Thursday, December 12, 2019

HP BIOS Update during OS Deployment - MDT

This blog is about how I added BIOS Update in Task Sequence.
Courtesy - https://deploymentbunny.com/2016/07/20/osd-bios-upgrade-during-os-deployment-in-mdtconfigmgr-v3/

The main reason to modify the script is that the amount of different model we have in our production. Even though the majority of them are HP, but it was kept on growing.

The things you need to get it working are listed below.

ModelAliasExit.vbs
InstallBios.ps1
HPBIOS Updates

First Copy the ModelAliasExit.vbs to the script folder in the deployment share. This script is used to detect the Model of the machine.  Please download it from the below location.

https://github.com/DeploymentResearch/DRFiles/blob/master/Scripts/ModelAliasExit.vbs

Once the script is copied, Edit the custom.ini file and add the below lines at the top.

[Settings]
Priority=Default
Properties=NeedReboot,MakeAlias,ModelAlias

After editing the custom.ini file, Copy the below script to notepad and save it as InstallBios.ps1.

#Set BIOS Update File

Function Import-SMSTSENV{
    try
    {
        $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment
        Write-Output "$ScriptName - tsenv is $tsenv "
        $MDTIntegration = "YES"
       
        #$tsenv.GetVariables() | % { Write-Output "$ScriptName - $_ = $($tsenv.Value($_))" }
    }
    catch
    {
        Write-Output "$ScriptName - Unable to load Microsoft.SMS.TSEnvironment"
        Write-Output "$ScriptName - Running in standalonemode"
        $MDTIntegration = "NO"
    }
    Finally
    {
    if ($MDTIntegration -eq "YES"){
        $Logpath = $tsenv.Value("LogPath")
        $LogFile = $Logpath + "\" + "$ScriptName.log"

    }
    Else{
        $Logpath = $env:TEMP
        $LogFile = $Logpath + "\" + "$ScriptName.log"
    }
    }
}
Function Start-Logging{
    start-transcript -path $LogFile -Force
}
Function Stop-Logging{
    Stop-Transcript
}
Function Invoke-Exe{
    [CmdletBinding(SupportsShouldProcess=$true)]

    param(
        [parameter(mandatory=$true,position=0)]
        [ValidateNotNullOrEmpty()]
        [string]
        $Executable,

        [parameter(mandatory=$false,position=1)]
        [string]
        $Arguments
    )

    if($Arguments -eq "")
    {
        Write-Verbose "Running $ReturnFromEXE = Start-Process -FilePath $Executable -ArgumentList $Arguments -NoNewWindow -Wait -Passthru"
        $ReturnFromEXE = Start-Process -FilePath $Executable -NoNewWindow -Wait -Passthru
    }else{
        Write-Verbose "Running $ReturnFromEXE = Start-Process -FilePath $Executable -ArgumentList $Arguments -NoNewWindow -Wait -Passthru"
        $ReturnFromEXE = Start-Process -FilePath $Executable -ArgumentList $Arguments -NoNewWindow -Wait -Passthru
    }
    Write-Verbose "Returncode is $($ReturnFromEXE.ExitCode)"
    Return $ReturnFromEXE.ExitCode
}

# Set vars
$SCRIPTDIR = split-path -parent $MyInvocation.MyCommand.Path
$SCRIPTNAME = split-path -leaf $MyInvocation.MyCommand.Path
$SOURCEROOT = "$SCRIPTDIR\Source"
$SettingsFile = $SCRIPTDIR + "\" + $SettingsName
$LANG = (Get-Culture).Name
$OSV = $Null
$ARCHITECTURE = $env:PROCESSOR_ARCHITECTURE


#Try to Import SMSTSEnv
. Import-SMSTSENV

# Set more vars
$Make = $tsenv.Value("Make")
$Model = $tsenv.Value("Model")
$ModelAlias = $tsenv.Value("ModelAlias")
$MakeAlias = $tsenv.Value("MakeAlias")

#Get Bios Info from source folder

$CurrentBiosVersion = Get-Content "$SCRIPTDIR\Source\$Model\BIOSVer.txt"
$BIOSName = Get-Content "$SCRIPTDIR\Source\$Model\BIOSName.txt"

#Start Transcript Logging

. Start-Logging

#Output base info
Write-Output ""
Write-Output "$ScriptName - ScriptDir: $ScriptDir"
Write-Output "$ScriptName - SourceRoot: $SOURCEROOT"
Write-Output "$ScriptName - ScriptName: $ScriptName"
Write-Output "$ScriptName - Current Culture: $LANG"
Write-Output "$ScriptName - Integration with MDT(LTI/ZTI): $MDTIntegration"
Write-Output "$ScriptName - Log: $LogFile"
Write-Output "$ScriptName - Model (win32_computersystem): $((Get-WmiObject Win32_ComputerSystem).model)"
Write-Output "$ScriptName - Name (Win32_ComputerSystemProduct): $((Get-WmiObject Win32_ComputerSystemProduct).Name)"
Write-Output "$ScriptName - Version (Win32_ComputerSystemProduct): $((Get-WmiObject Win32_ComputerSystemProduct).Version)"
Write-Output "$ScriptName - Model (from TSENV): $Model"
Write-Output "$ScriptName - ModelAlias (from TSENV): $ModelAlias"

#Check Model
if($((Get-WmiObject Win32_ComputerSystem).model) -eq $Model){
    Write-Output "Model is $((Get-WmiObject Win32_ComputerSystem).model)"
    Write-Output "Checking BIOS Version"
    Write-Output "Version is $((Get-WmiObject Win32_Bios).SMBIOSBIOSVersion)"
    if($((Get-WmiObject Win32_Bios).SMBIOSBIOSVersion) -ne $CurrentBiosVersion){
        Write-Output "Needs upgrade"
        $Exe = 'HPBIOSUPDREC64.exe'
        $Location = "$SCRIPTDIR\Source\$Model"
        $Executable = $Location + "\" + $exe
        Set-Location -Path $Location
        Invoke-Exe -Executable "$Executable" -Arguments "-s -r -f $BIOSName -b" -Verbose
    }
    else
    {
        Write-Output "No Need to upgrade"
    }
}

#Stop Logging
. Stop-Logging

Next, create an application using InstallBios.ps1.



Make sure the folder structure is correct as per the below picture.
Please download and copy the bios file to the source folder and make sure it the folder name is the same as the machine model name.


Once you copied the necessary BIOS file, you have to create two text files called BIOSName.txt and BIOSVer.txt.

BIOSName.txt file has the name of the BIOS File, and BIOSVer.txt has the BIOS Version






















Next step is to add the application to the task sequence. Make sure you add the task it in the system restore section of the task sequence. I have created a group called 'BIOS Update' and add the application. A computer restart is necessary after the BIOS installation, you can add it in the script or create a computer restart task.



















Update the deployment share and you are ready to run the task sequence.


Find GPO's applied to a computer if the gpresult /r and rsop.msc failed to load due to permission

How to see the group policies applied to a computer if the gpresult /r and rsop.msc failed to load due to domain permission Run the command ...