The Think BIOS Config tool

For a while now Lenovo’s business-class ThinkPad, ThinkCentre and ThinkStation products have offered a WMI BIOS Interface for controlling BIOS settings through scripting.  This was a big improvement over the old DOS-based utilities that were unique per model.  Now everything needed to make changes in settings during a deployment is built into the machine. 

A downside to the WMI approach has been that you have to be fairly skilled with scripting to make use of it and you have to know all the values of the settings you want to set.  In our lab we constantly felt the need for a GUI interface that would show us the current settings, what their possible values are, and allow us to set them on a local or remote machine.  While we were at it we also wanted a solution that would allow us to create a profile of settings that we could apply via command line in a deployment task sequence.

And that’s why we created the Think BIOS Config tool.  It has been created as an HTA so the source code is freely visible so it is clear exactly what the tool is doing.  Also, if you’re so inclined, the tool can be extended and modified to suit your needs.

When launched, you will see it appear and then be replaced by a UAC prompt.  This is one of the challenges with working with an HTA.  The code being executed to access the WMI BIOS interface requires admin level privileges.  To accomplish this with an HTA in a standard and secure way, the HTA re-launches itself to trigger the UAC prompt and the elevation of privileges.

The tool will initially show the BIOS settings of the local system if it is running on a Lenovo product that supports it.  In the image below you can see that the settings are implemented as a series of drop-downs offering the possible values for each setting.


Any changes made will be indicated in red text.  There are buttons at the top and bottom of the settings list that allow you to save the changes in BIOS, reset back to the current settings, or to apply all the Default settings for the targeted machine.

At the top of the tool are some File actions.  The Export Settings button on the right will create a simple .ini text file that captures all of the current settings of the targeted machine.  This file could later be used on the left side of the tool to load in a set of values that you might want to apply. 


The .ini file can also be used in a command line scenario which is useful in a deployment task sequence.  The HTA can be launched in WinPE using an MDT or SCCM boot image without any additions or changes to the boot image.  It can be executed and passed the .ini file to silently set a group of BIOS settings.  There is a user’s guide document included in the .zip for this tool that provides all the details on the command line usage and other features of the tool.

Please try the tool out and let us know how it can be improved.  One item we are working on is driving consistency across the Think Brands.  We are also looking at how to securely support some of the management tasks facing enterprises as they straddle the transition from Windows 7 to Windows 10.  Hopefully more to come on this in the near future.


1.35: Fix for handling 'show only' settings.
1.34: Fix for condition to prevent popup if passwords don't match. Return Code 3 will represent passwords not matching.
1.33: Fix for setting defaults via GUI and command line when password is present
1.32: Fix for password validity check showing during unattended deployment; Fix for reserved WMI settings
1.31: Updated to handle new ThinkCentre models
1.30: Added command line option to disable log file creation
1.28: Added password validity check; Added support for creating a System Deployment Mode password file
1.26: Fixed issue applying config file to machine using plain text SVP
1.25: Fixed bug on no supervisor password applying the first setting from a file.
1.22: Logging. Automatic detection of the supervisor password
1.21:  Fixed issue when running by command line and a duplicate setting is reported from BIOS
1.20:  Bug fix for not showing settings correctly when connecting remotely from laptop to a desktop
1.19:  Bug fix on alarm times; bug fix on password div not disappearing; removed auto-generated key and added button to generate a key; updated picture in guide
1.17:  Bug fix on boot order export when the changes haven't been saved
v1.16:  Added support to change the supervisor password. Added support to create a supervisor password change file
1.15:  Fixed the export of Alarm Time and Date
1.14:  Improved handling of boot order on certain ThinkStation/ThinkCentre models; added version to title
1.11:  Added command line option to change back to default settings - 

Eg. ThinkBiosConfig.hta “default=true” 

Notice: This script is shared AS IS with no implied warranty or support.  If you have questions or suggestions please post a comment to this post.