Absolute
|
Sets the value to the Absolute interface, and control the Absolute service. The following are the possible values:
- Enabled—The Absolute service is activated or deactivated.
- Disabled—If disabled, then the Absolute service does not run.
- PermanentlyDisabled—If the Absolute interface is permanently disabled, then the Absolute feature can be enabled by using the factory reset feature.
|
AdminPassword
|
Sets, changes, or clears the administrator (admin) password (also called the setup password). If you delete the admin password, the system password, if set, is also deleted. The following are the possible values: String containing minimum 4 and maximum 32 characters including whitespace.
|
AdminSetupLockout
|
Enables or disables admin setup lockout. The following are the possible values:
|
AmdTSME
|
Possible values:
|
CapsuleFirmwareUpdate
|
Enables or disables BIOS updates via UEFI capsule update packages. The following are the possible values:
|
ChasIntrusion
|
The chassis intrusion switch is a physical switch which triggers an event when the chassis is opened. The following are the possible values:
- Enabled—The system detects and reports chassis intrusion events to the system display on boot-up.
- Disabled—The system does not detect and report the Chassis Intrusion events to the system display on boot-up.
- SilentEnable—The system detects, but does not report the Chassis Intrusion events to the system display on boot-up.
|
ChassisIntrusionStatus
|
Displays the status of chassis intrusion.
NOTE: Except TripReset, all values are read-only.
The following are the possible values:
- DoorOpen—Indicates that chassis door is open.
- Tripped—Indicates that the chassis door was opened since the last time the sensor-detection logic was reset.
- DoorClosed—Indicates that chassis door is closed.
- TripReset—Resets the sensor-detection logic to detect the next closed-to-open transition on the chassis door.
|
Computrace
|
This feature allows the users to enable or disable Absolute Software's Computrace security software BIOS ROM. After this token is written, the state is permanently maintained (this is a write-once field). This token is for Factory use only. Application and management software must ignore this token. Write-once permanent is different from write-once. Write-once is reset on a power cycle and/or chipset reset. Write-once permanent cannot be reset or change once it is set. The following are the possible values:
NOTE: You cannot enable or disable this feature using Dell Command | Configure.
|
CpuXdSupport
|
Enables or disables the run disable mode of the processor. The operating system can use this feature to hinder software that exploits buffer overflows. The following are the possible values:
|
DisPwdJumper
|
DisPwdJumper controls the physical password clear jumper on the motherboard. The following are the possible values: Enabled—When this option is not selected, the password jumper on the motherboard is activated to clear the BIOS admin and the user passwords. Disabled—When this option is selected, the password jumper is disabled, and the BIOS passwords are not cleared.
|
GeneralPurposeEncryption
|
Enables or disables general-purpose encryption. The following are the possible values:
|
HDDInfo
|
Displays the details of each HDD. The following information is displayed:
- HDDName—The name of the HDD.
- Present—Whether the HDD is physically present.
- PwdProtected—Whether a password exists for the HDD.
- PendingRestart—Whether a reboot is pending to set the password.
- AdminOnlyChange—Whether the changes to the password can be made only by an administrator.
- SecureEraseSupported—Whether HDD Secure Erase is supported.
- SecureEraseEnabled—Whether HDD Secure Erase is enabled.
The following are the possible values: Read-only.
|
HDDPassword
|
Sets, changes, or clears the HDD password. Enter the HDD password, if set, when the system is powered on.
NOTE: After setting the HDD password, restart the system.
Possible values: String containing minimum 1 and maximum 32 characters including whitespace.
|
HddProtection
|
Lets the user choose loading of HDD Protection OPROM.
|
IntlPlatformTrust
|
Enables or disables IntlPlatformTrust feature. The following are the possible values:
- Enabled—Displays the Intel Platform Trust Technology (PTT) device from the operating system on the next boot.
- Disabled—Hides the Intel Platform Trust Technology (PTT) device from the operating system on the next boot.
NOTE: When disabled, the PTT device is not displayed to the operating system, and no changes can be made to the PTT device or its content.
|
IntelTME
|
Controls the total memory encryption (TME) feature. The following are the possible values:
|
IsAdminPasswordSet
|
Specifies if an admin password has been set. Possible values: True, false (Read-only)
|
IsSystemPasswordSet
|
Specifies if a system password has been set. Possible values: True, false (Read-only)
|
MasterPasswordLockout
|
Enables or disables master password settings.
CAUTION: Using the Dell Command | PowerShell Provider, you cannot disable this feature.
The following are the possible values:
- Enabled—The master password cannot be used to:
- clear other passwords
- unlock and access Hard Disk Drive
- erase data from Hard Disk Drive.
- Disabled—The master password can be used to:
- clear other passwords
- unlock and access Hard Disk Drive
- erase data from Hard Disk Drive.
NOTE: One of the methods of configuring this feature is from the BIOS setup screen.
NOTE: You cannot enable MasterPasswordLockout while setting up with Hdd or Owner's password.
|
NonAdminPsidRevert
|
The following are the possible values:
- Enabled—When enabled, the PSID revert is allowed to proceed without providing the BIOS admin password.
- Disabled—When disabled, and if the BIOS admin password is set, PSID revert is protected and the BIOS admin password can be entered before performing the revert.
|
NVMePwdFeature
|
This feature enables or disables the NVMe password. The following are the possible values:
|
OromKeyboardAccess
|
Determines whether users are able to enter Option ROM Configuration screens using hotkeys during boot. The following are the possible values:
- Enabled—Users are able to enter OROM configuration screens using hotkeys during boot.
- OneTimeEnable—Users will be able to enter OROM configuration screens using hotkeys during next boot only. After next boot, the settings will revert to disabled.
- Disabled—Users are able to enter OROM configuration screens using hotkeys during boot.
|
PasswordBypass
|
Allows users to skip the entry of the system password, HDD password, fingerprint scan, or smartcard on either/both reboot (warm boot) or S3 resume (resume from standby). The following are the possible values:
- Disabled
- RebootBypass
- ResumeBypass
- RebootAndResumeBypass
|
PasswordLock
|
Determines whether the changes to the system and HDD passwords are permitted or restricted if an admin password is set. The following are the possible values:
- Disabled—If disabled, then the system and HDD passwords are locked by admin password and cannot be set, modified, or deleted unless admin password is provided.
- Enabled—If enabled, then the system and the HDD passwords can be set, modified, or deleted.
|
Ppibypassforblocksid
|
When there is no drive ownership and the ppibypassforblocksid is enabled, the BIOS requires user input while sending the Block SID authentication command to SED drives. When disabled, BIOS does not require user input while sending the Block SID command. The following are the possible values:
|
SafeShutter
|
The device camera shutter opens automatically when you grant permission to the application and closes when permission is terminated. Disable dynamic behavior by pressing F9. The following are the possible values:
- Dynamic Shutter
- Manual Shutter Control
|
SedBlockSidAuthentication
|
When there is no drive ownership and the SedBlockSidAuthentication is enabled, BIOS sends the Block SID authentication command to SED drives. When disabled, BIOS does not send the Block SID command. The following are the possible values:
NOTE: You can disable SedBlockSidAuthentication in manufacturing mode or while setting up the BIOS Setup Administrator password.
NOTE: The read-only mechanism can be changed when the system is in manufacturing mode, while the SedBlockSidAuthentication is disabled.
|
Smmsecuritymitigation
|
Enables or disables the additional UEFI SMM Security Mitigation protections. The operating system uses this feature to protect the secure environment created by virtualization-based security. Enabling this feature provides the additional UEFI SMM Security Mitigation protections support. However, this feature may cause compatibility or functionality issues with some legacy tools and applications. The following are the possible values:
NOTE: You can disable Smmsecuritymitigation in manufacturing mode.
NOTE: The read-only mechanism can be changed when the system is in manufacturing mode, while the Smmsecuritymitigation is disabled.
|
StrongPassword
|
Enables or disables the enforced use of a strong password. If enabled, the admin and system passwords must contain at least one upper case character, at least one lowercase character, and minimum eight characters. The following are the possible values:
|
SystemPassword
|
Sets, changes, or clears the system password (also known as the user password). Enter the system password, if set, when the system is powered on. Possible values: String containing minimum 4 and maximum 32 characters including whitespace.
|
WirelessSwitchChanges
|
Determines if changes to the wireless switch setting are permitted or restricted when an administrator password is set. The following are the possible values:
- Enabled—Permits the changes to the wireless switch setting when an administrator password is set.
- Disabled—Restricts the changes to the wireless switch setting when an administrator password is set.
NOTE: Provide the administrator password to be able to change the wireless switch setting. If the Administrator password is not set, this setting has no effect.
|