Activate or unlock the system
Being shipped or encountering tamper events, the server would be in System Lockdown Mode for security. Before operation, the server needs to be activated or unlocked to be able to boot up and go fully functional. Complete the steps in this topic to activate or unlock the system.
If the security LED of the server is blinking, the server is in System Lockdown Mode. Activate or unlock the system for operation. See Front operator panel LEDs and Rear operator panel LEDs to locate the security LED.
System Lockdown Mode Control
ThinkShield Portal: The system can be activated through ThinkShield Key Vault Portal. See Activate the system to activate the system.
XClarity Controller: The system can be unlocked through Lenovo XClarity Controller. See Unlock the system to unlock the system.
When System Lockdown Mode Control status is XClarity Controller, if XClarity Controller is reset to defaults, the default credentials can be used to login to XClarity Controller and unlock the system. It is important to use security controls such as an UEFI PAP to prevent unauthorized users from executing an XClarity Controller reset to defaults. For the highest level of security, it is recommended to set System Lockdown Mode Control to ThinkShield Portal.
Once the System Lockdown Mode Control status is changed to ThinkShield Portal, it cannot be changed back to XClarity Controller.
To set System Lockdown Mode Control to ThinkShield Portal, use Lenovo XClarity Essentials UpdateXpress. See
Upgrading lockdown control mode
section in Lenovo XClarity Essentials UpdateXpress User Guide for the details.
Activate the system
Complete the following steps to activate the system through ThinkShield Key Vault Portal.
Have a Lenovo ID with proper permission
For Lenovo ID setup, see Lenovo ID Setup.
To log in to the Lenovo ThinkShield Key Vault Portal, see ThinkShield Key Vault Portal.
Activation methods
There are different methods to activate the system through ThinkShield Key Vault Portal. Depending on the environment of the server, decide the most suitable way to activate the system.
Mobile App activation
For Mobile App activation method, you will need an Android or iOS based smart phone with cellular data connection. Follow one of the following procedures to complete Mobile App activation:
Connection with the USB cable that came with the smart phone
Connect the power cable to your ThinkEdge SE360 V2.
Download the ThinkShield Edge Mobile Management App from Google Play Store or Apple App Store to your Android or iOS based smart phone (search term: “ThinkShield Edge”).
Log-in to the ThinkShield Edge Mobile Management App using your Organization registered ID.
When App instructs to do so, connect USB cable with USB mobile phone charging cable to the ThinkEdge SE360 V2.
NoteWhen the smart phone prompts for the USB connection purpose, choose data transfer.Follow the “Activate Device” on-screen instructions to complete secure activation of the system.
When activated successfully, ThinkShield Edge Mobile Management App will provide “Device Activated” screen.
NoteFor the detailed steps, see ThinkShield Edge Mobile Management Application User Guide in ThinkEdge Security.
Connection with Bluetooth
NoteSE360 V2 comes with two Bluetooth buttons with LED, one on the front and one on the rear of the node. To locate the Bluetooth buttons, seeFront operator panel LEDs and Rear operator panel LEDs. Connect the power cable to your ThinkEdge SE360 V2.
Download the ThinkShield Edge Mobile Management App from Google Play Store or Apple App Store to your Android or iOS based smart phone (search term: “ThinkShield Edge”).
Make sure to turn on Bluetooth on your smart phone.
Press one of the Bluetooth buttons to enable Bluetooth.
NoteAfter the Bluetooth button is pressed, if SE360 V2 does not pair with any Bluetooth devices within 10 minutes, Bluetooth will be disabled automatically. If necessary, press the Bluetooth button again to enable Bluetooth.Log-in to the ThinkShield Edge Mobile Management App using your Organization registered ID.
Follow the “Activate Device” on-screen instructions to complete secure activation of the system.
NoteFor the detailed steps, see ThinkShield Edge Mobile Management Application User Guide in ThinkEdge Security.When activated successfully, ThinkShield Edge Mobile Management App will provide “Device Activated” screen.
After the system is activated successfully, disable the Bluetooth buttons.
Go to Lenovo XClarity Controller web interface, and click .
Click
to disable the Bluetooth buttons.
Portal automatic activation
NoteTo activate the system throughThinkShield Key Vault Portal web interface for the first time, the system should be claimed by your organization. Machine Type, Serial Number, and Activation Code are required to claim a device. For more information of claiming the device, see ThinkEdge Security. Connect the power cable to your ThinkEdge SE360 V2.
- Connect the XClarity Controller Management Ethernet port to a network that has access to the internet.NoteOutbound TCP port 443 (HTTPS) must be open for activation to occur.
Log in to the ThinkShield Key Vault Portal with your Organization registered ID.
If the server is not claimed by your organization, claim the server. Add the device by clicking the Claim device button in Device Manager. Enter machine type, serial number, and secure activation code in the corresponding fields.
From the Device Manager, select the server you plan to activate and click activate. The status of the server will change to Ready.
Server will be activated within 15 minutes and power on automatically. After successful activation, the status of the server will change to Active on the ThinkShield Key Vault Portal.
Note- If the server activation is not initiated within 2 hours after the power cable plug in, perform a disconnect then re-connect of the power cable to your ThinkEdge SE360 V2.
- For the detailed steps, see ThinkShield Key Vault Portal Web Application User Guide in ThinkEdge Security.
Unlock the system
When System Lockdown Mode Control status is XClarity Controller, if XClarity Controller is reset to defaults, the default credentials can be used to login to XClarity Controller and unlock the system. It is important to use security controls such as an UEFI PAP to prevent unauthorized users from executing an XClarity Controller reset to defaults. For the highest level of security, it is recommended to set System Lockdown Mode Control to ThinkShield Portal. See System Lockdown Mode Control for the details.
Complete the following steps to unlock the system in Lenovo XClarity Controller web interface
- Administrator
- Administrator+
Log in to Lenovo XClarity Controller web interface, and go to .
Press Active button, and then press Apply button. When the status of System Lockdown Mode switches to Inactive, the system is unlocked.