This is a follow up to a previous article that walked through hosting an on-prem Update Retriever repository in an Azure Blob Storage.
If you've started leveraging cloud storage for your driver repository, this solution may be of interest to you if you're at a roadblock with how to deploy Bios updates to your endpoints.
The main focus of this article is a rather hot topic: Silently installing Bios updates.
There are numerous articles out in the community that walk through how to configure BIOS settings through Intune. The majority of them being PowerShell solutions.
This post will provide an alternate method for configuring BIOS settings using our official Think BIOS Config HTA that was introduced back in 2016. This solution can also be leveraged as part of an Autopilot deployment.
ThinkShield secure wipe is the successor to the ThinkPad Drive Erase Utility and is designed to provide the wipe out function of the SSD.
Note
For more detailed information about ThinkShield Secure Wipe, please see the ThinkShield Secure Wipe Technical Whitepaper
Although the Drive Erase Utility is still supported and provided as an external tool, ThinkShield secure wipe is fully integrated in the BIOS image and does not require any external tools.
Secure wipe can be executed locally by BIOS from the application menu of the Startup Boot Menu invoked by F12 or remotely from OS through the WMI interface, which is what this post will be covering.
A feature add (by popular demand) in Commercial Vantage is the ability to write the device's warranty information to WMI.
The Lenovo_WarrantyInformation WMI class located under the root\Lenovo Namespace is created when the Write Warranty Information to WMI policy has been enabled on the device.
In this post, we're going to walk through how this data can be collected from Intune managed devices and ingested into a Log Analytics Workspace in Azure Monitor.
In some previous articles we have highlighted how you can collect Lenovo Updates History from a new WMI class in the root\Lenovo namespace. See https://thinkdeploy.blogspot.com/2018/10/tracking-thininstaller-update-history.html
We are now adding a new class under this namespace for the new "Odometer" feature found in the latest ThinkPads that were recently launched. This feature keeps track of several metrics that can provide an indication of how a system has been used. The metrics collected are:
For those who are migrating from Configuration Manager to Intune, you may find the need to deploy Commercial Vantage to your devices from Intune. Commercial Vantage consists of a UWP app plus other services and components. An enterprise package with deployment guide and ADMX templates is available to assist deploying this solution. Download the latest version of Commercial Vantage with Deployment Guide here.
This post walks you through updating your Think product's drivers during Windows Autopilot using Lenovo System Update.
Ideally, you'll want the most current drivers installed on the device prior to the user's first sign-in.
This article is intended to provide another solution to install HSA packs for your Think product in a ConfigMgr Task Sequence.
For an in-depth overview of these HSA packs and installation script, refer to this article.
To make this process a bit easier and to reduce the number of steps in your Task Sequence, this solution goes hand in hand with an older post: Dynamically Updating BIOS.
With versions of Windows 10 since 1809, Microsoft has introduced the concept of Modern Drivers. These new drivers have a few requirements:
The Lenovo Updates Catalog has been upgraded to the V3 format. The catalog is still hosted at the same URL:
https://download.lenovo.com/luc/v2/LenovoUpdatesCatalog2v2.cab
The URL and file name did not change so as to avoid all subscribers having to change their subscription settings. The V3 format simply adds some additional files that allow the updates in the catalog to be categorized.