• Insights

Deploying BIOS updates during SCCM Task Sequence or Advertised Program

Matthew Evans

2 min read

All Insights

As part of a desktop deployment project it is always a good time to make sure that all workstations have been updated to a consistent BIOS revision level to make sure any problems are not related to BIOS inconsistencies between workstations.

First you need to download the required BIOS update from your hardware vendor and create a normal SCCM Package and Program for it.  For most recent Dell hardware the typical command line to deploy the BIOS update silently and without rebooting looks like this for a Dell Latitude E6420 laptop:

 

“E6420A02.exe” -NOPAUSE -NOREBOOT

Then once the Package and Program are built you can create a new step in your Task Sequence that installs a the Package (just like any other software Package).  First, make a folder that limits the new BIOS software to only run on the correct model type using a WMI query (this process is not covered in this post).   With the folder limited to a particular model type it isn’t necessary to limit each installation to a particular model type, but only to the particular BIOS version.  The folder and package steps should look like this in the Task Sequence:

Task Sequence Folder

Once the installation package has been created in the task sequence and named appropriately, click on the Options tab and click the “Add Condition” button and choose “Query WMI”.

Make sure your WMI Namespace is:

 

rootcimv2

Then paste the following in your WQL Query:

 

select * from WIN32_BIOS where SMBIOSBIOSVersion < “A02”

SCCM WMI Query for BIOS Versions

This will run this Task Sequence step on all Dell Latitude E6420 laptops (based on the WMI query set at the folder level) that have a BIOS version less than A02, and will skip this step for all computers that have already been upgraded to version A02 or above.

Remember to also add a “Restart Computer” step afterwards to apply the new BIOS to the workstation.

While the above steps will cover any computers that are being reimaged, computers on the floor may still be running older versions of the BIOS.   To update the computer BIOS after initial deployment you need to create a new SCCM Collection.  Again, I already have Collections created in SCCM that limits by Model type (not covered by this post), so this new Collection is built using the parent collection using the “Limit to collection” setting:

SCCM Collection Limited to Parent

Then under the “Edit Query Statement” click the “Show Query Language” and paste in the following WQL query:

 

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_PC_BIOS on SMS_G_System_PC_BIOS.ResourceID = SMS_R_System.ResourceId where SMS_G_System_PC_BIOS.SMBIOSBIOSVersion < “A02”

Click OK to get back to the Configuration Manager Console and then go Advertise the BIOS program you previously created to this new Collection.  Now only users on a Dell Latitude E6420 without the A02 BIOS installed on their workstation will be able to run this update now, helping to keep all your workstations up to date.


Learn more about SCCM/MECM and Managed Desktop Services:


Kat's CTA