06-11-2020 07:56 PM
I decided to give HP SCCM's MIK integration one more try.
All I've done is created a policy that has the password set. And i've deployed that baseline to just one pc (mine).
If I evaluate the policy via configuration manager tool in control panel I can see it's compliant. And at some point when i go back into sccm whether its days later my pc shows as uncompliant??
Why is this happening?
There is nothing special about my sccm setup. I'm on version 1910, windows 10 1909 64-bit , using an elitebook 840 g5 and using the latest MIK Client22.214.171.124 on this pc.
on my PC I have the following HP MIK Toolkit version 126.96.36.199
has anyone else seen this behaviour where its compliant then non compliant?
06-12-2020 04:53 AM
I used HP MIK to set BIOS password , then enabled and set HP Sure Recover with custom image.
I was not very clear to me why sometime I got , on the Client , Uncompliant, so I was opening the Report clicking on the button in SCCM agent and I was trying to understand the error message.
some errors were meaningless, until in addition to the HP MIK client, I also installed HP Security Manager, HP Sure Run and HP Sure Recover.
Could you post the HTML Report created on your client when you evaluate the baseline?
06-16-2020 10:53 PM
This is what i get . and if i evaluate the baseline again it will remediate. but at some point, presumably possible even at reboot it will just go back to showing as not compliant.
im not even trying to change a password at this point. im just evaluating whether devices match the password.
hoping that someone from the HP team can address this. it shouldn't be this difficult. im not doing anything special. just creating a baseline using the authentication tab. clicking create , adding my password and deploying it.
06-18-2020 11:00 AM
I guess that nobody of people developing HP MIK is reading this post.
That's a pity because , for my point of view, they will discover issues or strange behaviour or at least explaing what's happening like in this case.
06-29-2020 10:15 AM
The reason the compliance fails is that after the password is set (correctly), the actual password is not maintained in the console, which would bring security concerns from customers,.. Next time a compliance check is done it can't match the actual password - the BIOS will NEVER revealed - to what was set
There are discussions on best methods to allow for compliance and affect it on a future update... However, having HP Support cases open against this issue will certainly help make this happen quicker... so, i would recommend you open a support case with HP... Feel free to email me privately thru the Forum, and i will pass along the info as appropriate