grillosoft
New Member
- Messages
- 2
- Reaction score
- 0
- Points
- 1
Hello everyone.
I'm trying to create a collection, a Compliant, or an SQL query that will show me which computers don't have an updated Secure Boot certificate. If many of you aren't aware, the certificate installed in the BIOS UEFI starts expiring after 15 years, beginning in June of this year. Therefore, if it's not updated, Windows most likely won't be able to boot.
Anyway, I need someone to guide me on how to obtain this information from all the machines in the domain using SCCM.
The command to execute is the following:
if (([System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).Bytes)) -match "Windows UEFI CA 2023") { 1 } else { 0 }
If it's 1, it's updated; if it's 0, we need to evaluate how to update it.
Thanks!
I'm trying to create a collection, a Compliant, or an SQL query that will show me which computers don't have an updated Secure Boot certificate. If many of you aren't aware, the certificate installed in the BIOS UEFI starts expiring after 15 years, beginning in June of this year. Therefore, if it's not updated, Windows most likely won't be able to boot.
Anyway, I need someone to guide me on how to obtain this information from all the machines in the domain using SCCM.
The command to execute is the following:
if (([System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).Bytes)) -match "Windows UEFI CA 2023") { 1 } else { 0 }
If it's 1, it's updated; if it's 0, we need to evaluate how to update it.
Thanks!
