Passer au contenu principal
Quitter

Bienvenue dans l’univers Dell

Mon compte
  • Passer des commandes rapidement et facilement
  • Afficher les commandes et suivre l’état de votre expédition
  • Profitez de récompenses et de remises réservées aux membres
  • Créez et accédez à une liste de vos produits
  • Gérer vos sites, vos produits et vos contacts au niveau des produits Dell EMC à l’aide de la rubrique Gestion des informations de l’entreprise.
Se connecter Créer un compte Connexion au compte Premier Connexion au programme de partenariat
Nous contacter

Vos paniers Dell.com

Dell Command | PowerShell Provider Version 2.2 Reference Guide

PDF

Security

Table 1. SecuritySecurity
Attribute Name Description
Absolute Sets the value to the Absolute interface, and control the Absolute service.

Possible values:

  • Enabled - If enabled, then the Absolute service is activated or deactivated.
  • Disabled - If disabled, then the Absolute service does not run.

  • PermanentlyDisabled - If the Absolute interface is permanently disabled, then the Absolute feature can be enabled by using the factory reset feature.
AdminPassword

Sets, changes, or clears the administrator (admin) password (also called the setup password). If you delete the admin password, the system password, if set, is also deleted.

Possible values: String containing minimum 4 and maximum 32 characters including whitespace.
AdminSetupLockout

Enables or disables admin setup lockout.

Possible values:

  • Enabled
  • Disabled
AmdTSME

Possible values:

  • Enabled - AMD Transparent Secure Memory Encryption (TSME) allows encryption of contents on the memory DIMMS.
    NOTE: For best results while diagnosing potential memory DIMM issues, turn off this feature prior to running diagnostic functions or tools.
  • Disabled - AMD Transparent Secure Memory Encryption (TSME) does not allow encryption on the memory DIMMS.
CapsuleFirmwareUpdate

Enables or disables BIOS updates via UEFI capsule update packages.

Possible values:

  • Enabled
  • Disabled
ChasIntrusion

The chassis intrusion switch is a physical switch which triggers an event when the chassis is opened.

Possible values:

  • Enabled — The system detects and reports chassis intrusion events to the system display on boot-up.
  • Disabled — The system does not detect and report the Chassis Intrusion events to the system display on boot-up.
  • SilentEnable — The system detects, but does not report the Chassis Intrusion events to the system display on boot-up.
ChassisIntrusionStatus

Displays the status of chassis intrusion.

NOTE: Except TripReset, all values are read-only.

Possible values:

  • DoorOpen — Indicates that chassis door is open.
  • Tripped — Indicates that the chassis door was opened since the last time the sensor-detection logic was reset.
  • DoorClosed — Indicates that chassis door is closed.
  • TripReset — Resets the sensor-detection logic to detect the next closed-to-open transition on the chassis door.
Computrace

This feature allows the users to enable or disable Absolute Software's Computrace security software BIOS ROM. After this token is written, the state is permanently maintained (this is a write-once field). This token is for Factory use only. Application and management software must ignore this token. Write-once permanent is different from write-once. Write-once is reset on a power cycle and/or chipset reset. Write-once permanent cannot be reset or change once it is set.

Possible values:

  • Disable
  • Activate
NOTE: You cannot enable or disable this feature using Dell Command | Configure.
CpuXdSupport

Enables or disables the run disable mode of the processor. The operating system can use this feature to hinder software that exploits buffer overflows.

Possible values:

  • Enabled
  • Disabled
GeneralPurposeEncryption

Enables or disables general-purpose encryption.

Possible values:

  • Enabled
  • Disabled
HDDInfo
Displays the details of each HDD. The following information is displayed:
  • HDDName — The name of the HDD.
  • Present — Whether the HDD is physically present.
  • PwdProtected — Whether a password exists for the HDD.
  • PendingRestart — Whether a reboot is pending to set the password.
  • AdminOnlyChange — Whether the changes to the password can be made only by an administrator.
  • SecureEraseSupported — Whether HDD Secure Erase is supported.
  • SecureEraseEnabled — Whether HDD Secure Erase is enabled.

Possible values: Read-only
HDDPassword

Sets, changes, or clears the HDD password. Enter the HDD password, if set, when the system is powered on.

NOTE: After setting the HDD password, restart the system.

Possible values: String containing minimum 1 and maximum 32 characters including whitespace.
HddProtection

Lets the user choose loading of HDD Protection OPROM.
IntlPlatformTrust

Enables or disables IntlPlatformTrust feature.

Possible values:

  • Enabled — Displays the Intel Platform Trust Technology (PTT) device from the operating system on the next boot.
  • Disabled — Hides the Intel Platform Trust Technology (PTT) device from the operating system on the next boot.
NOTE: When disabled, the PTT device is not displayed to the operating system, and no changes can be made to the PTT device or its content.
IsAdminPasswordSet

Specifies if an admin password has been set.

Possible values: True, false (Read-only)
IsSystemPasswordSet

Specifies if a system password has been set.

Possible values: True, false (Read-only)
MasterPasswordLockout

Enables or disables master password settings.

CAUTION: Using the Dell Command | PowerShell Provider, you cannot disable this feature.

Possible values:

  • Enabled — The master password cannot be used to:
    • clear other passwords
    • unlock and access Hard Disk Drive
    • erase data from Hard Disk Drive.
  • Disabled — The master password can be used to:
    • clear other passwords
    • unlock and access Hard Disk Drive
    • erase data from Hard Disk Drive.
NOTE: One of the methods of configuring this feature is from the BIOS setup screen.
NOTE: You cannot enable MasterPasswordLockout while setting up with Hdd or Owner's password.
OromKeyboardAccess

Determines whether users are able to enter Option ROM Configuration screens using hotkeys during boot.

Possible values:

  • Enabled — Users are able to enter OROM configuration screens using hotkeys during boot.
  • OneTimeEnable — Users will be able to enter OROM configuration screens using hotkeys during next boot only. After next boot, the settings will revert to disabled.
  • Disabled — Users are able to enter OROM configuration screens using hotkeys during boot.
PasswordBypass

Allows users to skip the entry of the system password, HDD password, fingerprint scan, or smartcard on either/both reboot (warm boot) or S3 resume (resume from standby).

Possible values:

  • Disabled
  • RebootBypass
  • ResumeBypass
  • RebootAndResumeBypass
PasswordLock

Determines whether the changes to the system and HDD passwords are permitted or restricted if an admin password is set.

Possible values:

  • Disabled — If disabled, then the system and HDD passwords are locked by admin password and cannot be set, modified, or deleted unless admin password is provided.
  • Enabled — If enabled, then the system and the HDD passwords can be set, modified, or deleted.
Ppibypassforblocksid When there is no drive ownership and the ppibypassforblocksid is enabled, the BIOS requires user input while sending the Block SID authentication command to SED drives. When disabled, BIOS does not require user input while sending the Block SID command.

Possible values:

  • Enabled
  • Disabled
SedBlockSidAuthentication

When there is no drive ownership and the SedBlockSidAuthentication is enabled, BIOS sends the Block SID authentication command to SED drives. When disabled, BIOS does not send the Block SID command.

Possible values:

  • Enabled
  • Disabled
NOTE: You can disable SedBlockSidAuthentication in manufacturing mode or while setting up the BIOS Setup Administrator password.
Smmsecuritymitigation

Enables or disables the additional UEFI SMM Security Mitigation protections. The operating system uses this feature to protect the secure environment created by virtualization-based security. Enabling this feature provides the additional UEFI SMM Security Mitigation protections support. However, this feature may cause compatibility or functionality issues with some legacy tools and applications.

Possible values:

  • Enabled
  • Disabled
NOTE: You can disable Smmsecuritymitigation in manufacturing mode.
StrongPassword

Enables or disables the enforced use of a strong password. If enabled, the admin and system passwords must contain at least one upper case character, at least one lowercase character, and minimum eight characters.

Possible values:

  • Enabled
  • Disabled
SystemPassword

Sets, changes, or clears the system password (also known as the user password). Enter the system password, if set, when the system is powered on.

Possible values: String containing minimum 4 and maximum 32 characters including whitespace.
WirelessSwitchChanges

Determines if changes to the wireless switch setting are permitted or restricted when an administrator password is set.

Possible values:

  • Enabled — Permits the changes to the wireless switch setting when an administrator password is set.
  • Disabled — Restricts the changes to the wireless switch setting when an administrator password is set.
NOTE: Provide the administrator password to be able to change the wireless switch setting. If the Administrator password is not set, this setting has no effect.

Évaluez ce contenu

Précis
Utile
Facile à comprendre
Avez-vous trouvé cet article utile ?
0/3000 characters
  Veuillez attribuer une note (1 à 5 étoiles).
  Veuillez attribuer une note (1 à 5 étoiles).
  Veuillez attribuer une note (1 à 5 étoiles).
  Veuillez indiquer si l’article a été utile ou non.
  Les commentaires ne doivent pas contenir les caractères spéciaux : <>()\