Version:
  v1.0.10_1830

________________________________________________________________

Tool:
  secureboot2023_helper.exe

Note:
  This is intended for use with Stone branded client devices containing Asus motherboards.


Recommendations:
  Test in your environment, using a small batch of eligible systems to confirm correct operation.


Usage:
  secureboot2023_helper [-h] [-s] [-y]
  Should be run locally on clients, but this could be incorporated into a script called from a network share, or packaged and pushed out by SCCM/MECM/Intune.

Description:
  Updates the Secure Boot 'KEK' and 'DB' certificate files and sets them as active.
  Important point to consider, this tool does not insert the certificates into the default 'KEK' and 'DB' stores.
  This tool will check for and install 2023 certificates.


Parameters:
  -h, -?
      Displays this help message.
  -s
      Use swap operation instead of update for Secure Boot 'KEK' certificates.
      [IMPORTANT] Secure Boot 'KEK' will be replaced with the new certificate instead of appending it.
  -y
      Automatically suspends BitLocker protection when detected and proceeds without confirmation.

________________________________________________________________

Tool:
  secureboot2023_setup.exe

Note:
  This is intended for use with Stone branded client devices containing Asus motherboards.


Recommendations:
  Test in your environment, using a small batch of eligible systems to confirm correct operation.


Usage:
  secureboot2023_setup [-y]
  Should be run locally on clients, but this could be incorporated into a script called from a network share, or packaged and pushed out by SCCM/MECM/Intune.

Description:
  Installs/Updates the Secure Boot 'KEK' and 'DB' certificate files and sets them as active.
  Important point to consider, this tool is capable of installing certificates in situations where all secure boot certificates have been cleared.
  This tool will check for install 2023 certificates, but will also check for and install 2011 certificates if missing.


Parameters:

  -y     
      Automatically suspends BitLocker protection when detected and proceeds without need for user confirmation.