SCCM 2012: Deploying Dell BIOS Updates using the Application Model (Updated)

UPDATE 2016-07-20: I’ve seen the comments about the download link not working.  I’ve instead made an updated script available on GitHub at https://github.com/dhedges01/Blog.  The new script uses new command line syntax as well so I’ve updated the post below to reflect those changes.

During a recent migration from SCCM 2007 to SCCM 2012 SP1, I wanted to really start taking advantage of the new Application Model for software and driver deployments. My goal was simple, to create an Application that would deploy any Dell BIOS Update, to any applicable system, and handle daisy-chaining and even reboots. All this without (much) scripting.

The process outlined below should give you a good understanding of the steps needed to create an Application and various Deployment Types with all of the necessary Detection, Requirement and Dependency Rules needed to successfully deploy Dell BIOS updates using Configuration Manager 2012.

Note: If you are reading this then you are likely familiar with my other post about Updating Dell BIOS with PowerShell.  Much of the concept and setup here is the same, however using the Application Model we get some added benefits.

  1. We only download content for our specific version.  If you have a lot of models to deal with (like I do), this really has an impact in overall download and execution times (My BIOS Update package was well over 300MB when I implemented this method).
  2. Configuration Manager 2012 now gracefully handles reboots from the Application Model meaning we only need to reference the step once in the Task Sequence.  We also don’t need to stage any subsequent updates to the local drive because we aren’t downloading ALL of the BIOS Updates.
  3. We get applicability reporting within Configuration Manager’s AppEnforce.log file which aids troubleshooting
  4. Using this model we can now more easily handle BIOS Updates from other vendors and can even deal with those pesky “Consumer” BIOS updates as well (I’m looking at you Dell XPS…).

First things first, gather up all the latest (tested) BIOS updates for the models you support and organize them (I organize them by model). Each “model” folder will end up being the Content Source location for each Deployment Type. (You could go a step further and create a Version# folder for each version of BIOS update.  But since each model will likely only have 1 or 2 applicable BIOS Updates, it’s not really necessary.)

image

Next up we create our custom SCCM Application. All fields are filled out manually. Make sure you use an appropriate naming convention according to your companies standards.

image

The next step is one that will be repeated over and over again (with a little assistance from the Copy function). We will start by creating the first of many Deployment Types. I’m going to use the BIOS updates for the Dell Latitude E6420 as my example in this post so you can see how to use dependencies in order to install “down level” updates in order.

I like to start with the lowest version number first so we can add the dependencies as we go. We’ll start off with version A05.  Provide the general items such as Name, Content Source, Installation Program, etc.

Installation Program: powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Bypass -Command ".\Invoke-BIOSUpdate.ps1 -UpdateFile .\E6420A05.exe -Arguments /s,/l="C:\WINDOWS\eBay_Deployments\Dell_BIOS_Update_E6420A05.log""

For the Detection Method, I chose to leverage a custom script to detect the BIOS version. This allows me to deal with those pesky “patch” updates that sometimes come out.

image

Here is the detection script I use:

   1: 'Change strBIOSUpdateVersion to the version you are deploying to

   2: strBIOSUpdateVersion = "A05"

   3:

   4: 'Get BIOS Version from Win32_BIOS

   5:

   6: Set objWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")

   7: Set colBIOS = objWMI.ExecQuery("Select * from Win32_BIOS")

   8: For Each objBIOS In colBIOS

   9:     If objBIOS.SMBIOSBIOSVersion >= strBIOSUpdateVersion Then

  10:         WScript.Echo "Detected"

  11:     End If

  12: Next

Add Requirements.

I created a custom Global Condition to echo out the Model from WMI. I use this requirement rule to ensure the Deployment Type only applies to the appropriate system type.

Here is the configured Global Condition:

image

And here is how it’s referenced within the Deployment Type:

image

Configure the User Experience.

Depending on how you configure the install command, you can have ConfigMgr handle the restart or allow the BIOS update to restart the computer. If you choose the latter, make sure you configure the appropriate return code so ConfigMgr is aware of a potential restart.

image

After setting up the first Deployment Type, hit the Apply button so the Deployment Type is saved within the application. Failing to do this will make it unavailable when you try to add it as a dependency.

Copy the Deployment Type and make the necessary updates to the Name, Content Source, Install Command and Detection Method. Click on the Dependency Tab and create a new Dependency Group. Then add a Dependency selecting the first BIOS update you created.

image

After all of the Deployment Types are created, distribute the content and deploy your new application to a test system (or you can add it into an OSD Task Sequence for testing, ConfigMgr should automatically handle the reboots and ensuring that all “down level” updates are applied in order for each model you add.

Update: 

One thing I forgot to mention in this post is the ordering of Deployment Type Priority.  When an application is evaluated, the client evaluates all of the rules for each Deployment Type in order of Priority.  Once it finds an applicable Deployment Type, it executes that one, and it no longer evaluates anymore Deployment Types within that application.  So, as an addendum to this posting, here is how I have the BIOS Updates in my Application sorted by priority.

 

ConfigMgr 2012 Dell BIOS Application Deployment Type Priority

 

As you can see from the screenshot above, I am ordering the Priority of evaluation looking at the Latest BIOS Version first.  Each “down level” BIOS Update is a dependency of the next highest version.  (i.e. A17 has a dependency of A08 and A08 has a dependency of A05).  What happens here is that if the requirements for A17 are not met (version is less than A17), then A17’s dependency (A08) will then be evaluated.  If A08’s requirements aren’t met, it will evaluate A05 and so on until all dependencies are evaluated and executed (in order).  Once the dependencies are met, then A17 can execute.

The important takeaway here is make sure your highest version of BIOS Update is evaluated first because once a Deployment Type is deemed applicable, ConfigMgr stops searching for others unless they are a dependency of the one it finds first.

Advertisements

SCCM/MDT 2012 BUG: Deploying Windows XP via USB Fails

Problem: When deploying Windows XP/2003 using the default SCCM 2012 SP1 Task Sequence with MDT 2012 Update 1 Integration, you receive the following error when first booting into the full OS:

"Windows could not start because of a computer disk hardware configuration problem. Could not read the selected boot disk. Check boot path and disk hardware. Please check the Windows documentation about hardware disk configuration and your reference manuals for additional information."

I ran into this issue in my SCCM 2012 environment because I currently don’t have PXE boot enabled (don’t want to interfere with our production 2007 environment).  Therefore I’m using a boot USB drive for all images while I build and test.

Explanation: So as not to steal Microsoft’s thunder, I’ll just link to the TechNet article describing this and their recommended solution.

Solution: Since the MDT Task Sequence template doesn’t contain a default “Restart to WinPE” step as mentioned in the TechNet article, I created a custom Restart Computer step shortly after my own custom HTA runs (Inside the Initialization node) of the Task Sequence.  Here is a shot of the conditions I am using:

image

SCCM/MDT 2012 BUG: Deploying Windows XP Fails with Default Task Sequence Settings

At my company we are undergoing a migration from SCCM 2007 to SCCM 2012.  During this transition period I decided to take the opportunity to revamp our OSD Task Sequences to leverage more of the MDT components than we had previously done. I started this off by leveraging the new MDT templates of SCCM 2012 SP1 with MDT 2012 Update 1 integrated.

Now I know what you are saying, “XP, time to get rid of that dinosaur!”.  I know, I know but I still have to support it for a little while longer as I’m sure many of you do as well.  Ok, enough of the back story, on to the problem and resolution!

Problem: OSD cannot find the specified target to lay down the XP/2003 Image.

Cause: This is due to the default conditions on the Format and Partition Disk 5.x step in the MDT Task Sequence.  The default conditions are as follows:

clip_image001

Unfortunately with these conditions, it will never evaluate to true because it needs ALL conditions to be met in order for the step to run. 

Solution:

Therefore, we need to tweak the condition logic a bit like so:

clip_image001[4]

There, that’s better.  By moving the ImageOSVer conditions under an “If Any” rule, we can let this step run if we are deploying XP OR 2003 Server (since we can’t deploy both at the same time).

Hopefully this information will help those of you out there that still need to support XP/2003 for a while longer.

Windows KMS Activation Lost

KMS licensing is great.  It makes deployment and license management extremely easy for IT, however every now and then something “goes wrong” and the system loses its activation status.

Luckily, Microsoft has a script called slmgr.vbs that is used to register and re-register Windows.  More information on slmgr.vbs can be found at http://technet.microsoft.com/en-us/library/ff793433

In order to re-correct this behavior and get the system talking to your KMS server again, you have a few options.

  1. Disjoin the system and re-join it to the domain.
  2. Reimage the system (not exactly a time saver here)
  3. Use slmgr.vbs to re-activate Windows.  (Note: slmgr.vbs can also be used to convert MAK licenses into KMS)

Today, we’ll be covering the third method of using slmgr.vbs to re-activate a Windows Vista and above client.  First off, we’ll need to drop to a command prompt and change directories over to C:\Windows\System32

In this directory you will find the slmgr.vbs script.  You can view all of the slmgr.vbs options at http://technet.microsoft.com/en-us/library/ff793433

For this example, we simply have a KMS client who is no longer talking to the KMS server and has lost its activation status.  For this, we will use the following command: slmgr.vbs /ipk <Product_Key>

Now you may be wondering where we find the Product Key at.  Luckily for us, Microsoft uses the same KMS License Key for KMS Activation (NOTE: You do have to have a KMS Server up and running for this to work).  You can find those Product Keys here: http://technet.microsoft.com/en-us/library/ff793421.aspx

*Update* After issuing the slmgr.vbs /ipk command above, you now need to activate the key.  This forces the system to actually use the newly installed key with your KMS server.  The command for that is slmgr.vbs /ato

Updating Dell BIOS with PowerShell (Updated)

Some of you may be familiar from my earlier article “Dell BIOS Updates with PowerShell” and hopefully you have gotten some good use out of it.  There have been a few comments on that article and over time I’ve also had some issues with that version of the script brought to my attention.

Some of these issues are:

  1. 1. Dell OptiPlex 745 updates don’t work because of the naming convention
  2. 2. Bios updates are overriding newer versions that come from the factory
  3. Still not updating to the latest available version due to supersedence rules for the BIOS updates (i.e. Needing A05, then A08, then finally A12).

So with that I fired up PowerGUI and started analyzing the entire flow of the script.  And more importantly kept in mind the overall process needed when multiple versions of a BIOS Update may be required (from A01 to Axx).  With this new script, I’ve introduced some new “features”

  1. Added a loop to parse multiple available BIOS update files
  2. Added a switch condition to allow for “oddly-named” BIOS file versions (read: OptiPlex 745)
  3. Added BIOS Release Date information (Universal Time Format) to check for BIOS “Patches” (i.e. P02 on Latitude E6410/E6510)
  4. Added OSD-Specific tasks (separate script)
  5. Embedded function for actually invoking the BIOS Update process itself with custom parameters.
  6. Removed dependency on Dell OMCI for BIOS identification (using Win32_BIOS now)

Dell_BIOSUpdates.zip

Using this with OSD/MDT

I’m not going to go over the script in its entirety here, however I will put out a few things specifically for using the “OSD” version of the script.  This additional script will connect to the Microsoft.SMS.TSEnvironment in order to interact with and create a new Task Sequence Variable.

When using this with OSD/MDT, you’ll want to have the script run multiple times in order to fully update the BIOS to the latest possible revision in the case that multiple executions are necessary.  Below I’ve documented the process that I have implemented to do just this.


Task Sequence Structure:

shot_662012_104220_amAs you can see here, we have multiple nested groups that will run the Dell BIOS Update script and enforce a reboot after the update has been staged.  One thing to point out here is that after the first run (which I’m calling as a regular Package/Program) is the word “Local”.  That’s right, the OSD script is copying the model-specific BIOS Updates locally (if there is more than one) so we don’t re-download the whole package again.

Update BIOS Group Condition:

shot_662012_105011_am

Update Dell BIOS Run Commandline:
powershell.exe -NoProfile -NonInteractive -File
“C:\Temp\Dell_BIOS_Updates\Invoke-DellBIOSUpdate-OSD.ps1”

Dell_BIOSUpdates.zip

Integrating Dell XPS 13 USB 3.0 Drivers into WinPE 3.x

As most of you know by now, Dell’s “newly” released XPS 13 Ultrabook contains a USB 3.0 chipset which also means you have to deal with a new, non-native driver for use with Windows PE.  With that, here is a quick and dirty guide on what drivers are needed for the XPS 13 for Windows PE.

Download the drivers:

Obviously the first step is to obtain our drivers.  So lets go to http://support.dell.com and download them from the appropriate product page.  Here is the direct link to the current version of the driver (You’ll want to check for updated versions as this may become outdated quickly): Dell Fresco Logic xHCI (USB3) Controller FL1009 Series

Extracting the drivers:

The next step is to extract the drivers.  Using Dell’s utility or a program like 7-zip, extract the drivers to a folder.  In here is the full setup MSI and the fully extracted drivers. 

Gathering the drivers:

There are 2 drivers we will need out of this (2 per architecture, so 4 total).  In the picture below, I have highlighted the directories that contain the x86 and x64 versions of the 2 drivers you need.

image

Simply import these drivers into SCCM/MDT (remember to give them a Category!) and inject into your boot images like normal.  If done properly, you should have the following 2 drivers in your boot images:

image

Dell BIOS Updates with PowerShell

The other day I was discussing with my colleagues about how we were going to deliver Dell BIOS updates to clients during our SCCM OSD deployments.  Several solutions were brought up including using SCUP 2011, a standard software package or just saying forget it and let the desktop support technicians handle it.

We don’t yet have SCUP 2011 implemented in our environment and really don’t have the time to learn it and setup the proper processes (development, testing, release) so I set out to develop a script that would allow us to install it on all of our Dell hardware with ease.

There were 2 main criterion required of this script.

  1. It must “stage” the BIOS update but not force a reboot (OSD must handle that piece)
  2. It must be easy to update the package (even for non-scripters) to support new models or update BIOS versions

That being said, the script described below does just that.  But before we get to the script, lets take a look at the folder structure.  The main folder of the package contains the Invoke-DellBIOSUpdate.ps1 PowerShell script and a bunch of folders all corresponding to the model of a Dell system.  Inside each folder is a *SINGLE* BIOS Update File (You’ll see why I bolded the word single in a bit).

imageimage

Ok, now that we got the directory structure piece out of the way, lets get to the script.  In this first section, we simply gather the current directory, current system model and current installed BIOS version.

*NOTE: I’m referencing the new namespace for Dell OMCI 8.x.  Change this if you are using an older version of Dell OMCI*

$ScriptFolder = Split-Path -Parent $MyInvocation.MyCommand.Definition
$Model = $((Get-WmiObject -Class Win32_ComputerSystem).Model).Trim()
$BIOSVersion = (Get-WmiObject -Namespace root\DCIM\SYSMAN -Class DCIM_BIOSElement).Version

Well that was pretty easy wasn’t it?  But the work isn’t done yet.  The next few steps include:

  • Verifying there is an available BIOS Update for the current system model
  • Identify the version number of the BIOS Update File
  • Verify that a BIOS Update is needed by the system
  • Execute the BIOS Update itself
Doesn’t sound so hard now does it?  Here is the code to do it:
$ScriptFolder = Split-Path -Parent $MyInvocation.MyCommand.Definition
$Model = $((Get-WmiObject -Class Win32_ComputerSystem).Model).Trim()
$BIOSVersion = (Get-WmiObject -Namespace root\DCIM\SYSMAN -Class DCIM_BIOSElement).Version            

if(Test-Path -Path $ScriptFolder\$model)
{
 $BIOSUpdateFile = Get-ChildItem -Path $ScriptFolder\$Model
 $BIOSUpdateFileVersion = $BIOSUpdateFile.ToString() -replace ($BIOSUpdateFile.Extension,"")
 $BIOSUpdateFileVersion = $BIOSUpdateFileVersion.Substring($BIOSUpdateFileVersion.Length -3)                   

 if($BIOSVersion.CompareTo($BIOSUpdateFileVersion) -eq 0)
 {
  Write-Output "BIOS Version is up to date"
 }
 else{
  Try{
   Write-Output "BIOS Update Needed. Attempting BIOS Flash Operation..."
   #Invoke-Expression $ScriptFolder\$Model\$BIOSUpdateFile " /quiet"
   $objStartInfo = New-Object System.Diagnostics.ProcessStartInfo
   $objStartInfo.FileName = "$ScriptFolder\$Model\$BIOSUpdateFile"
   $objStartInfo.Arguments = "-noreboot -nopause -forceit"
   $objStartInfo.CreateNoWindow = $true
   [System.Diagnostics.Process]::Start($objStartInfo) | Out-Null
  }
  Catch{[Exception]
   Write-Output "Failed: $_"
  }
 }            

 Write-Output "End Dell BIOS Update Operation"
}
else
{
 Write-Output "Model Not Supported"
}

OK, now for the explanation of all that nonsense above.  The first thing we are doing in the “if” statement is checking to see if there is a folder with the current system model available.  That will tell us if the package repository is setup to support the current model.  Once we are actually inside the if-loop we create a couple more variables for use.  $BIOSUpdateFile simply gets the BIOS Update File (the .exe) and stores all it’s properties/methods into this variable.  This is now an Object!

The next variable is $BIOSUpdateFileVersion.  This variable stores the actual file version of the BIOS Update File by first stripping off the extension of the file name, then by using the Substring() method to capture only the last three characters.  As you can see from the picture above, the Dell BIOS Update file uses the A## indicator for their BIOS version.

Once we’ve gathered this information, we can then use the .CompareTo() method to compare the installed BIOS Version ($BIOSUpdateFileVersion) and the BIOS Update File Version ($BIOSUpdateFileVersion).  If they are a match, we need not proceed further and can quit.  Otherwise, we need to execute the BIOS Update File silently and without reboot.  We do this by invoking the [System.Diagnostics.Process].  Here we can set the necessary arguments, window style (CreateNoWindow for OSD) and actually Start the process.

The magic of this script is that you don’t actually  have to update the script when adding new models or updating the BIOS version.  Simply add a new folder with the appropriate name, or replace the existing BIOS update file with a new one and the script will handle the rest.