Contact Us Get Free Products
Search icon Contact Us Get Free Products
PowerBI SCCM/MECM

Monitor Secure Boot Certificates Expiration with Power BI Dashboard

Jonathan LefebvreApril 29 20262 Min Read

Contributor of System Center Dudes. Based in Montreal, Canada, Senior Microsoft SCCM consultant, working in the industry for more than 10 years. He developed a strong knowledge of SCCM and MDT to build automated OS deployment solution for clients, managed large and complexe environment, including Point of Sale (POS) related projects.

Jonathan Lefebvre

Table of Content
Intune SCCM Consulting Services
SCD Collaborators

As part of the series of blog posts about the upcoming SecureBoot certificate expiration, our Team worked on a brand new Power BI report for Configuration Manager with Configuration baselines. Wether your are still using Configuration Manager in standalone mode, or CoManaged, this report can be quite useful to figure out why some devices are having a hard time updating the Secure boot certificate or being fully compliant.

In the blog post, we’ll go over the few steps to get going with our new Secure Boot Certificates Power BI Dashboard.

Secure Boot Certificates Power BI Dashboard

For more details about the Secure Boot Certificates Expiration, refer to our previous related posts.

Prerequisites – Secure Boot Certificates Power BI Dashboard

Import SecureBoot Configuration baseline

Many inventory components are not available via Hardware Inventory by default. Using a baseline with Compliant/non-compliant status is the easiest implementation.

  • Extract the files from the SecureBoot Certificate baseline download
  • In the Configuration Manager console, browse to Asset and Compliance / Compliance Settings / Configuration baseline and click on Import Configuration Data
  • Click on Add, and browse to select ALL .cab files previously extracted.
  • A warning will display about an unknown publisher, click Ok
  • Click next to complete the wizard
  • Once created, deploy the Secure Boot Certificates Configuration baseline
    • Note that the name must remain the same for the report to work properly.
  • Select only the Secure boot certificates baseline, a target collection, and adjust the evaluation schedule to 1 day
    • This baseline does not require Remediate, since it only evaluates for inventory purposes.
  • The baseline is pre-configured to be effective on CoManaged devices as well
  • After a day or 2, look at the Compliance count within the Configuration Manager console.
    • Once the data shows up, continue to the Power BI report section.

Secure Boot Certificates Power BI Dashboard

  • Open the report with Power BI Desktop
  • Accept
Secure Boot Certificates Power BI Dashboard
  • Provide the SQL server for the Configuration Manager and the SQL database
Secure Boot Certificates Power BI Dashboard
  • A prompt for Native Database Query will most probably happen.
  • To prevent this, turn of Require user approval for new native database queries, under Options / Global / Security
Secure Boot Certificates Power BI Dashboard
  • Once completed with the queries
Secure Boot Certificates Power BI Dashboard

Voilà!

More Information

Detailed articles about the Secure Boot DB and DBX variable update events.

For more details about Secure Boot certificate expiration, see this Microsoft TechCommunity post.

We hope this report helps address the various challenges of updating the Secure Boot Certificate.

PowerBI SCCM SecureBoot
SCD Collaborators
Comments (5)

Shogo

05.03.2026 AT 04:25 AM
I have problem with this, got those errors. Windows 10-11 Microsoft SQL: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) Collections Membership Microsoft SQL: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) Computer System Microsoft SQL: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) BIOS Microsoft SQL: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) Secure Boot Certificates Details Microsoft SQL: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) Secure Boot Certificates Compliance Microsoft SQL: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) Secure Boot Certificates Devices Microsoft SQL: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
Hide replies 0

Shailendra Kumar

05.01.2026 AT 02:32 AM
Is this Dashboard also worked for the Windows Server OS ?
Hide replies 0

Shailendra Kumar

04.30.2026 AT 10:38 PM
Can we have sql query or RDL file instead of power BI dashboard
Hide replies 0

Shailendra Kumar

04.30.2026 AT 10:38 PM
Solution
Can we have sql query or RDL file instead of power BI dashboard
Hide replies 0

Shailendra Kumar

04.30.2026 AT 10:38 PM
Can we have sql query or RDL file instead of power BI dashboard
Hide replies 0
Related posts
Jonathan LefebvreApril 30 20262 Min Read
Patch My PC Advanced Insight Secure boot Reporting

As part of the series of blog posts about the upcoming SecureBoot certificate...

SCCM/MECM
Jonathan LefebvreApril 23 20263 Min Read
How to use Patch My PC Cloud Migration feature

Migrating applications from Configuration Manager to Intune can feel like a daunting,...

Intune SCCM/MECM
Marc-Andre ChartrandApril 17 20265 Min Read
How to gather OSD Task Sequence information in SCCM

Overview When a device gets imaged through SCCM, the deployment context, which task sequence...

SCCM/MECM
Request a Quote

Please fill out the form, and one of our representatives will contact you in Less Than 24 Hours. We are open from Monday to Friday.

Consulting Services

Subscription

PatchMyPC

Reports and Guides

I'm interested in working with you

Consulting services and time banks are used for generic requests. All others are fixed-price plans.

Never share sensitive information (credit card numbers, social security numbers, passwords) through this form.
Request Sent

Thank you for subscribing to our newsletter or requesting a quote. You will receive our next month's newsletter. If you have requested a quote, we will get in touch with you as soon as possible.

Comment Sent

Thank for your reply!

Error

Something went wrong!