Steps to address Secure Boot issues with Intune
- Login to Windows – Click on Windows Start
- Type System Information
- Click on System Information App
- View System Summary
- Find BIOS Mode and Secure Boot State
- Report values set for both.
If BIOS Mode is not UEFI:
To access the UEFI BIOS settings, you can consult your PC manufacturer’s documentation or follow these instructions:
- Run Settings > Update & Security > Recovery and
- select Restart now under Advanced startup.
- From the next screen, select Troubleshoot > Advanced options > UEFI Firmware Settings > Restart to make changes.
To change these settings, you will need to switch the PC boot mode from one enabled as “Legacy” BIOS (also known as “CSM” Mode) to UEFI/BIOS (Unified Extensible Firmware Interface). In some cases, there are options to enable both UEFI and Legacy/CSM. If so, you will need to choose for UEFI to be the first or only option.
If you are unsure how to make any necessary changes to enable the UEFI/BIOS, we recommend that you check your PC manufacturer’s support information on their website. Here are a few links to information from some PC manufacturers to help get you started:
If Secure Boot State is not “On”
While in the BIOS settings from the previous step, find the Secure Boot setting, and if possible, set it to Enabled. This option is usually in either the Security tab, the Boot tab, or the Authentication tab.
Comments
0 comments
Please sign in to leave a comment.