A forum focused on PC client management topics such as SSM and BCU has recently been added to the HP Community forums. 

Topics also include HP's Client Catalog, Client Integration Kit for Microsoft System Center, Microsoft's MDT and HP Driver Packs

https://h30434.www3.hp.com/t5/Business-PCs-Workstations-and-Point-of-Sale-Systems/bd-p/Business-PC-W...

SSM can update the BIOS on the target system.

-Install SSM

-Create a filestore with the BIOS updates

-Create the SSM database using SSM's admin mode.

          Admin mode is accessed by running without any command

          line parameters or by selecting it from Windows start menu

        Using the Admin mode in the latest version of SSM also allows

        the creation of an encrypted BIOS password file.

Run SSM with command line

        ssm.exe c:\filestore /accept /cspwdfile:"filename"

where c:\filestore       is the path to the softpaqs

where /cspwdfile        is the path & filename of

the encrypted password file

SSM will compare the BIOS details between the target system

and the filestore database and update systems as needed.

It is important to note that any time a SoftPaq is added or

removed from the filestore directory, the database must be updated.

The database can be update using the command line

    ssm.exe /am_bld_db

Get the latest version of SSM for encrypted BIOS password support.  It is available at

        www.hp.com/go/clientmanagement

Select the HP CMS Download Library from the menu under "Resources"

Richard

I work for HP but am not a company spokesperson.  Participation in the community forums is voluntary.

---- Clearing the BIOS setup password using BIOS Config Utility ( BCU )

This process REQUIRES the user provide old BIOS password.

It will not clear or erase the password on a system in which the password is unkown.

For BCU version 2.60.13 or earlier:

        BIOSConfigUtility.exe /cspwd:"CurrentPassword"  /nspwd:""

where /cspwd contains the current password. 

It is best to enclose the password in quotes.

where /nspwd is the new password and this is set to null using a PAIR of double quotes.

Note regarding BIOS setup passwords:

        First - placing a password in a .CMD or .BAT file is strongly discouraged.

        Next - It is important to note that if attempting to SET, CLEAR or PASS the password using a .CMD or.BAT file, that standard command line enviroment (DOS style) rules apply.

Use of the percent sign (%) or caret (^) as part of the password may cause unwanted results in a batch file.

I have not explored if there are any side effects of Command Extensions being enabled that would affect other special characters use in this circumstance.

My best recommendation is to leave passwords out of batch files.

For BCU version 3.0.3.1 or later:

        BIOSConfigUtility.exe /cspwdfile:"CurrentPasswordFileName"  /nspwd:""

where /cspwdfile contains the name of the file containing the current encrypted password.

Enclose the path & filename in quotes.

where /nspwd is the new password and this is set to null using a PAIR of double quotes.

Using this version will allow using a task or batch to set or clear the password without concern for special characters.

With this method, the password should only be limited by BIOS policy and/or BIOS requirements.

The password is encrypted with HPQPswd.exe.

It is available at www.hp.com/go/clientmanagement

Select the HP CMS Download Library from the menu under "Resources"

Richard

I work for HP but am not a company spokesperson.  Participation in the community forums is voluntary.