Set Dell BIOS settings through Intune and PowerShell

1 A+ A-

In this post, we will see how to set your devices BIOS settings from a CSV file through Intune and PowerShell.

- You want to set multiple settings on multiple devices.
- Save all those settings with their values in a CSV file
- Apply each settings from the CSV on your devices

CSV file
See below an overview of my CSV file. Save it with delimiter ;

We will use Microsoft Win32 Content Prep Tool from MS
To download it, go to this link.

The script
You can find the script to set settings, the script for uninstalling and the exe to create the package.

Save the script as BIOS_Settings_For_Dell.ps1

How it works ?
This will work in 3 steps:
- Create the intunewin package
- Create the Win32 app in Intune
- Assign the app

Create the folder project
1. Create a folder Dell
2. Copy the BIOS_Settings_For_Dell.ps1 in this folder
3. Copy the CSV in this folder

Create the package
Purpose of this part ?
To deploy BIOS settings we will create a Win32 package containing both the CSV file and the PS1.
1. Run IntuneWinAppUtil.exe
2. Select the Source folder 
3. Select the ps1 file
4. Select an output folder
5. A package BIOS_Settings_For_Dell.intunewin will be created

Create the Win32 app
Purpose of this part ?
We will now integrate the intunewin package into Intune.
1. Go to Intune
2. Go to Client apps
3. Go to Apps
4. Click on Add
5. Select Windows app (Win32)
6. Browse to the package BIOS_Settings_For_Dell.intunewin
7. Click on OK
8. Click on App information > Configure
9. Type informations, as below:
10. Click on OK
11. Click on Program > Configure

12. In Install command type the below command
13. In Uninstall command type the same with Uninstall.ps1
14. Click on OK

15. Click on Requirements > Configure
16. Type your requirements
17. Click on OK
18. You can also add a new requirement to run the package only on Dell manufacturer

19. Click on Detection rules > Configure
20. Select Manually configure detection rules
21. Click on Add
22. Select File
23. Set detection rule, as below
The registry key is: HKLM\HARDWARE\DESCRIPTION\System\BIOS 24. Click on OK twice
If the device is not a Dell it will be marked as not applicable in device status:

25. Click on Add
26. The below warnning will be displayed (wait a bit)

Assign the app
1. Go to Assignments
2. Click on Add group
3. Assign as you want

Get the log
See below my BIOS settings before the app execution:
The process will create a log file under C:\Windows\Debug.
See below an overview:

What's next ?
In my next posts I will explain how to do the same for Dell, Dell and Surface.
remote bios 7423632386034483949

Enregistrer un commentaire

1 commentaire

Anonyme a dit…

Hey there,

I followed your instructions and it seems your way is not working.
After a quick check, I can see the secureboot in bios remaine disabled.


Accueil item


Learn KQL in one month


You want to support me ?

Mes articles en français

Books in French