Weekly Tip 64

Enable Secure Boot on Dell Optiplex/Latitude Models

First, remember that Secure Boot is only support on Windows 8 and higher. Windows 7 will NOT boot with Secure Boot enabled.

For this, you will need the Dell Command | Configure tool, available here: https://en.community.dell.com/techcenter/enterprise-client/w/wiki/7532.dell-command-configure. Install this tool on a reference machine. You will need to copy the C:\Program Files (x86)\Dell\Command Configure\X86_64 directory to the machines where you want the BIOS changed. You can do this Group Policy, ConfigMgr, or any other desktop management software. Once copied, you can execute this command (assuming that you copy that directory to C:\Windows\cckt):

C:\Windows\cctk\X86_64\cctk.exe –secureboot=enable

If you have your BIOS password protected, add “–valsetuppwd=<password>” to the end.

For those with ConfigMgr, you can build an application to run this. This application can also be added to your task sequences to set Secure Boot on all machines. I recommend a PowerShell script as your detection method if you use an application. This one works for me (or anything else using cckt):

# test for presence of cctk
If ((test-path C:\Windows\cctk\X86_64\cctk.exe) -eq $false) { exit }

# set variable for compare
$detection = “secureboot=enable”

# get current settings
$settings = C:\Windows\cctk\X86_64\cctk.exe –secureboot

# test settings, return if they match
If ($settings -eq $detection) { return $true }

It will exit immediately if it does not detect the cctk bits. This is a “bad” exit that will report not installed to ConfigMgr. It then compares what the setting should be to what the setting currently is current at. If they match, it returns that the application is installed.

Disclaimer

All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=