Scan Secure Boot Enabled PC's

Comments

4 comments

  • Sam T.

    If you have Windows 7, then Secure boot must be disable to enable legacy support. 

    If you have Windows 8/10 then Secure boot should be enable by default.

     

    What are you trying to archived?

    0
    Comment actions Permalink
  • Donny B.

    All of our pc's are Windows 10. However up until recently none of them had Secure Boot enabled by default. We never have had it enabled until recently because I never bothered to get it working with MDT deployments. The problem right now is we are looking to install Sophos Web Gateway and it has an issue with the signed driver requirement in Windows 10 build 1607 that requires secure boot to be disabled for the program to install correctly. They are aware of the bug and are working to fix it but I am looking for a way to get the program installed now rather than wait for them to fix it. Most of our computers do not have secure boot enabled which is not an issue. The issue is the ones that do I need to deploy a Dell CCTK bios update to so I can disable secure boot and allow this installation.

     

    So if there was a registry setting I could put as a condition or similar that would be ideal but my searches are coming up unfruitful.

    0
    Comment actions Permalink
  • Sam T.

    Try to run scan on this registry key 

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\State

    Enabled:1

    Disabled:0

    Not Support(VM or older motherboard): Missing \State key

    My secure boot is turn off. Tt has Secure boot option, but a pain to turn it on so I never bother to turn it on

     

    EDIT: You can also use msinfo32 to see if secureboot is enabled/disabled/unsupported

    0
    Comment actions Permalink
  • Sam T.

    Here's what Secureboot enabled looks like

    0
    Comment actions Permalink

Please sign in to leave a comment.