Skip to main content

Hide/observe TPM

TPM is enabled by default to encrypt data transfer for system operation. Optionally, you can disable TPM using Unified Extensible Firmware Interface (UEFI) or Lenovo XClarity Essentials OneCLI.

Using UEFI

For details, see Hide TPM from OS in UEFI User Guide at UEFI manual for ThinkSystem server.

Using Lenovo XClarity Essentials OneCLI

To disable TPM, do the following:
  1. Download and install Lenovo XClarity Essentials OneCLI.

    To download Lenovo XClarity Essentials OneCLI, go to the following site:

    XClarity Essentials OneCLI website

  2. Run the following command:

    OneCli.exe config set UEFI.TrustedComputingGroup_TPMDevice "Disabled" --bmc <userid>:<password>@<ip_address>
    where:
    • <userid>:<password> are the credentials used to access the BMC (Lenovo XClarity Controller interface) of your server. The default user ID is USERID, and the default password is PASSW0RD (zero, not an uppercase o)

    • <ip_address> is the IP address of the BMC.

    Example:


  3. Reboot the system.

If you want to enable TPM again, run the following command and reboot the system:
OneCli.exe config set UEFI.TrustedComputingGroup_TPMDevice "Enabled" --bmc <userid>:<password>@<ip_address>
Example: