Dell BIOS update not working?
I use the Dell Updates section to setup a patch schedule containing a label containing 1 BIOS update and deploy it to one machine (OptiPlex 990).
When I click run now and wait for a bit, it says "completed" in the status. Yet when I check my system BIOS version it is still A18 and not A24, which is what the update was for.
Anything I am missing?
there is currently an issue with the BIOS updater by Dell which is used by KACE.
The workaround is the following:
1. create a smart label for all devices of one model and the minimum version which can update to this version and less the version you want to update to.
Smart label, so all updated machines go out of the label and you don't need to take care of it anymore, just delete the label when it is empty or recycle for the nest update
2. Download the BIOS update from the Dell Page
3. Create a managed Installation for it. BIOS.EXE /s /f /r /p=YOURSECRETBIOSPASSWORD
/s installs silently
/f forces the installation
/r reboots after the update preparation
/p provides the BIOS-Password
4. Add the smart label to the MI and let it run. Have nice messages, that the update needs time and the user should not interrupt it and shutdown the PC.
If you have Bitlocker enabled you should disable bitlocker before you update it and reenable it afterwards. In that case a Script would be more effective.
We had issues with a few things with the Kace dell patching section...
1. you have to have the newest Dell Agent installed in order to detect other updates needed (run detect for just agent, deploy, reboot)
2. then detect for updates (Bios etc..) however it did NOT detect until AFTER the device was inventoried UGH! so Force inventory, then detect
3. Detect for updates AGAIN.
4. Deploy updates, if you use bitlocker (like we do) it does NOT always allow bios to update, and on many devices prompts for the bitlocker password ugh!
3 another force inventory and new detect to show that the update was successfully installed...
Seems like way too much crap to go through just to get a Bios update (in our situation anyways)
So instead, what I do is this...
I download the newest bios for our devices (in our case the desktops are 5080, 5090 & 3000 Optiplex's)
I zip those up into bios.zip with 3 folders 1 for each model (and can add as many models as you need into seperate folders..)
I then attach that as a dependencies to a script that runs powershell that does the following...
1.Creates folder where I want the install files stored
2. unzips the zip file to that location
3. detects what model the computer is and sets the $biosFile path to the install file based on the model
4. checks if bitlocker is enabled, and if so suspends bitlocker
5. Installs the bios with /s /f (Silent and Force) and waits for the process to finish (with lines "$biosProcess = Start-Process -FilePath $BiosFile -ArgumentList "/s /f" -PassThru" AND $BiosProcess.WaitForExit()"
6. then after the bios install file finishes, the script checks to see if any user is currently logged in (in case someone just logged in while bios was updating) if no user, computer reboots.. If user is logged in
then I trigger the KUserAlert.exe (which you can use to pop up the same kace message boxes & customize what you want it to say...
1st I pop up a message that just says "IT updated your system, and it needs to be rebooted..." is auto closes in 1 minute, or if they click OK,
2nd I pop up another message that says "COMPUTER WILL REBOOT IN ABOUT 5 MINUTES..." again it auto closes in 1 minute or if they click OK
3rd I pop up 1 last message that says "REBOOTING... in 5 minutes, or as soon as you click OK. If you have any questions, put in an IT ticket. Thank you DO NOT interrupt the reboot process the computer can become unusable" now that message auto closes in 5 minutes, or if they click OK
then the computer is forced to reboot...
So far I have had great success with this, I am also in the process of creating a similar script for our HP devices.. so about 2300 devices in all...