Manualshelf

White Papers

ManualsBrandsDell ManualsConverged InfrastructureBIOS Verification
11121314151617181920
Parameters Meaning
-noncestring <nonce> The <nonce> parameter is a base64 encoded nonce. The string is base64 decoded, and
the result becomes the nonce. If the decoded nonce is larger than 1024 bytes, an
ArgumentException error is thrown.
1. Open Command Prompt with administrative privileges.
2. Go to the directory containing the utility.
3. Type Dell.TrustedDevice.Service.Console.exe then press Enter.
4. A browser launches automatically and displays BIOS results.
NOTE: To suppress the browser result and display results in the Command-Line window, use the -headless flag. For example,
Dell.TrustedDevice.Service.Console.exe -headless
If the utility is unable to determine BIOS state, an error code displays. Error code definitions are listed in Results, Troubleshooting, and
Remediation.
NOTE: BIOS results are written to the following registry location each time the utility is run: [HKLM\Software\Dell\BIOS
Verification] .
NOTE: The %ERRORLEVEL% environment variable is updated and can be queried for results to automate silently gathering BIOS
status centrally.
Commonly Used Scenarios
Running the BIOS Verification agent in repeated intervals ensures that devices remain in a protected state. Third-party utilities are
commonly used to run and report back on a schedule. It is recommended targeting specific collections of devices to avoid a high volume of
noise from unsupported platforms.
It is recommended that you run the BIOS Verification feature with its headless property as SYSTEM on devices to avoid interrupting users
while ensuring the proper return codes.
The following example runs the TrustedDevice agent in headless mode with logs and results written to the default location of
C:\ProgramData\Dell\TrustedDevice\:
C:\Program Files\Dell\TrustedDevice\Dell.TrustedDevice.Service.Console.exe -headless
After running the utility, query %ERRORLEVEL% to return the status of the device in question. The %ERRORLEVEL% return value can
be compared against the list of error code definitions in Results, Troubleshooting, and Remediation.
Scheduling is used to automate the collection of BIOS results. Microsoft's SCCM custom task sequence can collect status reports for
scheduled tasks. For more information on managing the schedule of the task sequence, see https://docs.microsoft.com/en-us/previous-
versions/system-center/packs/hh967525(v=technet.10)#BKMK_Mandatory_Assignment.
To limit return results to computers supported by Trusted Device, it is recommended using a collection created with Microsoft's SCCM.
For information on the options to target specific devices, see https://docs.microsoft.com/en-us/sccm/core/clients/manage/collections/
create-collections.
Third-party utilities use similar retrieval mechanisms. For information on PDQ Deploy's options for creating collections, see https://
support.pdq.com/knowledge-base/1752-viewing-and-creating-collections-in-pdq-inventory.
Run the BIOS Verification Agent
19