Lenovo ThinkPad T500 (English) Hardware Password Manager Deployment Guide - Page 40

If the system is still bootable, it is recommended to de-register the system with Hardware Password Manager. This will clear all the hardware passwords from the system. Install the replacement hard disk and the usual Hardware Password Manager deployment process can be followed to prepare for registering the system with Hardware Password Manager again. If the system will not start from the hard disk and has a wired connection to the corporate network, press Esc at the Hardware Password Manager pre-boot log in. Choose to perform an intranet login. You should provide credentials that are associated with the administrator or service tech role. Choose to de-register the system from the menu. This will clear the hardware passwords from the system. If the system will not start from the hard disk and is not connected to the corporate network, press F1 during POST to enter the BIOS Setup Utility. Press Esc when prompted for the Hardware Password Manager Login. Select Manually enter passwords. Enter the SVP that can be retrieved from the console. Press F1 again and enter the Master Password for the hard disk. Select Security and then select Password. Disable the Hardware Password Manager setting. This will clear all hardware passwords. Now enable the Hardware Password Manager setting and press F10 to save and exit the BIOS Setup Utility. Now that the system has been de-registered, a new hard disk can be installed and the usual Hardware Password Manager deployment process can be followed to prepare for registering the system with Hardware Password Manager again. If the replacement hard disk was previously managed by Hardware Password, so it is known to the Hardware Password Manager server and has a HDP set, the HDP must be cleared manually using the BIOS Setup Utility. Press F1 during POST to enter the BIOS Setup Utility. Press Esc when prompted for the Hardware Password Manager Login. Select Manually enter passwords. Enter the SVP that can be retrieved from the console. Press F1 again and enter the Master Password for the hard disk. Select Security and then select Password. Delete both the User HDP and the Master HDP. Press F1 to save and exit. In order to clear the HDP, you should either have the computer name of the device that the hard disk was enrolled in or the HDD ID and the system ID in order to obtain the correct HDP and SVP from the console. The HDD ID and machine ID can be retrieved using a Lenovo supplied Hardware Password Manager DOS utility. After you obtain the HDD ID and machine ID, you can obtain the HDP and SVP using the ThinkManagement Console. Now you can clear the HDP using the BIOS setup. Note: The SVP is not required to clear a HDP for ThinkPad systems. Scenario 9 - Change the hard disk location within a system This scenario occurs when the physical position of hard disk 1 and 2 are swapped on the bus. There is no impact to Hardware Password Manager because hard disk position is not maintained within the HDD instance on the server. Scenario 10 - Remove a hard disk drive When removing a hard disk, the recommended solution is to deregister the system prior to removing the hard disk, and then re-register the system after another hard disk has been installed. This operation will make sure the hard disk that is removed does not have an HDP set. Note: Removing the hard disk without first deregistering will leave an orphaned HDD instance on the server. You can choose to remain such records in case the HDP is ever needed in the future, or clean them up using the ThinkManagement Console. Scenario 11 - Flashing the BIOS This scenario describes the impact to Hardware Password Manager when updating the BIOS with a flash image (applied using a flash utility). Since flash utilities exist in both DOS and Windows, all flash scenarios must be tested with both types of utilities. Although Hardware Password Manager hardware account 32 Hardware Password Manager Deployment Guide