Search code examples
powershellwmibios

Powershell Encoding passing value to WmiMethod

so, I have been scripting some tasks for HP Bios's. There is a Wmi Namespace called HPBIOS_BIOSSettingInterface. It essentially has one methond SetBIOSSetting("Property","Value","CurrentSetupPassword"). The older HP systems only support KBD Encoding, which I wrote a function to encode a string with KDB values, can be found here: http://thomas-malkewitz.webnode.com/news/convert-tokbdstring/ and when setting the setup password value with this encoding, it works, but with new HPs, it only supports UTF-16 (I cannot find if its Big or Little, but have tried both). I keep getting errors when doing this. So, my question, is how can I encoded a string value and pass it to this method. I cannot figure this out for the life of me. here is my function:

<#
.Synopsis
    Sets the Setup Password on an HP Bios.
.DESCRIPTION
    This function can be used to set a password on the Bios, it can also be used to clear the password, the current password is needed to change the value.
    If a new value is being set, and not cleared, it must be between 8 and 30 characters.
.EXAMPLE
    Set-HpSetupPassword -NewSetupPassword "MyNewPassword"
.EXAMPLE
    Set-HpSetupPassword -ComputerName "mycomputer.mydomain.org" -NewSetupPassword " " -CurrentSetupPassword "MyCurrentPassword"
.EXAMPLE
    Set-HpSetupPassword -NewSetupPassword "MyNewSetupPassword" -CurrentSetupPassword "MyCurrentPassword"
.LINKS
    https://github.com/necromorph1024/HPTpmAndBitLocker
#>
function Set-HpSetupPassword
{
    [CmdletBinding()]
    [OutputType([void])]
    Param
    (
        # ComputerName, Type string, System to set Bios Setup Password.
        [Parameter(Mandatory=$false,
                   Position=0)]
        [string]
        $ComputerName=$env:COMPUTERNAME,

        # NewSetupPassword, Type string, The value of the password to be set.  The password can be cleared by using a space surrounded by double quotes, IE: " ".
        [Parameter(Mandatory=$true,
                   Position=1)]
        [string]
        $NewSetupPassword,

        # CurrentSetupPassword, Type string, The value of the current setup password.
        [Parameter(Mandatory=$false,
                   Position=2)]
        [AllowEmptyString()]
        [string]
        $CurrentSetupPassword
    )

    Begin
    {
        if (!(Test-Connection -ComputerName $ComputerName -Quiet -Count 2)) 
        {
            throw "Unable to connect to $ComputerName.  Please ensure the system is available."
        }

        try
        {
            $manufacturer = Get-WmiObject -Class Win32_ComputerSystem -Namespace "root\CIMV2" -Property "Manufacturer" -ComputerName $ComputerName -ErrorAction Stop
            if ($manufacturer.Manufacturer -ne "Hewlett-Packard")
            {
                throw "Computer Manufacturer is not of type Hewlett-Packard.  This cmdlet can only be used on Hewlett-Packard systems."
            }
        }
        catch
        {
            throw "Unable to connect to the Win32_ComputerSystem WMI Namespace, verify the system is avaialbe and you have the permissions to access the namespace."
        }
    }
    Process
    {
        if (-not([String]::IsNullOrWhiteSpace($NewSetupPassword)))
        {
            if (($NewSetupPassword.Length -lt 8) -or ($NewSetupPassword.Length -gt 30))
            {
                throw "The Password Values must be be between 8 and 30 characters if not clearing the password."
            }
        }

        $hpBios = Get-WmiObject -Class HP_BiosSetting -Namespace "root\HP\InstrumentedBIOS" -ComputerName $ComputerName -ErrorAction Stop
        $hpBiosSettings = Get-WmiObject -Class HPBIOS_BIOSSettingInterface -Namespace "root\HP\InstrumentedBIOS" -ComputerName $ComputerName -ErrorAction stop

        if (($hpBios | Where-Object { $_.Name -eq "Setup Password"}).SupportedEncoding -eq "kbd")
        {
            if (-not([String]::IsNullOrEmpty($NewSetupPassword)))
            {
                $NewSetupPassword="<kbd/>"+(Convert-ToKbdString -UTF16String $NewSetupPassword)
            }
            if (-not([String]::IsNullOrEmpty($CurrentSetupPassword)))
            {
                $CurrentSetupPassword="<kbd/>"+(Convert-ToKbdString -UTF16String $CurrentSetupPassword)
            }
        }

        $hpBiosSettings.SetBIOSSetting("Setup Password",$NewSetupPassword,$CurrentSetupPassword)
    }
}

It keeps return 6 which is access denied, which is what I was getting with the older bios's until I created that Convert-KbdString method. I know the password im using is right. But I don't know what encoding is being sent to the WmiMethod. Thanks for any help

here is the GitHub Repo: https://github.com/necromorph1024/HpTpmAndBitLocker

Solution

  • I feel so stupid for even asking this question now. I reviewed my own method, and the string needs to be tagged with the encoding type. and i KNEW this, thats why i append the <kbd/> to the string if it supports that encoding type. So, the <utf-16/> tag just needed to be appending to the start of the string. OMG, sorry for any time i may have wasted!