mu icon indicating copy to clipboard operation
mu copied to clipboard

Published 20 hours ago verified publisher icon microsoft

DFCI needs documentation for testing HTTP recovery from the BIOS menu

Open kevindavisinsyde opened this issue 4 years ago • 6 comments

Is there any testing available for the Mu DFCI implementation for a BIOS Vendor?

kevindavisinsyde avatar May 05 '20 02:05 kevindavisinsyde

Hi Kevin, have you taken a look at https://github.com/microsoft/mu_plus/tree/release/202002/DfciPkg/UnitTests ? There is an end-to-end test based upon the open source Robot Framework. However, configuring the automation is not a requirement, inspecting the test source you can build USB keys with shell apps and data to do initial testing. Feel free to ping us on the Teams for faster dialog turnaround.

out0xb2 avatar May 05 '20 16:05 out0xb2

I saw that and was going to point it out to Nick today. Thanks

Kevin D Davis Security Strategist Insyde Software Phone: 503-310-2222

On May 5, 2020, at 11:15 AM, Jeremiah Cox [email protected] wrote:

 Hi Kevin, have you taken a look at https://github.com/microsoft/mu_plus/tree/release/202002/DfciPkg/UnitTests ? There is an end-to-end test based upon the open source Robot Framework. However, configuring the automation is not a requirement, inspecting the test source you can build USB keys with shell apps and data to do initial testing. Feel free to ping us on the Teams for faster dialog turnaround.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.

kevindavisinsyde avatar May 05 '20 19:05 kevindavisinsyde

Hi Jeremiah,

Yes, I integrated DFCI into UEFI firmware and run and pass all test cases in the UnitTests/DfciTests. Before release solution to customer, I also want to verify DFCI through Microsoft Intune, which will communicate with Windows Autopilot services. For using Microsoft Intune, the PCs with DFCI should be registered to the Windows Autopilot service.

My question is how to test DFCI through Microsoft Intune for BIOS vendor. Do I need to register the test PC to Windows Autopilot service ? Or is there any way(for example: set specified Manufacturer/ProductName/SerialNumber) without registration ?

NickWangInsyde avatar May 06 '20 01:05 NickWangInsyde

Hi Nick, Have you tested the manual recovery workflow, where you go to BIOS menu > Management > Recovery > HTTP and performed recovery against test recovery server mikeytbds3 ?
If you want faster turnaround time on discussions, feel free to chat on our Teams channel, I believe you should have an invitation in your inbox.

out0xb2 avatar May 06 '20 18:05 out0xb2

Hi Jeremiah,

Got it. I replied in the Teams DFCI channel. Thank you.

NickWangInsyde avatar May 07 '20 01:05 NickWangInsyde

Changing the title to the next step of testing which is HTTP Recovery, after that, contact us on Teams to discuss the Intune Autopilot testing

out0xb2 avatar May 07 '20 14:05 out0xb2

This issue has been automatically marked as stale because it has not had activity in 45 days. It will be closed if no further activity occurs within 7 days. Thank you for your contributions.

github-actions[bot] avatar Dec 07 '22 23:12 github-actions[bot]

This issue has been automatically been closed because it did not have any activity in 45 days and no follow up within 7 days after being marked stale. Thank you for your contributions.

github-actions[bot] avatar Dec 15 '22 23:12 github-actions[bot]