This article addresses the "Not Managed" status of the BIOS password in your devices.
Let's start with what it means, Not Managed means that Boardgent is not able to change the BIOS password of the device due to an error, this error can be an expected error of the BIOS or a logic error of the agent trying to change the password, so we need to start differentiating those errors.
The investigation to detect what causes the error and solve it is the following:
The development team will release a solution to resolve the problem
Check the password configured in the Device group and in the BIOS.
Check the possible passwords the device could have.
Is there a BIOS expected error?
The only error we expect from the BIOS is that the password Boardgent is trying to use is not valid, each brand has its own way to report that the password is not working:
Password Retry count exceeded
You can see the "BIOS response" in the "BIOS or UEFI administrator" section:
The example image shows the BIOS returning an expected error "6"
So, if you see that the "BIOS response" is not one of the above values, it is an unexpected error and you can continue here: Change the BIOS password is returning an unexpected error
If the error is one of the above values, this means that the password Boardgent is trying to use does not match the real BIOS password, in that case, you can continue with Check if the device was managed.
Change the BIOS password is returning an unexpected error
In this case, if the BIOS is not returning the error that the BIOS password does not match, please contact us to let our engineers review this specific case.
To resolve this we will create a meeting where our development team will access the device that is presenting the error with some developer tools, in order to debug and find the logic error that prevents the BIOS password management.
Once the development team had found the error, they will create a solution for this specific case, once the solution is released and deployed, this and all the devices that are having the same error will start the BIOS password management.
Check if the device was managed
In this case, the error that the BIOS returns is an expected error because the password that Boardgent has does not match the password that the BIOS has.
The next step is to check if Boardgent was able to manage the BIOS password at some time, to do it we can check:
The "Last change" value, if this value says "Never", means that Boardgent was not able to manage the password, otherwise, this value should have the last date Boardgent changed the BIOS password.
The password history, clicking on "Reveal History" you can see all the passwords that Boardgent applied in the BIOS, is the history is empty, it means that Boardgent was not able to manage the password, otherwise, there should be at least one password.
The example image shows that Boardgent never managed the BIOS password.
If Boardgent was not able to manage the password, you can continue here: Boardgent was not able to manage the BIOS password
If Boardgent managed the password at some point, you can continue here: Boardgent was able to manage the BIOS password
Boardgent was not able to manage the BIOS password
Now we know that Boardgent hasn't managed the BIOS password before, this is because the initial password, which is the password configured in the group, does not match the password that was configured on the BIOS.
The first validation is to check that the BIOS password configured in the group is the same BIOS password you configured in the BIOS of the device, to do it we will need to navigate to "Device groups", click on "Edit" to edit the group the device belongs to, navigate to the "BIOS or UEFI administrator" section, and check the field "Password before Boardgent":
Example image with "12345678" configured as initial BIOS password
We recommend our customers use numeric passwords as initial BIOS passwords to avoid typos that can prevent Boardgent to start managing the device.
If the password was configured in the group correctly, then we need to validate that the BIOS password in the device is the same password configured in the device group, in the case that the password is different we must set the same password that we configured in the device group to let Boardgent start the management.
IMPORTANT: If you do not know what is the current BIOS password of the device, we cannot recover that password from Boardgent because we never managed that password, in this case, you will need to reset the BIOS to factory default settings, to do it, please contact the vendor of the device.
Boardgent was able to manage the BIOS password
Now we know that Boardgent managed the BIOS password before, so we can recover it, at this moment we will start testing different passwords that could be the right BIOS password, so we will need to restart the device many times, it is important to have the device available physically to perform these tests.
Almost always the problem that causes a correctly managed device just suddenly stopped managing the password is due to human intervention, for example, a technician that formats the computer and also resets the BIOS settings to factory defaults, or restores the BIOS password to the initial password.
Taking in mind the above, we strongly recommend our customers test if the initial password (the password configured in the device group) was configured in the device again.
Once you are sure the password configured in the BIOS is not the initial password, we will need to test all the passwords that appear in the Password history:
Example image with the BIOS password history of a device
It is not normal or expected that you need to validate past passwords to recover access to your device, so typically the Boardgent support team can help you during this step and also check what generated this inconsistency and fix it.
Now, we need to test each one of these passwords in the BIOS of the device, it is very important that you must not test more than 2 passwords after a restart.
This is because some BIOS has a security system that blocks the computer after 3 failed attempts to access the BIOS, so, to prevent this, after testing 2 passwords it is necessary to restart and continue with other 2 passwords and restart the device again.
In the case none of the passwords inside the password history worked, please contact us to help you review the case, it is important to keep the directory installation of Boardgent, or make a backup of it if you are going to format the computer.
Also, it is important to have the availability to restart the device many times during the meeting.