Showing results for 
Search instead for 
Did you mean: 
Paper Tape
Posts: 3
Registered: ‎04-07-2012
Location: slovakia
Views: 6,993
Message 1 of 5

M700/900 - Set Admin BIOS password from SCCM2012

Hi all


i want to set BIOS admin password in deployment from SCCM2012.

I find some clue I don't set password from windows when it is clear (from factory).

We have 5000PC M700/900 don't tell me we need manualy set password on all PC ...


thnx for help



Mod:  edited title to add system type

Community SuperMod
Community SuperMod
Posts: 5,330
Registered: ‎06-26-2008
Location: US
Views: 6,951
Message 2 of 5

Re: M700/900 - Set Admin BIOS password from SCCM2012

Good day.


This question comes up fom time to time.

There are threads that discuss the issue, but IIRC an *initial* BIOS Supervisor password cannot be set by script. It requires physical presence for security purposes. Once a password is set, only then it can be changed by script.


If I've misspoken, or this has recently changed, I hope that more info will be provided by the folks who post in this forum regularly.



Community GuidelinesSearchPrivate MessagingENDEESPTRUUACZ-SKMoto
PM requests for individual support are not answered. If a post solves your issue, please mark it so.

I am not a Lenovo employee.

Lenovo Staff
Lenovo Staff
Posts: 800
Registered: ‎01-16-2010
Location: US
Views: 6,926
Message 3 of 5

Re: M700/900 - Set Admin BIOS password from SCCM2012

As sarbin mentioned it is not possible to set a Supervisor password on a system where one does not exist using scripts under Windows.  Our supervisor password is not a trivial password which can easily be circumvented so you would not want it to be easily set without your knowing it.  This is why we require the additional precaution of physical presence to the machine to set it.


Understanding that it would be a difficult task to manually enter a strong supervisor password on 5k machines, we do provide another way of doing it in a more automated fashion.  From the download page for your system's BIOS you can find some BIOS settings tools:


The Windows BIOS setting tool is a self-extracting executable that includes a utility called "srdos.exe".  As its name implies it is a DOS executable.  As such it requires the system to be booted to an external device such as a USB key which has been configured to be DOS bootable.  This satisfies the physical presence requirement.  You can use a tool such as Rufus (google it) to create such a key.


Note:  The Windows version of this tool (srwin.exe) does not support setting a supervisor password.


You can run srdos.exe from a batch file on that key with a command line that sets a supervisor password.  This will circumvent the need to type in the password manually so you can have better success with strong passwords.  Since we cannot support blasting out a supervisor password to remote machines at this time, this is probably the best alternative.

Fanfold Paper
Posts: 5
Registered: ‎07-25-2016
Location: SK
Views: 6,755
Message 4 of 5

Re: M700/900 - Set Admin BIOS password from SCCM2012

LOL so now i must create DOS USB key and go to everyone PC a boot from USB ???


Fanfold Paper
Posts: 8
Registered: ‎08-08-2016
Location: US
Views: 6,645
Message 5 of 5

Re: M700/900 - Set Admin BIOS password from SCCM2012

Lenovo has BIOS services, where they can configure an inital BIOS password. My issue is, the password must be set in order to turn on DeviceGuard in Windows 10.

Check out current deals!

Shop current deals

Top Kudoed Authors