Deploying BIOS updates with PDQ deploy

Comments

8 comments

  • Matt Hamel

    I'm interested in how you went about doing this. Could you post an example XML of how you did this?

    0
    Comment actions Permalink
  • Diederik Kuijper

    Sure, and I'll also explain the process and required commands. I'll focus on Dells, since we're a mostly Dell shop.

    • Inventory the models using PDQ inventory

      You'll need a collection to point the deployment package at.

      1. First I subdivide by brand (Dell/HP/Etc)
      2. Then by chassis type to differentiate between laptops and towers. (laptops require some other considerations as they sometimes will not allow bios updates without AC adapter plugged in)
      3. Then by model (e.g OptiPlex 760)
      4. Then by BIOS version. I only check if it's on the latest or not with the exception of some models which require a minimum bios version for the latest to update. This will give you a quick at a glance update on which device is not on the latest version.
      You can pull all required information from Computer information in Inventory.

    • Download the BIOS update file and put it in your repository/fileserver

      You'll need the bios update file to update the bios. Store it somewhere logical so you can find it later. I use the same hierarchy as the Inventory.
    • Create a deploy package for the model

      Create a new package and name it after the model and bios version you'll be deploying

      Step 1 - CMD

      \\fileserver\share$\BIOS\Dell\760\O760-A16.exe /s /r

      Succes Codes: 0,2,6
      The /s flag sets the installer as silent.
      The /r flag will reboot the PC to flash the BIOS

      Set the conditions to "Is a member" of the correct model we inventoried earlier. Most BIOS update packages have built in checks nowadays, but it doesn't hurt to be careful.

      Step 2 - Sleep

      I put in a five minute sleep so the deployment doesn't time out and ends with an error. Sometimes the PC is already rebooting before the PDQ service can respond back, which gives a timeout error.

    The majority of the required information for silent BIOS dell updates can be found here:

    http://en.community.dell.com/techcenter/enterprise-client/w/wiki/3462.dup-bios-updates

    A good flag to know from there is /s if you have a password set on the bios.

     

    Sample XML of a package:

    <?xml version="1.0" encoding="utf-8"?>
    <AdminArsenal.Export Code="PDQDeploy" Name="PDQ Deploy" Version="15.3.0.0" MinimumVersion="15.0">
      <Package>
        <CurrentLibraryPackageVersionId value="null" />
        <PackageDefinition name="Definition">
          <Conditions type="list">
            <PackageStepCondition>
              <Architecture>Both</Architecture>
              <Version>All</Version>
              <TypeName>OperatingSystem</TypeName>
            </PackageStepCondition>
            <PackageStepCondition>
              <IsUserLoggedOn>AlwaysRun</IsUserLoggedOn>
              <TypeName>LoggedOnUser</TypeName>
            </PackageStepCondition>
            <PackageStepCondition>
              <ConditionMode>None</ConditionMode>
              <InventoryCollectionId value="null" />
              <InventoryCollectionName></InventoryCollectionName>
              <TypeName>Collection</TypeName>
            </PackageStepCondition>
          </Conditions>
          <CopyMode>Default</CopyMode>
          <DelayedApprovalTimeSpan>7.00:00:00</DelayedApprovalTimeSpan>
          <DownloadApprovalMode>Manual</DownloadApprovalMode>
          <InventoryScanProfileId value="3" />
          <IsDownloadApprovalModeInherited value="true" />
          <ScanAfterDeployment value="true" />
          <Steps type="list">
            <CommandStep>
              <Command>\\fileserver\share$\BIOS\Dell\760\O760-A16.exe /s /r</Command>
              <Files></Files>
              <SuccessCodes>0,6</SuccessCodes>
              <RunAs value="null" />
              <Conditions type="list">
                <PackageStepCondition>
                  <Architecture>Both</Architecture>
                  <Version>All</Version>
                  <TypeName>OperatingSystem</TypeName>
                </PackageStepCondition>
                <PackageStepCondition>
                  <IsUserLoggedOn>AlwaysRun</IsUserLoggedOn>
                  <TypeName>LoggedOnUser</TypeName>
                </PackageStepCondition>
                <PackageStepCondition>
                  <ConditionMode>None</ConditionMode>
                  <InventoryCollectionId value="null" />
                  <InventoryCollectionName></InventoryCollectionName>
                  <TypeName>Collection</TypeName>
                </PackageStepCondition>
              </Conditions>
              <ErrorMode>StopDeploymentFail</ErrorMode>
              <Title>Install O760 A16</Title>
              <TypeName>Command</TypeName>
              <IsEnabled value="true" />
              <IsPostStep value="false" />
              <IsPreStep value="false" />
            </CommandStep>
            <SleepStep>
              <Seconds value="300" />
              <Conditions type="list">
                <PackageStepCondition>
                  <Architecture>Both</Architecture>
                  <Version>All</Version>
                  <TypeName>OperatingSystem</TypeName>
                </PackageStepCondition>
                <PackageStepCondition>
                  <IsUserLoggedOn>AlwaysRun</IsUserLoggedOn>
                  <TypeName>LoggedOnUser</TypeName>
                </PackageStepCondition>
                <PackageStepCondition>
                  <ConditionMode>None</ConditionMode>
                  <InventoryCollectionId value="null" />
                  <InventoryCollectionName></InventoryCollectionName>
                  <TypeName>Collection</TypeName>
                </PackageStepCondition>
              </Conditions>
              <ErrorMode>StopDeploymentFail</ErrorMode>
              <Title>Sleep</Title>
              <TypeName>Sleep</TypeName>
              <IsEnabled value="true" />
              <IsPostStep value="false" />
              <IsPreStep value="false" />
            </SleepStep>
          </Steps>
          <Timeout value="60" />
          <UseCustomTimeout value="false" />
          <RunAs value="null" />
        </PackageDefinition>
        <Description></Description>
        <NewLibraryPackageVersionId value="null" />
        <Version>A16</Version>
        <IsAutoDownload value="false" />
        <FolderId value="17" />
        <LibraryPackageVersionId value="null" />
        <Name>760 A16</Name>
        <Path>BIOS Updates\Dell\Desktops\OptiPlex 760\760 A16</Path>
        <PackageDisplaySettings name="DisplaySettings">
          <DisplayType>Normal</DisplayType>
          <IconKey>Icon-Package</IconKey>
          <SortOrder value="7" />
        </PackageDisplaySettings>
      </Package>
    </AdminArsenal.Export>

    0
    Comment actions Permalink
  • GrantG

    For Dells, also possible to use PDQ to push out Dell Command Update silently, and silently run it periodically.

    That will update BIOS, drivers, etc, without having to make any packages specific to models.

     

    We also make collections based on the last modified date of the logfiles we have DCU generate each time it's run, so we can see how long it's been since they've last been updated.

    0
    Comment actions Permalink
  • Wess Frederick

    GrantG, could you provide more info on running DCU silently after installing?

    0
    Comment actions Permalink
  • GrantG

    Sure.

     

    One command step:

    start /wait /d "C:\Program Files (x86)\Dell\CommandUpdate" dcu-cli.exe /silent /log C:\logs

     

    That takes about 30 seconds to run in PDQ, if the machine is up to date and has no updates to download/install.  Or 30+ minutes if it needs to download multiple things.

    The logs it leaves will be two .xml files in C:\logs

    Then I have a PDQ Inventory scanner that checks those files, and collections that group them by file modification date age.

     

     

    1
    Comment actions Permalink
  • Wess Frederick

    Thanks GrantG!

    0
    Comment actions Permalink
  • GrantG

    However, keep in mind that DCU doesn't always download the very latest drivers and BIOS, that Dell will show on their website.

    I don't know what process/interval they use for that.  They probably delay it a bit, so stuff gets additional customer testing before being mass deployed.

    So if you need the absolute latest for something, you might need to check if DCU is installing it, or deploy it manually.

    0
    Comment actions Permalink
  • Ron C Seifer

    I am trying to do this with Lenovo's. Do you happen to know the parameters/ switches that are needed to complete the install? The unattended instructions in the readme only say to use WINUPTP.EXE -s. This fails with a 1602 error.

    0
    Comment actions Permalink

Please sign in to leave a comment.