ipmctl-change-device-security - Changes the DCPMM security lock state
ipmctl set [OPTIONS] -dimm [TARGETS] Lockstate=(Unlocked|Disabled|Frozen) Passphrase=(string)
Changes the data-at-rest security lock state for the persistent memory on one or more DCPMMs.
This command is subject to OS Vendor (OSV) support. It will return
An exception is if the DCPMM is Unlocked Seurity State, then transitioning to Disabled is permitted.
The -ddrt and -smbus options are mutually exclusive and may not be used together.
-o (text|nvmxml), -output (text|nvmxml)
Unlocks device 0x0001.
ipmctl set -dimm 0x0001 LockState=Unlocked Passphrase=""
Unlocks device 0x0001 by supplying the passphrase in the file "mypassphrase.file". In this example, the format of the file would be:
ipmctl set -source myfile.file -dimm 0x0001 LockState=Unlocked Passphrase=""
In order to successfully execute this command:
The command is subject to OS Vendor (OSV) support. If OSV does not provide support, the command may return "Not Supported." An exception is if the DCPMM is Unlocked (via UEFI or OSV tool), then transitioning to Disabled is possible regardless of OSV support.
If an empty string is provided for the passphrase property and the source option is not included, the user will be prompted (once for all DCPMMs) to enter the current passphrase. The passphrase characters are hidden.
Current passphrase: **
For each DCPMM, the CLI will indicate the status of the security state change. If a failure occurs when changing multiple DCPMMs, the process will exit and not continue updating the remaining DCPMMs.
Unlock DIMM (DimmID): Success Unlock DIMM (DimmID): Error (Code) - (Description) Remove passphrase from DIMM (DimmID): Success Remove passphrase from DIMM (DimmID): Error (Code) - (Description)