Creating BIOS Configs and ingesting it during the imaging process is a tad bit old school when you think about moving to newer technologies that can do the same. Microsoft Intune recently introduced the BIOS Config Profile as a template in Intune. At this stage, DELL devices can be set up with this.
At the time of writing, only Dell is available as the Hardware option to select and config the profile. So lets jump in.
This is a 3 step process
- Creating your Config file using the Dell Client Configuration Toolkit (CCTK)
- Creating the Config Profile in Intune and import the CCTK file
- Create the Win32 App to be created that contains the agent
- Wrapping Up
Creating your Config file using the Dell Client Configuration Toolkit (CCTK)
- Go to https://www.dell.com/support/home/en-au/drivers/driversdetails?driverid=yypgt download the toolkit software and install it on one of the devices
- Go to the Create Package option
- Select the required option.
For demo purposes, I will be going with the Multi-platform File option
You can also use the A Saved File option to import a .cctk file that you have already created and using in your fleet
- Select the Edit button on top and start adding the required options
- Select the Export Configuration option
- Save the file in a location with the .cctk file format
🔗Full details on the CCTK can be found here:
https://www.dell.com/support/kbdoc/en-au/000134806/how-to-install-use-dell-client-configuration-toolkit
Creating the Config Profile in Intune and import the CCTK file
- Go to the Intune Portal > Devices > Windows > COnfigueration Profiles > New Policy > Select Templates and Windows 10 and later as the Platform > BIOS Configuration and other settings profile
- Provide a meaningful profile name
- Create the profile as below by providing the Config file created and exported in the previous step
- Assign it to the required devices.
Per-device BIOS Password Protection
With this option, you can save the per-device BIOS password in the Inutne Object. However, I could not find any Microsoft documentation explaining the scenario at the time of writing.
Also as you may already know, setuppwd value can be used to set a common BIOS password across the devices fleet.
Create the Win32 App to be created that contains the agent
When you head to the above config profile, you will see the below message.
What does it say? This is a mandatory Win32 app that needs to be installed on the Dell devices that you plan on managing the BIOS using Intune. This app will decode the CCTK file and set the BIOS settings accordingly.
There are 2 ways to get aroud this
Use the Enterprise App catalog
Use the Enterprise App catalog to create the Dell Command App for you – Easy! but make sure you have the appropriate Intune licenses to do so.
A few clicks later….
OR
Use IntuneWinAppUtil Program
Use the IntuneWinAppUtil program to re-wrap the Dell Command app as a .intunewin file
- Use this link to download the DELL Command | Endpoint Configure for Microsoft Intune exe file
🔗 https://www.dell.com/support/home/en-au/drivers/driversdetails?driverid=T88X8
- Download the software as mentioned.
- Use Win32 Content Prep Tool to package the file as a .intunewin file.
Use this URL to download the utility:
🔗 https://github.com/microsoft/Microsoft-Win32-Content-Prep-Tool
- Use this article from Dell when adding the Installation commands in the Intune Win32 App creation.
It is important to install this application as a mandatory app on the devices during the Autopilot process! In other words on the same devices that you are targetting the Config profile we cerated in the step 2.
Wrapping Up
I would like to see more device manufacturers come into the same platform so organizations can utilize Intune to manage device BIOS using the same method for the diverse device fleet and will be able to move from other on-prem based or cloud workaround type methods.
Discover more from EMS Route
Subscribe to get the latest posts to your email.
EMS Route 
One thought on “How to Use Intune to Create a Dell BIOS Config Profile?”