Skip to main content

Upgrading lockdown control mode

The ThinkEdge server is equipped with the security sensors to detect tamper event, which will also lock down the server in the tamper detection. UpdateXpress supports to upgrade the server lockdown control mode from activating server through XClarity Controller to managing the server through ThinkShield Portal.

Prerequisite:
  • The UpdateXpress application is running on a server installed with a supported operating system. For details of supported operating systems, see Supported operating systems.

  • This function is only supported in the ThinkEdge servers. For details of supported servers, see the ThinkEdge series in Supported server models.

To upgrade the lockdown control mode, do the following:
  1. Launch the UpdateXpress application. See Launching the UpdateXpress application.
  2. In the Welcome window, click Next.
  3. In the Target Server window, select Manage the remote server, input the following information, and click Next.
    • IP address or Host name: BMC IP address or host name of the target system.

    • User Name: BMC user name of the target system.

    • Password: BMC password of the target system.

    • Port: BMC CIM or RSET port number. If users do not input, the default port is used.

    Note
    If users are not intended to check the BMC server certificate, select Accept BMC server's certificate by default, and click Next.
  4. In the Task window, select Configure security features on ThinkEdge server, and click Next.
  5. In the ThinkEdge Server Security Features window, select System Lockdown Control, click Next, select one of the following options to claim or not claim the ownership of the server to ThinkShield Key Valut Portal, and click Next again.
    • Select Yes, I want to claim the server now, go to Step 6.

    • Select No, I want to proceed without claiming server in ThinkShield Key Vault Portal, go to Step 8.

  6. In the Internet Access window, do one of the following:
    • If users have no special requirement for security access, click Test Connection to check the network connection of the target URL, and click Next.

    • If users have more security concerns, configure one or more of the following and click Test Connection:

      • Proxy server: Access to network through an HTTP/HTTPS proxy.

        1. Select Proxy Server, and complete the following fields:

          Proxy TypeThe proxy type of the proxy server.
          IP address or HostnameThe host name, IP address, or domain name of the proxy server.
          PortThe port number of the proxy server.
        2. Select Proxy authentication if credentials must be specified to authenticate to the proxy server, and complete the following fields:

          User NameThe user name for authenticating to the proxy server.
          PasswordThe password for the specified user name.
      • Custom URL security configuration: Access to network through a reverse proxy.

        Select one of the following:
        • Accept target server’s certificate by default

        • Specify the certificate (PEM)

  7. In the Validate ThinkShield Portal Account window, input the organization ID, user name, and password of the ThinkShield Key Vault Portal, and click Validate. After the verification is completed, click Next.
    Note
    The information input should be valid; otherwise, the Next button will not be enabled.
  8. In the System Lockdown Control window, manually input YES, and click OK. After upgrade process is completed, click Next.
  9. In the Finish window, click the log to check the updates, and click Close to exit.