Upgrading lockdown control mode

The ThinkEdge server is equipped with the security sensors to detect tamper event, which will also lock down the server in the tamper detection. UpdateXpress supports to upgrade the server lockdown control mode from activating server through XClarity Controller to managing the server through ThinkShield Portal.

Prerequisite:

The UpdateXpress application is running on a server installed with a supported operating system. For details of supported operating systems, see Supported operating systems.
This function is only supported in the ThinkEdge servers. For details of supported servers, see the ThinkEdge series in Supported server models.

To upgrade the lockdown control mode, do the following:

Launch the UpdateXpress application. See Launching the UpdateXpress application.
In the Welcome window, click Next.
In the Target Server window, select Manage the remote server, input the following information, and click Next.
- (Setting) IP address or Host name: BMC IP address or host name of the target system.
- (Setting) User Name: BMC user name of the target system.
- (Setting) Password: BMC password of the target system.
- (Setting) Port: BMC CIM or RSET port number. If users do not input, the default port is used.
Note
If users are not intended to check the BMC server certificate, select Accept BMC server's certificate by default, and click Next.
In the Task window, select Configure security features on ThinkEdge server, and click Next.
In the ThinkEdge Server Security Features window, select System Lockdown Control, click Next, select one of the following options to claim or not claim the ownership of the server to ThinkShield Key Valut Portal, and click Next again.
- Select Yes, I want to claim the server now, go to Step 6.
- Select No, I want to proceed without claiming server in ThinkShield Key Vault Portal, go to Step 8.
In the Internet Access window, do one of the following:
- If users have no special requirement for security access, click Test Connection to check the network connection of the target URL, and click Next.
- If users have more security concerns, configure one or more of the following and click Test Connection:
  - Proxy server: Access to network through an HTTP/HTTPS proxy.
    1. Select Proxy Server, and complete the following fields:
      Proxy Type The proxy type of the proxy server.
      IP address or Hostname The host name, IP address, or domain name of the proxy server.
      Port The port number of the proxy server.
    2. Select Proxy authentication if credentials must be specified to authenticate to the proxy server, and complete the following fields:
      User Name The user name for authenticating to the proxy server.
      Password The password for the specified user name.
  - Custom URL security configuration: Access to network through a reverse proxy.
    Select one of the following:
    Accept target server’s certificate by default
    Specify the certificate (PEM)
In the Validate ThinkShield Portal Account window, input the organization ID, user name, and password of the ThinkShield Key Vault Portal, and click Validate. After the verification is completed, click Next.
Note
The information input should be valid; otherwise, the Next button will not be enabled.
In the System Lockdown Control window, manually input YES, and click OK. After upgrade process is completed, click Next.
In the Finish window, click View Log to check the upgrade log, copy and save the commands generated, and click Close to exit.

Give feedback

Proxy Type	The proxy type of the proxy server.
IP address or Hostname	The host name, IP address, or domain name of the proxy server.
Port	The port number of the proxy server.

User Name	The user name for authenticating to the proxy server.
Password	The password for the specified user name.