/build/static/layout/Breadcrumb_cap_w.png

Need help with a Custom Inventory Script to identify if Secure Boot is Enabled and what BIOS Mode the machine is running in

Add your rating:--------------------
I am trying to create a Custom Inventory Script that inventories for Secure Boot status and BIOS Mode being used. Trying to determine which machines can have Secure Boot enabled quickly versus a bit more work involved to possibly change boot drive to GPT before being able to change to UEFI BIOS Mode and then enabled Secure Boot. Here's what I have so far. The Secure Boot Custom Inventory does display on the machine but BIOS Mode fails to pull the correct information. ShellCommandTextReturn(powershell -command "& {$sb=Confirm-SecureBootUEFI 2>$null; if ($sb -eq $true) {'Secure Boot: Enabled'} else {'Secure Boot: Disabled'}; (Get-WmiObject -Class Win32_ComputerSystem | Select-Object -ExpandProperty BIOSMode)}") Can anyone assist with getting that second portion functioning properly?

0 Comments   [ + ] Show comments

Answers (2)

Posted by: Nico_K 1 month ago
Red Belt
0

the powershell variable $env:firmware_type contains Legacy or UEFI, so

powershell $env:firmware_type

could be easier.

Get-ItemProperty `-Path hklm:\System\CurrentControlSet\Control\SecureBoot\State ` |Select-Object UEFISecureBootEnabled

brings the nessesary info (0,1 or ERROR) about Secure Boot enabled or not (0 if not enabled, 1 if enabled and an error message if non UEFI)


Posted by: ronni3 1 month ago
Senior White Belt
0
I tried adding what you suggested but I may not be well versed enough in scripting for the Kace appliance. Any chance you could assist with providing a full custom inventory script that you think could work?

Comments:
  • ShellCommandTextReturn(powershell $env:firmware_type)
    and the other
    ShellCommandTextReturn(powershell Get-ItemProperty `-Path hklm:\System\CurrentControlSet\Control\SecureBoot\State ` |Select-Object UEFISecureBootEnabled )
    or part of your script if you want change the results in your own answers etc - Nico_K 1 month ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ