Lenovo BIOS Supervisor Password - automated deployment possibility

Basheer Ahmed Shaik 0 Reputation points
2023-11-10T09:32:37.1633333+00:00

I have researched a lot and found this:

System Deployment Boot Mode (SDB) is a new feature added to the Whiskey Lake generation of ThinkPads. This introduces the ability to programmatically configure key security BIOS settings during your operating system deployments.

Unlike previous generations, this boot mode will allow you to:

Set an initial Supervisor Password

In the past, a supervisor password had to be set manually or from the factory. Once a supervisor password was set, it could be changed in an automated way leveraging the Lenovo_SetBiosPassword WMI class.

Disable the TPM Physical Presence for Clear requirement

No longer requires user interaction if a call to clear the TPM was performed. In other words, no more pressing F9!

Link: https://docs.lenovocdrt.com/#/bios/sdbm

Further reading says:

You can also use the Think BIOS Config Tool or higher to apply these changes in your operating system deployment task sequence.


I really appreciate if someone simplify this and help me understand how to deploy Supervisor password for both type of machines. (both already installed and to be installed). The present deployment at our org is EasyInstall for Windows and We also have E5 license ofcourse Intune capability.

Thanks again!

Microsoft Deployment Toolkit
Microsoft Deployment Toolkit
A collection of Microsoft tools and documentation for automating desktop and server deployment. Previously known as Microsoft Solution Accelerator for Business Desktop Deployment (BDD).
892 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.