Overview

This post provides a PowerShell script that creates an SCCM package to employ a bypass method for overriding the BIOS administrator password, allowing for critical maintenance tasks to be performed without password prompts.

Instructions

  1. Copy the provided PowerShell script to a location on your SCCM server.
  2. Adjust the script variables such as $SCCMServer, $SiteCode, and $PackageSourcePath to fit your environment.
  3. Run the script in PowerShell to create the SCCM package for BIOS password override.
  4. Distribute the package to the appropriate distribution points within SCCM.
  5. Monitor the deployment to ensure that the BIOS password bypass is applied on all targeted systems.

What the Script Does

This PowerShell script automates the creation of an SCCM package that bypasses the BIOS administrator password for critical maintenance tasks. This ensures that the system will not prompt for a password during reboot or resume, allowing for seamless maintenance operations.

PowerShell Script

# Define Variables
$SCCMServer = "\\YourSCCMServer"
$SiteCode = "YourSiteCode"
$ScriptName = "BIOS-Password-Override"
$ScriptDescription = "Employs a bypass method to override the BIOS administrator password for critical maintenance tasks."
$PackageSourcePath = "C:\Scripts\$ScriptName"

# Load SCCM PowerShell Module
Import-Module "$($Env:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" -Force

# Connect to the SCCM Site
cd "$SiteCode`:"

# Check if a package with the same name exists and delete it
$ExistingPackages = Get-CMPackage -Name $ScriptName -ErrorAction SilentlyContinue

if ($ExistingPackages) {
    foreach ($Package in $ExistingPackages) {
        Remove-CMPackage -Id $Package.PackageID -Force
    }
}

# Create the Package Source Directory if it does not exist
if (!(Test-Path -Path $PackageSourcePath)) {
    New-Item -ItemType Directory -Path $PackageSourcePath -Force
}

# Create the PowerShell script
$ScriptContent = @'
# Employs a bypass method to override the BIOS administrator password
Import-Module DellBiosProvider
Function PasswordBypass {
    PROCESS {
        Set-Item -Path DellSmbios:\Security\PasswordBypass "Reboot and Resume Bypass" -ErrorVariable ev
        if ($ev) {
            Write-Warning "$ev Error occurred in $($ev.InvocationInfo.ScriptName)"
        }
    }
}
'@

$ScriptPath = "$PackageSourcePath\BIOS-Password-Override.ps1"
Set-Content -Path $ScriptPath -Value $ScriptContent

# Create the SCCM Package
$Package = New-CMPackage `
    -Name $ScriptName `
    -Description $ScriptDescription `
    -Path $PackageSourcePath

# Create a Program for the Package
$Program = New-CMProgram `
    -PackageName $ScriptName `
    -StandardProgramName $ScriptName `
    -CommandLine "powershell.exe -ExecutionPolicy Bypass -File BIOS-Password-Override.ps1" `
    -ProgramRunType "WhetherOrNotUserIsLoggedOn"

# Distribute the Package to the Distribution Point but do not deploy
Start-CMContentDistribution `
    -PackageName $ScriptName `
    -DistributionPointName "YourDistributionPointName"

Explanation

This script employs a bypass method to override the BIOS administrator password, allowing for critical maintenance tasks without password prompts. The package is distributed via SCCM to ensure that the setting is applied consistently across all targeted systems.

Tags:

#BIOS #PasswordOverride #PowerShell #SCCM