Welcome to the ThinkDeploy Blog #

February 26, 2026
4 min read

HSA Best Practices Guide

Manage PC

Hardware Support Apps (HSAs) are a core part of the modern Windows driver model — UWP/MSIX apps published by OEMs or IHVs that extend a base driver, typically delivered via the Microsoft Store. Common examples include Intel Graphics Command Center, AMD Software, Realtek Audio Console, and Lenovo hardware control apps. They are a fundamental piece of the Declarative, Componentized, Hardware Support Apps (DCH) driver architecture introduced in Windows 10 1809.

Understanding how HSAs are designed to work — and where enterprise management intersects with that design — is critical to deploying and maintaining a clean, supportable Windows environment.

November 24, 2025
13 min read

Deep Dive - Certificate-based Authentication in an Autopilot Pre-provisioning Deployment

A deep dive on converting to certificate-based authentication in an Autopilot pre-provisioned deployment using Think BIOS Config and Certificates V2 tools

November 4, 2025
7 min read

Introducing Think BIOS Config Tool V2 and Lenovo BIOS Certificate Tool V2

Tools Banner

We're excited to announce the release of two powerful new PowerShell-based tools for managing BIOS settings on Lenovo commercial PCs: Think BIOS Config Tool V2 and Lenovo BIOS Certificate Tool V2. These tools represent a complete rewrite of their predecessors, bringing modern PowerShell capabilities, enhanced user interfaces, and seamless integration with Microsoft Intune.

October 31, 2025
10 min read

Certificate-based BIOS Authentication

updated October 31, 2025

Beginning with 2022 ThinkPad models, it is now possible to configure systems to use a digital signing certificate instead of a supervisor password. Although this feature does not eliminate the challenge of initially securing the device, it does eliminate the need to exchange passwords in plain text when scripting BIOS settings changes.

September 15, 2025
5 min read

Automate Partition Sizes When Using Windows 11 ISO

As more corporate customers are moving to Intune and other cloud based tools for device management, there has been and probably will continue to be a decrease in the use of imaging technologies to deploy operating systems to devices. Most of the time, customers are using the OEM provided preload on the device as the initial operating system installation. Customers then leverage tools to continue with device configuration until the desired state is met.

September 3, 2025
4 min read

Deploying Certificate-based BIOS Authentication with Microsoft Configuration Manager

This guide will demonstrate how to convert the BIOS security of a Lenovo Think product, protected by a Supervisor Password, to a digital certificate-based authentication mechanism using a Configuration Manager task sequence.

March 26, 2025
2 min read

What Is The System Firmware Update Utility?

You may start seeing a new update offered titled System Firmware Update Utility. What exactly is this and what does it fix?

February 19, 2025
5 min read

SU Helper Use Cases in a Modern World

The SU Helper utility was introduced to programmatically trigger the System Update AddIn of Commercial Vantage. Let's see how we can leverage SU Helper in different scenarios across Microsoft's Endpoint Management solutions.

January 17, 2025
3 min read

Remediate Fibocom FwSwitchService on Devices Without WWAN Card

After a successful Operating System Deployment (OSD), customers have noted the Fibocom FWSwitchService running on devices without a Fibocom WWAN Card. In this blog post, we provide the cause and remediation for this issue.

November 7, 2024
6 min read

Introducing: Lenovo Client Scripting Module 2.0.0

Lenovo Client Scripting Toolbox

Update June 12, 2025: Version 2.3.0 is now available in the PowerShell Gallery!

Back in January of 2024 we introduced the Lenovo Device Management Module. Today we are replacing it with the new Lenovo.Client.Scripting Module which is a PowerShell module that provides several useful cmdlets for making it easier to manage Lenovo commercial PCs. The module supports Lenovo's commercial portfolio of ThinkPad, ThinkCentre and ThinkStation products.