You really don't have to go that far. Depending on the system you can open the case and move the jumper on the motherboard to disable the password, then update and then restore the jumper.
If you let me know the system type I can let you know if it is present, and its location.
You should be able to provide the password to CCTK via command-line switch. If you don't want the user to see it, you would have to put it in a script or encapsulate it with a wrapper. I don't know if the new CCTK Self-Contained Executables will do that for you, but I would look there first.
I should have mentioned that the protected BIOS is intentional.
I have a couple thousand machines, many of which are at remote offices, and I lock down the BIOS so that end-users cannot make changes to the boot order and enabled devices.
With DCCU, it was possible to take the BIOS update file and modify it--somehow inject the BIOS password into it so to speak--in order for end-users to run the BIOS updates without knowing the passwords.
Mostly just tryign to see if there's any way to do the same thing in CCTK.
FYI, question 20 of the CCTK FAQ says SCE passwords are encrypted. I have no idea how good the encryption is though. I wish there was a way to pass an encrypted password file to CCTK command line like I can with HP BIOS tools.
Unfortunately CCTK command line can't accepted encrypted password files like HP's tools do. This is a shortcoming of Dell's tools in my opinion.
DELL-Chris H
Moderator
•
9.7K Posts
0
December 15th, 2011 12:00
Faeren,
You really don't have to go that far. Depending on the system you can open the case and move the jumper on the motherboard to disable the password, then update and then restore the jumper.
If you let me know the system type I can let you know if it is present, and its location.
DELL-Warren B
1.1K Posts
0
December 15th, 2011 13:00
You should be able to provide the password to CCTK via command-line switch. If you don't want the user to see it, you would have to put it in a script or encapsulate it with a wrapper. I don't know if the new CCTK Self-Contained Executables will do that for you, but I would look there first.
faeren
1 Rookie
•
3 Posts
0
December 15th, 2011 13:00
Chris-
I should have mentioned that the protected BIOS is intentional.
I have a couple thousand machines, many of which are at remote offices, and I lock down the BIOS so that end-users cannot make changes to the boot order and enabled devices.
With DCCU, it was possible to take the BIOS update file and modify it--somehow inject the BIOS password into it so to speak--in order for end-users to run the BIOS updates without knowing the passwords.
Mostly just tryign to see if there's any way to do the same thing in CCTK.
FM.
Clint11
1 Rookie
•
57 Posts
0
December 15th, 2011 17:00
The whitepaper for enabling TPMs with CCTK's 2.0+ SCE feature goes over setting/specifying BIOS passwords so that should help you.
FYI, question 20 of the CCTK FAQ says SCE passwords are encrypted. I have no idea how good the encryption is though. I wish there was a way to pass an encrypted password file to CCTK command line like I can with HP BIOS tools.
Unfortunately CCTK command line can't accepted encrypted password files like HP's tools do. This is a shortcoming of Dell's tools in my opinion.
Clint11
1 Rookie
•
57 Posts
0
December 18th, 2011 20:00
It would also be great if what you described DCCU could do could also be done with CCTK.