Wednesday, November 19, 2014

Clearing Duplicate Firmware Objects in UEFI BIOS (resolved)

When deploying physical or virtual systems with a UEFI BIOS, at every deployment there will be a bootmgfw.efi file created. This is bad for two reasons: (1) there will be lot of files in the bootstore after a few deployments, (2) on Hyper-V Generation 2 VM's this will be top file in boot order, so PXE boot isn't active at next deployment. That way you need to "Move up" the Network adapter after each deployment. In this blogpost I describe how to edit the bootstore and remove the EFI files. Not that easy if you ask me. At the moment it's not clear to me is this' a bug, or choosen by default?

Warning: Removing entries in the bootstore can disrupt your VM. This because besides of Windows Boot Manager items (bootmgfw.efi) EFI SCSI and Network devices (disk, network) can be removed also!
Let's have a look at the steps needed to free up boot store, these are coming from but there's an error in it:
To view these duplicate entries, use the command: bcdedit /enum firmware
1. Save a copy of the current BCD system store by running the following command: bcdedit /export newbcd
2. Make another backup of the system store, just in case: copy newbcd bcdbackup
3. Enumerate the firmware namespace objects in the BCD system store, saving to a text file: bcdedit /enum firmware > enumfw.txt
4. Open the enumfw.txt file in Notepad, and delete all lines except those with firmware GUIDs.  Delete the {fwbootmgr} and {bootmgr} lines as well – you only want the GUIDs.
5. Rename the edited enumfw.txt file to a command file called enumfw.cmd.
6. Insert the following BCDEDIT command in front of each identifier in the enumfw.cmd file: bcdedit /store newbcd /delete

Let's wait here because the command mentioned is not right. Because of an error you get the message: "The boot configuration data store could not be opened". This because for two reasons: (1) the QUIDs mentioned must be within double-quotes, (2) the /f qualifier is missing (optional).
When using both double-quotes and /f qualifier in the end it's working fine.
No error message this time: "The operation completed successfully"! Let's start edit the bootstore and remove the EFI files furthermore. 
7. Add the following command to the end of the enumfw.cmd file, then save it: bcdedit /import newbcd /clean

Note: The /import /clean option deletes all NVRAM entries and then re-initializes NVRAM based on the firmware namespace objects in the newbcd BCD store.
8.Run the enumfw.cmd file and reboot the system afterwards (optional). This time it will be working fine.

Use bcdedit /enum firmware to verify that the extra entries are gone. Just great that all bootmgfw.efi files are removed now!

Still I would like to know is this' a bug, or choosen by default? In this case I'm using around 10 Virtual Machines (used as Microsoft RDS hosts), but what to do when having many many more VM's? That seems like a lot of work to me? (to be continued)

Clearing Duplicate Firmware Objects in UEFI BIOS
bcdedit: The delete command specified is not valid


  1. Thank you for the post. I have already made the same mistake you have mentioned. Now after restart, it does not detect any boot entry. Please help me. When I switch on my laptop now, it stucks at the lenovo welcome screen. On pressing F2 or F12, it only says "Please wait" and nothing happens. I also fully formatted my hard disk and installed new window by using another laptop. Kindly help me. Your help is really appreciated.

  2. I have made the same mistake using this tutorial

    and now after restart, I am not able to go past Lenovo Screen. Please help me.

    1. Maybe this will help (create partitions yourself)?

  3. Maybe add a note to this posting to leave the GUID's for all non-file EFI options intact? (SCSI controller, Network Adapter, Fibre Channel Adapter)... if they are present at all in newbcd. At first I left all GUID's in the batchfile so I ended up with only a FILE boot option. The second time I edited out the GUID's for the EFI SCSI device and the EFI network so I still had the option to switch to the Network Adapter as the first type in the boot order. Great posting btw.