 (0x2C40)
+++ Detected app deployment type MDOP MBAM - Windows Installer (*.msi file)(ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_7cb6cd5d-acda-46f7-9f14-499afbe78ec6, revision 1) for system. AppDiscovery 23/11/2018 10:23:58 11328 (0x2C40)
   ActionType - Install will use Content Id: Content_907bfc3a-b263-4898-a6c0-3ab145dd4d85 + Content Version: 1 for AppDT "Dell BIOS 1.2.17" [ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f], Revision - 9 AppDiscovery 23/11/2018 10:23:59 11328 (0x2C40)
  ActionType - Install,Max execute time = 120 minutes for AppDT "Dell BIOS 1.2.17" [ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f], Revision - 9 AppDiscovery 23/11/2018 10:23:59 11328 (0x2C40)
  ActionType - Install,Max execute time = 120 minutes for AppDT "Dell BIOS 1.2.17" [ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f], Revision - 9 AppDiscovery 23/11/2018 10:23:59 11328 (0x2C40)
Initializing Local App Handler AppDiscovery 23/11/2018 10:23:59 11328 (0x2C40)

AppEnforce.log, remember about exit code, it will present exit code 2, but now SCCM knows how to handle this code ;)

+++ Starting Install enforcement for App DT "Dell BIOS 1.2.17" ApplicationDeliveryType - ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f, Revision - 9, ContentPath - C:\Windows\ccmcache\u, Execution Context - System AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    App is targeted to Machine, Execution context is System AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    Performing detection of app deployment type Dell BIOS 1.2.17(ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f, revision 9) for system. AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    Discovering app: AppDeliveryTypeId : ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f, Revision: 9 AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    Expression Xml : 3261686104 Discover Source Xml: <DiscoverySourceInfo SourceType="WMI">
  <Resource LogicalName="File_e3790751-b3dd-40e2-aaa6-ed7702922478">
    <InstanceDescription Namespace="root\CCM\CIModels" Class="CCM_File_Setting">
      <Key Name="Path" DataType="String">
        <Value>
          <Literal>C:\Temp\</Literal>
        </Value>
      </Key>
      <Key Name="Name" DataType="String">
        <Value>
          <Literal>OptiPlex_1.2.17_3060.log</Literal>
        </Value>
      </Key>
      <Key Name="FileSystemRedirectionMode" DataType="Int64">
        <Value>
          <Literal>0</Literal>
        </Value>
      </Key>
    </InstanceDescription>
  </Resource>
</DiscoverySourceInfo> AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
+++ Application not discovered. [AppDT Id: ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f, Revision: 9] AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    App enforcement environment:
 Context: Machine
 Command line: "OptiPlex_3060_1.2.17.exe" /s /p=Password /l=C:\Temp\OptiPlex_1.2.17_3060.log
 Allow user interaction: No
 UI mode: 1
 User token: null
 Session Id: 4294967295
 Content path: C:\Windows\ccmcache\u
 Working directory:  AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    Prepared working directory: C:\Windows\ccmcache\u AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
Parsed CmdLine: "OptiPlex_3060_1.2.17.exe" /s /p=Password /l=C:\Temp\OptiPlex_1.2.17_3060.log AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
Parsed CmdLine: "OptiPlex_3060_1.2.17.exe" /s /p=Password /l=C:\Temp\OptiPlex_1.2.17_3060.log AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    Prepared command line: "C:\Windows\ccmcache\u\OptiPlex_3060_1.2.17.exe" /s /p=Password /l=C:\Temp\OptiPlex_1.2.17_3060.log AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
Parsed CmdLine: "C:\Windows\ccmcache\u\OptiPlex_3060_1.2.17.exe" /s /p=Password /l=C:\Temp\OptiPlex_1.2.17_3060.log AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    Executing Command line: "C:\Windows\ccmcache\u\OptiPlex_3060_1.2.17.exe" /s /p=Password /l=C:\Temp\OptiPlex_1.2.17_3060.log with system context AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
Parsed CmdLine: "C:\Windows\ccmcache\u\OptiPlex_3060_1.2.17.exe" /s /p=Password /l=C:\Temp\OptiPlex_1.2.17_3060.log AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
Commandline length:48  evaluate:1 AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    Working directory C:\Windows\ccmcache\u AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
CcmCreateProcess: Running from CcmExec or CcmExec not treated as managed installer; calling CreateProcess directly. AppEnforce 23/11/2018 10:23:59 11328 (0x2C40)
    Post install behavior is BasedOnExitCode AppEnforce 23/11/2018 10:24:00 11328 (0x2C40)
    Process creation time: 2018-11-23 10:23:59:786 AppEnforce 23/11/2018 10:24:00 11328 (0x2C40)
    Current time: 2018-11-23 10:24:00:011 AppEnforce 23/11/2018 10:24:00 11328 (0x2C40)
    Actual elapsed time (in seconds): 0 AppEnforce 23/11/2018 10:24:00 11328 (0x2C40)
    Reconnecting to - Process Id: 9104, MaxRunTime: 7200000 AppEnforce 23/11/2018 10:24:00 11328 (0x2C40)
    Waiting for process 9104 to finish.  Timeout = 120 minutes. AppEnforce 23/11/2018 10:24:00 11328 (0x2C40)
    Process 9104 terminated with exitcode: 2 AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)
    Looking for exit code 2 in exit codes table... AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)
    Found a match in the soft reboot exit codes. AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)
    Matched exit code 2 to a PendingSoftReboot entry in exit codes table. AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)
spAppNS.Get(sObjPath.c_str(), &spObject), HRESULT=80041002 (appcommon.cpp,1578) AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)
Status is switching to PendingSoftReboot AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)
Reading status 'PendingSoftReboot' from current status object. AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)
Reading status 'PendingSoftReboot' from current status object. AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)
++++++ App enforcement completed (20 seconds) for App DT "Dell BIOS 1.2.17" [ScopeId_F56977EA-0FEE-4B1A-9159-0720F2CB1483/DeploymentType_941db094-34e8-40e6-8178-4a3ea9f1e18f], Revision: 9, User SID: ] ++++++ AppEnforce 23/11/2018 10:24:20 11328 (0x2C40)

And also bios installatin log OptiPlex_1.2.17_3060.log

**************************************************
***Dell Firmware Update started on 11/23/2018 at 10:24:00***
Command: C:\Windows\ccmcache\u\OptiPlex_3060_1.2.17.exe /s /p= /l=C:\Temp\OptiPlex_1.2.17_3060.log
WSMT Supported: Using WMI commands.
------------------------------------------
System BIOS with BIOS Guard [V17]: Current Version:BCD:1.2.14: --- New Version:BCD:1.2.17
Gigabit Ethernet    : Current Version:BCD:0.1: --- New Version:BCD:0.1
Intel Management Engine (Non-VPro) Update: Current Version:BCD:12.0.6.1120: --- New Version:BCD:12.0.6.1120
System Map          : Current Version:BCD:1.0.1: --- New Version:BCD:1.0.1
PCR0 XML            : Current Version:BCD:1.0.0: --- New Version:BCD:1.0.0
------------------------------------------
Located the dedicated image or no dedicated image requested for this system.
Comparing: description:System BIOS with BIOS Guard [V17] Device FW:1.2.14 : Payload FW:1.2.17
New Firmware is available for: System BIOS with BIOS Guard [V17]. Start RBU
Exit Code = 2 (Reboot Required)
***Dell Firmware Update finished at 11/23/2018 at 10:24:20***

Wasn’t so difficult, no, happy SCCM-ing :)

• SCCM
• BIOS
• Dell
• Create application

• Prev
• Next