In regards to drivers and BIOS updates on workstations in your environment, a lot of organizations have held the mindset for many years that ‘If it ain’t broke, don’t fix it!‘. We did too up until we had a Windows Desktop RaaS with Microsoft in 2014.

Blog info: https://blogs.technet.microsoft.com/askcore/2014/02/10/rap-as-a-service-raas-from-microsoft-services-premier-support/

Premier Services site: https://services.premier.microsoft.com/assess?

What we found is that by not managing our driver and BIOS versions, we had no baseline, and there for a very difficult time troubleshooting hardware and performance related issues. Now we inventory our driver information in SCCM, and can report on how we are doing with versions out in our environment. This information is not available out of the box, so it takes a little setup.

Inventoring the Win32_PnpSignedDriver WMI class

This class cannot be inventoried directly, so a custom WMI class must be created and populated

This has been tried before, and not many had luck http://www.systemcentercentral.com/forums-archive/topic/win32_pnpsigneddriver-inventory/ https://blogs.technet.microsoft.com/configmgr_geek_speak/2013/11/10/inventorying-and-reporting-network-adapter-driver-details-and-how-to-report-only-the-wireless-type-with-bonus-mini-primer-on-sql-report-builder-in-configuration-manager-2012/ http://www.myitforum.com/forums/SMS-MOF-file-for-Win32_PnPSignedDriver-m178956.aspx https://social.technet.microsoft.com/Forums/systemcenter/en-US/20e7e3f7-31c0-48f5-9d99-5d2b215bb218/win32pnpsigneddriver-diles-to-add-to-smsdefmof?forum=configmgrgeneral

Special thanks to EASULIN and Sherry Kissinger for providing the bulk of the process and inventory scripts

Like all scripts, they should be written in PowerShell, so I created one for a SCCM Script Compliance Item in PowerShell.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 ## Define new class name and date $NewClassName = 'Win32_PnpSignedDriver_Custom' $Date = get-date ## Remove class if exists Remove-WmiObject $NewClassName -ErrorAction SilentlyContinue # Create new WMI class $newClass = New-Object System . Management . ManagementClass ( "root\cimv2" , [ String ] :: Empty , $null ) $newClass [ "__CLASS" ] = $NewClassName ## Create properties you want inventoried $newClass . Qualifiers . Add ( "Static" , $true ) $newClass . Properties . Add ( "DeviceClass" , [ System . Management . CimType ] :: String , $false ) $newClass . Properties . Add ( "DeviceName" , [ System . Management . CimType ] :: String , $false ) $newClass . Properties . Add ( "DriverDate" , [ System . Management . CimType ] :: DateTime , $false ) $newClass . Properties . Add ( "DriverProviderName" , [ System . Management . CimType ] :: String , $false ) $newClass . Properties . Add ( "DriverVersion" , [ System . Management . CimType ] :: String , $false ) $newClass . Properties . Add ( "HardwareID" , [ System . Management . CimType ] :: String , $false ) $newClass . Properties . Add ( "DeviceID" , [ System . Management . CimType ] :: String , $false ) $newClass . Properties . Add ( "ScriptLastRan" , [ System . Management . CimType ] :: String , $false ) $newClass . Properties [ "DeviceName" ] . Qualifiers . Add ( "Key" , $true ) $newClass . Properties [ "DeviceID" ] . Qualifiers . Add ( "Key" , $true ) $newClass . Put ( ) | Out-Null ## Gather current driver information Get-WmiObject win32_pnpsigneddriver -Property DeviceClass , DeviceName , DriverDate , DriverProviderName , DriverVersion , HardwareID , DeviceID | where { $_ . DeviceClass -ne 'VOLUMESNAPSHOT' -and $_ . DeviceClass -ne 'LEGACYDRIVER' -and $_ . DriverProviderName -ne 'Microsoft' -and $_ . DriverVersion -notlike "2:5*" } | ForEach-Object { ## Set driver information in new class Set -WmiInstance -Namespace root \ cimv2 -class $NewClassName -argument @ { DeviceClass = $_ . DeviceClass ; DeviceName = $_ . DeviceName ; DriverDate = $_ . DriverDate ; DriverProviderName = $_ . DriverProviderName ; DriverVersion = $_ . DriverVersion ; HardwareID = $_ . HardwareID ; DeviceID = $_ . DeviceID ; ScriptLastRan = $Date } | Out-Null } Write-Output "Complete"

A few notes:

A new WMI class Win32_PnpSignedDriver_Custom is created. Edit $NewClassName if you would like to change it.

The custom class is deleted and recreated on each run

The following Properties are inventoried: DeviceClass, DeviceName, DriverDate, DriverProviderName, DriverVersion, HardwareID, DeviceID

The timestamp is inventoried

Feel free to edit the filter for your own organizations needs $_.DeviceClass -ne ‘VOLUMESNAPSHOT’ -and $_.DeviceClass -ne ‘LEGACYDRIVER’ -and $_.DriverProviderName -ne ‘Microsoft’ -and $_.DriverVersion -notlike “2:5*”



Download the Configuration Item CAB here: Script – Windows – PNP Signed Drivers

Once the script has been deployed and ran on a few machines, just connect to WMI and you can add the new Win32_PnpSignedDriver_Custom class to your SCCM hardware inventory.

Reporting on driver versions

Once you have the data in your inventory, you just need to report on it.

The SQL view v_gs_pnp_signed_driver_custom gets created from your hardware inventory and contains all the raw data. Here are a few sample SQL queries:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 -- Raw data select * from v_gs_pnp_signed_driver_custom -- All network drivers list select DeviceClass0 , DeviceName0 , DriverDate0 , DriverProviderName0 , DriverVersion0 from v_gs_pnp_signed_driver_custom where DeviceClass0 = 'NET' -- All LAN network drivers count select DeviceName0 [ Name ] , DriverVersion0 [ Version ] , count ( * ) [ Total ] from v_gs_pnp_signed_driver_custom where DeviceClass0 = 'NET' and DriverProviderName0 in ( 'Broadcom' , 'Intel' , 'Marvell' , 'Microsoft Corporation' , 'Realtek' , 'Realtek Semiconductor Corp.' ) and DeviceName0 not in ( 'ThinkPad OneLink Pro Dock Giga Ethernet' , 'Thinkpad USB 3.0 Ethernet Adapter' , 'Microsoft Windows Mobile Remote Adapter' , 'Remote NDIS based Internet Sharing Device' ) and ( DeviceName0 not like '%Wireless%' and DeviceName0 not like '%WLAN%' and DeviceName0 not like '%Centrino%' and DeviceName0 not like '%WiFi%' ) group by DeviceName0 , DriverProviderName0 , DriverVersion0 order by DriverProviderName0 , DeviceName0 , DriverVersion0 -- All WLAN network drivers count select DeviceName0 [ Name ] , DriverVersion0 [ Version ] , count ( * ) [ Total ] from v_gs_pnp_signed_driver_custom where DeviceClass0 = 'NET' and DriverProviderName0 in ( 'Broadcom' , 'Intel' , 'Marvell' , 'Microsoft Corporation' , 'Realtek' , 'Realtek Semiconductor Corp.' ) and DeviceName0 not in ( 'ThinkPad OneLink Pro Dock Giga Ethernet' , 'Thinkpad USB 3.0 Ethernet Adapter' , 'Microsoft Windows Mobile Remote Adapter' , 'Remote NDIS based Internet Sharing Device' ) and ( DeviceName0 like '%Wireless%' or DeviceName0 like '%WLAN%' or DeviceName0 like '%Centrino%' or DeviceName0 like '%WiFi%' ) group by DeviceName0 , DriverProviderName0 , DriverVersion0 order by DriverProviderName0 , DeviceName0 , DriverVersion0

Here is a look at some of the raw data:

It was asked by a few members of the community what impact this may have on your database, and how large the table may be. My data is below, but you will need to judge for yourself if this would be an impact to your environment.

There are 77,767 unique resource IDs (total clients reporting) in this table in our environment.

TableName SchemaName RowCounts TotalSpaceKB UsedSpaceKB UnusedSpaceKB PNP_SIGNED_DRIVER_CUSTOM_DATA dbo 0 32 32 0 PNP_SIGNED_DRIVER_CUSTOM_DATA dbo 639759 514512 512840 1672 PNP_SIGNED_DRIVER_CUSTOM_DATA dbo 983014 767456 764480 2976 PNP_SIGNED_DRIVER_CUSTOM_DATA_DD SCCM_Ext 911122 40752 40656 96

We use the two LAN and WLAN queries above to create a network driver dashboard to report on how standardized we are. We highlight the current standard versions to quickly see any drift.

The .RDL is tailored for our environment, primarily Intel NICs with a few Broadcom and Realtek, so you may need to customize it for your models. The highlights also are “point in time” choices, and will also need to be modified for your needs.

Network – Workstation Dashboard

Enjoy!