How to make the F11 key work in your custom Windows 10 image using SCCM

This post is expanding on someotherguy's KB article on how to make the F11 functionality work again if you're deploying a custom image in your environment. As of this post, SCCM Current Branch 1702 will be covered.

With Think products, pressing the F11 key at boot will launch the recovery utilities. This is available if the system's operating system is preloaded from Lenovo. However, most large enterprise customers re-image the systems with a custom image. Once this happens, F11 will no longer work.

As mentioned in someotherguy's KB, an .efi file must be added to the boot folder in the System partition.

Here are the steps to accomplish this:

1. Download the file. Extract the contents to a source directory on your site server.

2. In your console, create a new Package that will contain the .efi file. Do not create a program.

Distribute the Package to your Distribution Points

3. Edit your Task Sequence and create a new group anywhere after the Setup Windows and …


Introduction to DriverGrabberDriverGrabber is a "no install" utility that is aimed at simplifying the task of finding drivers and utilities for Lenovo PC products which an administrator needs to package for delivery through their software deployment solution.  By specifying a Machine Type and an operating system you get a list of available updates which can be selected for downloading. This takes much less time than navigating through the Lenovo support web site.

Beyond just automating the downloading and extracting of packages, DriverGrabber also shows details such as Version, Release date, Extract command, and Silent Install command.  There is even an option to get MD5, SHA-1 and SHA-2 hash values to help verify complete downloads. 
Packages can be selected by clicking the row header.  Hold the Ctrl key down to select multiple packages.  At the bottom of the window specify a download location and then choose to download only or download and extract.  A .CSV file with details…

Using ThinInstaller on Isolated Networks

Lenovo's ThinInstaller utilizes 2 Certificates to verify the signatures of packages during deployment. Currently the client machine must have an active internet connection in order to access the certificate necessary for that verification. If the client machines do not have an active internet connection then the certificates need to be installed into the appropriate local certificate store of the client machines prior to running ThinInstaller.

If ThinInstaller cannot verify the signatures of certain packages, you will see errors in the logs that contain "Signature Verification Failed".

This is useful if your deployments are done on a closed network environment, lab or closed deployment subnet etc.

This document will outline how to download the certificates and deploy them to your client machines during your OSD deployments as a task sequence step using MDT and SCCM.

The certificates are available currently as a downloadable zip file here.

The zip file should contain 3 f…

New Enclosure Types For "Convertible" Laptops

When is a laptop not a laptop?When it's a 2-in-1 convertible device or tablet with attached keyboard.  To this end you may now encounter devices whose Chassis Type is changed from "Notebook" to "Convertible" after a BIOS update.  This change is being driven by the SMBIOS 3.0 Specification which is an industry standard.
So why do we care?  In many cases enterprise admins tasked with deploying new PCs will make a distinction between a Laptop and a Desktop and apply different policies or software accordingly. For a laptop, the Win32_SystemEnclosure class might show a value of 9 (Laptop) or 10 (Notebook) for the ChassisTypes field. If these are the only values used with a WMI query to identify a laptop then you may miss some devices.
With the new SMBIOS 3.0 Specification you would want to add the following: 30 - Tablet31 - Convertible32 - Detachable For example, the new ThinkPad Yoga 370 will have a value of 31 since it can convert from a Notebook form factor to a Tab…

Preparing the TPM for BitLocker Pre-Provisioning in Windows 10 for Think products using SCCM

We have received several inquiries from customers who are moving to Windows 10 that are trying to leverage BitLocker and pre-provisioning during OSD.  Pre-provisioning the disk will encrypt only used space, so when this step executes, the drive will be encrypted before the operating system has been laid down to the client, saving a ton of time.

The catch here is that in order for pre-provisioning to work, a TPM has to be present on the system AND enabled, as stated in the Pre-provision BitLocker step.

With that being said, all Lenovo ThinkPad's are shipped from the factory with the TPM enabled but NOT Active.  If the system runs through a deployment without activating the TPM in BIOS, pre-provisioning will not work.  If you review the OSDOfflineBitlocker.exe section of the smsts.log, you'll see the failure

Here's how to activate the TPM on newly shipped systems in a few simple steps:

1. In your task sequence add a new Group named Configure Security Chip after the disk partitio…

ThinkPad X1 Yoga Dark/Black Screen Issues

ThinkPad X1 Yoga: First 2-in-1 with OLED screen
OLED (Organic Light Emitting Diode) displays are now coming to the ThinkPad X1 Yoga line. These displays offer a wider color range, deeper blacks for which they are well known for, and infinite contrast. As with most new technology, these displays also come with the need for a specific device driver. This panel driver is what allows the graphics subsystem to control elements such as screen brightness.
Problem Summary:Beginning in May of 2016 we added to the X1 Yoga driver pack the PanelDriver.inf for support of our OLED displays on this model. Recently we began to receive feedback in regards to the non-OLED models that either the display brightness keys (F5/F6) do not work to change the brightness or by upgrading to the latest version of the Intel HD Graphics 520 Driver (, the screen will go extremely dim or completely black. The only way to get around this issue and view the contents of the screen is to plug in an external m…