This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
Could you advise if there's a method to block or disable Smart Lock/Smart Assist features on the Lenovo T14 through SCCM or Intune by utilizing scripting? I'm exploring options to manage these functionalities centrally and would appreciate your insights on the most effective approach.
I've come across this article which is useful for manual , but it's more suitable for a single device. I need a method to apply this on a number of devices. Please suggest a solution...
https://support.lenovo.com/jp/en/solutions/HT515870
I have found this script but I'm not sure if it will work. Please suggest.
If this can be done via GPO, please suggest the GPO setting, but I would prefer the script more.
$getLenovoBIOS = gwmi -class Lenovo_SetBiosSetting -namespace root\wmi $getLenovoBIOS.SetBiosSetting("ZeroTouchLogin,Disable") $getLenovoBIOS.SetBiosSetting("ZeroTouchLock,Disable") $getLenovoBIOS.SetBiosSetting("ZeroTouchAllowOverride,Disable") $getLenovoBIOS.SetBiosSetting("PhysicalPresenceForTpmClear,Disable") $getLenovoBIOS.SetBiosSetting("UserPresenceSensing,Enable") (gwmi -class Lenovo_WmiOpcodeInterface -namespace root\wmi).WmiOpcodeInterface("WmiOpcodePasswordAdmin:YourBiosPasswordHereOrBlankIfNoPassword") (gwmi -class Lenovo_SaveBiosSettings -namespace root\wmi).SaveBiosSettings()
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 23%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Unfortunately, directly disabling Smart Lock/Smart Assist through SCCM or Intune scripting on the Lenovo T14 isn't straightforward.
You can create a Group Policy Object (GPO) to disable Smart Lock/Smart Assist features.
Unfortunately, directly disabling Smart Lock/Smart Assist through SCCM or Intune scripting on the Lenovo T14 isn't straightforward.
You can create a PowerShell script to disable specific features related to Smart Lock/Smart Assist and then deploy it through SCCM or Intune.
Disable Smart Lock/Smart Assist features
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "AllowDomainPINLogon" -Value 0 -Type DWord Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "AllowDomainPasswordLogon" -Value 0 -Type DWord
Moderators. kindly delete this specific answer.
Thanks, Do I need to make changes in this script or can I run it directly
I found this script I am not sure this is useful for to disable smart lock $getLenovoBIOS = gwmi -class Lenovo_SetBiosSetting -namespace root\wmi $getLenovoBIOS.SetBiosSetting("ZeroTouchLogin,Disable") $getLenovoBIOS.SetBiosSetting("ZeroTouchLock,Disable") $getLenovoBIOS.SetBiosSetting("ZeroTouchAllowOverride,Disable") $getLenovoBIOS.SetBiosSetting("PhysicalPresenceForTpmClear,Disable") $getLenovoBIOS.SetBiosSetting("UserPresenceSensing,Enable") (gwmi -class Lenovo_WmiOpcodeInterface -namespace root\wmi).WmiOpcodeInterface("WmiOpcodePasswordAdmin:YourBiosPasswordHereOrBlankIfNoPassword") (gwmi -class Lenovo_SaveBiosSettings -namespace root\wmi).SaveBiosSettings()
Can you please help me on this