I seem to have found a bug in Dell's newer BIOS configuration tools (DCC
3.0.x). This will prevent automating BIOS configurations (to
enable/activate the TPM chip) with ConfigMgr. Has anyone experienced the
following or know if it's by design??
More details:
In order to enable/activate the TPM, a BIOS password must be set. Normally,
we can set the password, enable TPM, then remove the password. However, the
problem to remove the password is being seen as a two-fold problem.
1. The GUI wizard tool to create the configuration, does not allow for
building the configuration if the value is left blank (meaning to clear the
password).
2. The DCC toolset includes the set of files ("cctk") which can be
used directly rather than the wizard. These files can be run with the
proper command line parameters to accomplish the same goal. When running
the commands manually, it succeeds. But running the commands via SCCM, it
fails.
If the problem is not by design, then it may mean a feature enhancement (in
#1) or a bug fix (in #2). Otherwise, possible workarounds include:
* Enable a BIOS password, and do not remove it
o Pro - no additional work needed, plus it would help prevent users from
disabling TPM and potentially corrupting their disk encryption and data loss
o Con - IT needing to remember the BIOS setup password
* Install the DCC toolset
o Pro - would allow for registration of the proper DLLs (or whatever) that
allows using the "cctk" directly
o Con - it's an unnecessary administrative tool to be installed for the
general user, or it will prolong the process to install the toolset, and
then do a follow-up uninstall
* Have a technician manually make the changes (not recommended)
Nick | <http://t3chn1ck.com> http://t3chn1ck.com
