Lenovo ThinkPad T400 (English) Hardware Password Manager Deployment Guide - Page 22

• Remove User: removes a user from the list of users authorized to access a Hardware Password Manager device. • Update Client Policy: saves an updated client policy to the Hardware Password Manager BIOS of the device, replacing the previous policy. • Update Common Hardware Passwords: saves new common hardware passwords to the Hardware Password Manager device; common hardware passwords are valid for all Hardware Password Manager devices managed by the Hardware Password Manager server (see "Updating hardware passwords globally" on page 15). • Update Emergency Account: saves the emergency account credentials to the Hardware Password Manager device; the emergency user name and password can be used to restore the access to a device if the user is unable to log in (see "Updating the emergency account" on page 16). To apply remote actions to Hardware Password Manager devices: 1. Click Remote Actions and Policy Settings in the toolbox (or click Tools ➙ ThinkVantage Hardware Password Manager ➙ Remote Actions and Policy Settings). 2. To apply a remote action to an individual device, drag the device object from the network view to one of these actions: Renew Hardware Account, Restore Hardware Account, Deregister PC, or Update Client Policy. 3. To remove a user, drag the target user onto the Remove User action in the Remote Actions tree. (You can also remove users in the HPM Enrolled Users tool.) 4. To apply an updated client policy to all Hardware Password Manager devices, click the Update Client Policy Globally on the toolbar. Select the policy items you want to change from the Windows Policy and BIOS Policy tabs, and then click OK. See "Updating client policies globally" on page 14 for more information. 5. To apply common passwords to all Hardware Password Manager devices, click Update Common Passwords on the toolbar. Select the checkbox next to each type of password that you want to apply to all Hardware Password Manager devices. To use the same password for all devices, type the password in the text box for the password type you select. If you leave the text box blank, a unique password will be generated for each device. 6. To change the emergency (administrative) account on all Hardware Password Manager devices, click Update Emergency Account on the toolbar. Type a new user name in the text box. To use the same password for all devices, type the password in the text box. If you leave the text box blank, a unique password will be generated for each device. Updating client policies globally You can determine which client policies are applied to all managed Lenovo Hardware Password Manager devices by selecting policies in the Update Client Policy dialog box. The policies you can select include the following OS-level items: • Hardware account equals Windows credentials: the login credentials stored in the hardware account of the Hardware Password Manager BIOS are the same as the user's Windows credentials. • Auto-start registration at Windows logon: when the user logs in to Windows for the first time after the Hardware Password Manager device is managed by the Hardware Password Manager server, the Hardware Password Manager registration will open automatically. When the user logs in to Windows the first time after the Hardware Password Manager device is managed by the Hardware Password Manager server, the Hardware Password Manager registration will open automatically. Logons allowed before forcing registration allows the HPM client portal to be closed the specified number of times at logon time. This supports various deployment scenarios where a technician needs to log on to the machine a number of times prior to delivering to the final end user. • Auto-start user enrollment at Windows logon: Hardware Password Manager enrollment will open automatically when the device is registered and a user that has not been enrolled logs in. 14 Hardware Password Manager Deployment Guide