Testing for BIOS/UEFI fails

Hey all,

I have a script that should be testing if a machine is running on BIOS or UEFI. The script runs, spits out a txt file result, but all machines fail the test connection. However, if I run the test-connection line by itself, and specify a machine, it comes back true. Running the full script, en masse, it fails. What am I missing? I tried turning off a firewall on a pc, I run as admin, and am running on a machine with RSAT installed, Windows 10 v1709 if that matters.
I’ve removed some OU and domain info, but I have verified they’re correct and work,

$ous = 'OU=Computers,OU=(Ou),DC=(domain),DC=com', 
       'OU=Surface,OU=(OU),DC=(domain),DC=com',
       'OU=Advisors & Assistants,OU=(OU),OU=(OU),DC=(domain),DC=com'
$info = foreach ($ou in $ous) {
    foreach ($machine in (get-adcomputer -filter * -searchbase $ou)) {
        if (test-connection $machine -Count 1 -Quiet) {
            invoke-command -ComputerName $machine -ScriptBlock {
                try {
                    Confirm-SecureBootUEFI -ErrorAction Stop
                    Write-Output "'$env:computername' has UEFI"
                }
                catch {
                    Write-Output "'$env:computername' has BIOS"
                }
            }
        }
        else {
            Write-Output "'$machine' is not reachable."
        }
    }
}
$info | out-file "$env:userprofile\desktop\result.txt"

Simplify this down a bit and just make a direct loop call to the AD computers.

(Get-ADComputer -Filter *).Name | 
%{Test-Connection -ComputerName $_ -Count 1 -Quiet
    Try 
    {
        Confirm-SecureBootUEFI -ErrorAction Stop 
        "$env:computername has UEFI"
    }
    Catch
    {
        "$env:computername has BIOS"
    }
}

This gives me this result: (this is my machine)
TABSTL05 has UEFI
True
True
TABSTL05 has UEFI
True
True
TABSTL05 has UEFI
True
True
TABSTL05 has UEFI
False
True

Sooo, you changed my little sample from the AD call to this…

    
    $env:COMPUTERNAME | 
    %{Test-Connection -ComputerName $_ -Count 1 -Quiet
        Try 
        {
            Confirm-SecureBootUEFI -ErrorAction Stop 
            "$env:computername has UEFI"
        }
        Catch
        {
            "$env:computername has BIOS"
        }
    }

The reason for this is that TNC is returning true, as it should if the machine is up. That’s your first one
The second true is coming from Confirm-SecureBootUEFI -ErrorAction Stop.
Then your message.

If you are only looking for true or false in the try/catch. you need handle the output of the other two responses.
So, change this to something like:

    $env:COMPUTERNAME | 
    %{Test-Connection -ComputerName $_ -Count 1 -Quiet  | Out-Null
        Try 
        {
            Confirm-SecureBootUEFI -ErrorAction Stop | Out-Null
            "$_ has UEFI"
        }
        Catch
        {
            "$_ has BIOS"
        }
    }

WS01 has UEFI