Confirm SecureBootUEFI - PowerShell


Confirm-SecureBootUEFI verifies the status of Secure Boot on Unified Extensible Firmware Interface (UEFI)-based systems and confirms whether it is enabled or disabled. This command is primarily used to ensure system security and maintain compliance with regulatory requirements.


Confirm-SecureBootUEFI [-ComputerName] <String> [-Credential] <PSCredential>


-ComputerName <String>

  • Specifies the remote computer to connect to. Defaults to the local computer.

-Credential <PSCredential>

  • Specifies the user credentials for connecting to the remote computer. Only available when connecting to a remote system.


Verify Secure Boot Status on Local Computer:


Confirm Secure Boot on Remote Computer with Credentials:

$cred = Get-Credential
Confirm-SecureBootUEFI -ComputerName 'RemotePC' -Credential $cred

Common Issues

  • Access Denied: Ensure you have sufficient privileges to run the command, especially when targeting remote systems.
  • Secure Boot Not Supported: Some systems may not support Secure Boot. Verify the hardware specifications.
  • Unexpected Exit Code: If the command exits with an unexpected code, check the Windows event logs for additional details.


Get-SecureBootUEFIPolicy: After confirming the status, this command can be used to retrieve detailed Secure Boot policy settings.

  • Disable-SecureBootUEFI: Disables Secure Boot on UEFI systems.
  • Enable-SecureBootUEFI: Enables Secure Boot on UEFI systems.
  • Set-SecureBootUEFIPolicy: Configures Secure Boot policy settings.