Unified Extensible Firmware Interface (UEFI) Configuration

Summary

Guidelines for configuring UEFI settings on University computers running Windows 10/11

Body

Every UEFI GUI will look different and these are just general points to lookout for. Go through all menu's in the GUI and change any related settings.

HP

  • Escape - get to device configuration menu
  • F10 - edit BIOS settings
  • F9 - boot menu

Dell

  • F12 - boot options

Lenovo

  • F1 - BIOS setup

UEFI Setup

  • Make sure that UEFI boot is enabled and legacy boot disabled
    • DELL: General > Boot Sequence > Boot List Option = UEFI ; Advanced Boot Options > Enable Legacy Option ROMs = unchecked
    • HP: Advanced > Boot Options > UEFI Boot Order = checked, and Legacy Boot Order = unchecked; Network (PXE) Boot = unchecked
    • Lenovo: Start up > Boot mode > Boot mode = UEFI only
  • SATA Operation should be set to AHCI, but only on computers where Windows is being upgraded or re-installed (not applicable to brand new computers)
    • DELL: System Configuration > SATA Operation > SATA Operation = AHCI
    • HP:
    • Lenovo: Devices > ATA Drive Setup > Configure SATA as = AHCI
  • Enable secure boot, if machine supports it
    • DELL:
    • HP: Advanced > Secure Boot Configuration > Configure Legacy Support and Secure Boot = Legacy Support Disable and Secure Boot Enable
    • Lenovo: Security > Secure Boot > Secure Boot = enabled
  • Disable CSM (Compatibility Support Module is something that allows booting in legacy BIOS mode on UEFI systems)
    • DELL:
    • HP:
    • Lenovo: Start up > CSM > CSM = disabled (May not have CSM option on other Motherboards)
  • Disable Fast Boot
    • DELL: POST Behavior > Fastboot > Fastboot =Thorough
    • HP: Advanced > Boot Options > Fast Boot = unchecked
    • Lenovo: Start up > Quick Boot > Quick Boot = disabled
  • Disable CD-ROM Boot
    • DELL:
    • HP: Advanced > Boot Options > CD-ROM Boot = unchecked
    • Lenovo:
  • Disable Network (PXE) Boot
    • DELL: System Configuration> Integrated NIC > Integrated NIC = Enabled (change from default value of "Enabled w/PXE")
    • HP: Advanced > Boot Options > Network (PXE) Boot = unchecked
    • Lenovo:
  • TPM security should be enabled
    • DELL: Security > TPM Security > TPM Security (boxed checked) ; Activate (box checked)
    • HP: Advanced > TPM Embedded Security > TPM Device = Available ; TPM State = checked
    • Lenovo: Security > TCG feature setup > TCG Security feature > TCG Security feature = active (May be TPM on other Motherboards)
  • USB Key Provisioning Support should be enabled
    • HP: Advanced > Remote Management Options > USB Key Provisioning Support = checked

Legacy BIOS Setup on Windows 7 Devices

On older computer that cannot be upgraded to Windows 10/11, apply the following BIOS settings:

  • Disable Fast Boot
  • Disable CD-ROM Boot
  • Disable Network (PXE) Boot
  • Disable Secure boot and Enable after PC is imaged
  • SATA Operation: AHCI

NOTE: Ensure that in the Dell BIOS AHCI is selected and not RAID as RAID is default. If an operating system was installed in a specific SATA operation and then changed later, you will not be able to boot into the OS until the change is reverted.

Details

Details

Article ID: 63220
Created
Fri 9/28/18 4:21 PM
Modified
Wed 11/17/21 9:13 AM