< Back
Get-SecureBootUEFI
Post
NAME Get-SecureBootUEFI
SYNOPSIS
Gets the UEFI variable values related to Secure Boot.
SYNTAX
Get-SecureBootUEFI [-Name] {PK | KEK | db | dbx | SetupMode | SecureBoot | PKDefault | KEKDefault | dbDefault | dbxDefault | dbt | dbtDefault}
[-OutputFilePath <System.String>] [<CommonParameters>]
DESCRIPTION
The Get-SecureBootUEFI cmdlet gets the UEFI variable values related to Secure Boot which are: SetupMode, SecureBoot, KEK, PK, SignatureDatabase (DB),
and forbidden SignatureDatabase (DBX).
If the computer does not support Secure Boot or is a BIOS (non-UEFI) computer, this cmdlet displays the following:
Cmdlet not supported on this platform.
If the variable does not exist, this cmdlet displays the following:
Variable is currently undefined.
If Windows PowerShell???? is not run in administrator mode, this cmdlet displays the following:
Unable to set proper privileges. Access was denied.
PARAMETERS
-Name <System.String>
Specifies the name of the UEFI environment variable.
Required? true
Position? 2
Default value none
Accept pipeline input? true(ByValue)
Accept wildcard characters? false
-OutputFilePath [<System.String>]
Specifies the output file path of the UEFI environment variable.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
System.String
You can pipe a string that represents the UEFI variable name to this cmdlet.
OUTPUTS
Microsoft.SecureBoot.Commands.UEFIEnvironmentVariable
This cmdlet returns a UEFIEnvironmentVariable object that contains the following properties:
-- Name
-- Bytes
-- Attributes
Example 1: Get information about PK
PS C:\\>Get-SecureBootUefi ????????Name PK | Format-List
Name : PK
Bytes : {161, 89, 192, 165...}
Attributes : NON VOLATILE
BOOTSERVICE ACCESS
RUNTIME ACCESS
TIME BASED AUTHENTICATED WRITE ACCESS
This command gets information about PK from the UEFI variable.
RELATED LINKS
Confirm-SecureBootUEFI
Format-SecureBootUEFI
Get-SecureBootPolicy
Set-SecureBootUEFI
SYNOPSIS
Gets the UEFI variable values related to Secure Boot.
SYNTAX
Get-SecureBootUEFI [-Name] {PK | KEK | db | dbx | SetupMode | SecureBoot | PKDefault | KEKDefault | dbDefault | dbxDefault | dbt | dbtDefault}
[-OutputFilePath <System.String>] [<CommonParameters>]
DESCRIPTION
The Get-SecureBootUEFI cmdlet gets the UEFI variable values related to Secure Boot which are: SetupMode, SecureBoot, KEK, PK, SignatureDatabase (DB),
and forbidden SignatureDatabase (DBX).
If the computer does not support Secure Boot or is a BIOS (non-UEFI) computer, this cmdlet displays the following:
Cmdlet not supported on this platform.
If the variable does not exist, this cmdlet displays the following:
Variable is currently undefined.
If Windows PowerShell???? is not run in administrator mode, this cmdlet displays the following:
Unable to set proper privileges. Access was denied.
PARAMETERS
-Name <System.String>
Specifies the name of the UEFI environment variable.
Required? true
Position? 2
Default value none
Accept pipeline input? true(ByValue)
Accept wildcard characters? false
-OutputFilePath [<System.String>]
Specifies the output file path of the UEFI environment variable.
Required? false
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
System.String
You can pipe a string that represents the UEFI variable name to this cmdlet.
OUTPUTS
Microsoft.SecureBoot.Commands.UEFIEnvironmentVariable
This cmdlet returns a UEFIEnvironmentVariable object that contains the following properties:
-- Name
-- Bytes
-- Attributes
Example 1: Get information about PK
PS C:\\>Get-SecureBootUefi ????????Name PK | Format-List
Name : PK
Bytes : {161, 89, 192, 165...}
Attributes : NON VOLATILE
BOOTSERVICE ACCESS
RUNTIME ACCESS
TIME BASED AUTHENTICATED WRITE ACCESS
This command gets information about PK from the UEFI variable.
RELATED LINKS
Confirm-SecureBootUEFI
Format-SecureBootUEFI
Get-SecureBootPolicy
Set-SecureBootUEFI