Lenovo XClarity Essentials OneCLI

User Guide

Version 4.4.0
Note

Before using this information and the product it supports, read the information in Appendix E “Notices” on
page 219.

Thirtieth Edition (February 2024)

© Copyright Lenovo 2018, 2024.

LIMITED AND RESTRICTED RIGHTS NOTICE: If data or software is delivered pursuant to a General Services
Administration (GSA) contract, use, reproduction, or disclosure is subject to restrictions set forth in Contract No. GS-35F-
05925.
Contents

Contents . . . . . . . . . . . . . . . . . i comparedefault command . . . . . . . . . 23

comparepending command . . . . . . . . 24
Tables . . . . . . . . . . . . . . . . . . v show command . . . . . . . . . . . . . 24
showdes command . . . . . . . . . . . 25
About this publication . . . . . . . . . . ix
showdefault command . . . . . . . . . . 27
Who should read this guide . . . . . . . . . . . ix
showgroups command . . . . . . . . . . 28
Conventions and terminology . . . . . . . . . . ix
showvalues command . . . . . . . . . . 29
Publications and related information . . . . . . . . xi
nodes command . . . . . . . . . . . . 30
Supported websites . . . . . . . . . . . . . . xi
Commands that change or set system
configuration settings . . . . . . . . . . . . 31
Chapter 1. Technical overview . . . . . 1
createuuid command . . . . . . . . . . . 31
Chapter 2. Hardware and software delete command . . . . . . . . . . . . 32
requirements . . . . . . . . . . . . . . . 5 loaddefault command . . . . . . . . . . 33
Hardware requirements. . . . . . . . . . . . . 5 set command . . . . . . . . . . . . . . 34
Supported server models . . . . . . . . . . 5 Commands that save, replicate, and restore
configuration settings . . . . . . . . . . . . 35
Server options . . . . . . . . . . . . . . 7
backup command . . . . . . . . . . . . 36
Disk space requirements . . . . . . . . . . 7
batch command . . . . . . . . . . . . . 37
Memory requirements . . . . . . . . . . . 7
replicate command . . . . . . . . . . . 38
Software requirements . . . . . . . . . . . . . 7
restore command . . . . . . . . . . . . 39
Supported operating systems . . . . . . . . 7
save command . . . . . . . . . . . . . 40
Linux System cmd used by OneCLI . . . . . . 8
Commands for certificate management . . . . . 41
Required device drivers . . . . . . . . . . . 8
Using XClarity Essentials OneCLI for
Supported browsers . . . . . . . . . . . . 9 certificate management . . . . . . . . . . 42
Firewalls and proxy servers . . . . . . . . . 9 deletecert command . . . . . . . . . . . 44
Ports availability for the managed BMC, CMM, export command . . . . . . . . . . . . 44
and SMM targets . . . . . . . . . . . . . 9
generate command . . . . . . . . . . . 45
Chapter 3. Downloading and using import command . . . . . . . . . . . . 49
OneCLI . . . . . . . . . . . . . . . . . 11
Chapter 5. Multiple configuration . . . 51
Downloading and using OneCLI on Windows . . . 11
batch command . . . . . . . . . . . . . . 51
Collecting inventory and service data on
Windows . . . . . . . . . . . . . . . . . 12 replicate command . . . . . . . . . . . . . 52
Downloading and using OneCLI on Linux . . . . . 12 restore command . . . . . . . . . . . . . . 52
Collecting inventory and service data on Linux . . . 12 set command. . . . . . . . . . . . . . . . 53
OneCLI applications and commands . . . . . . 13 show command. . . . . . . . . . . . . . . 54
Application and command syntax . . . . . . . . 13
Chapter 6. Inventory. . . . . . . . . . 57
IBM system support . . . . . . . . . . . . . 14
formatlog command . . . . . . . . . . . . . 57
Chapter 4. Configuration . . . . . . . 17 getdevices command . . . . . . . . . . . . 58
Configuration setting . . . . . . . . . . . . . 17 getinfor command . . . . . . . . . . . . . . 59
Instance and non-instance settings . . . . . 17 upload command . . . . . . . . . . . . . . 60
Commands that display configuration settings . . . 19
Chapter 7. Update . . . . . . . . . . . 63
Setting classes . . . . . . . . . . . . . 19
acquire command . . . . . . . . . . . . . . 64
The output of commands that display
configuration settings. . . . . . . . . . . 20 canceltask command . . . . . . . . . . . . 66
Configuring the interactive mode . . . . . . 21 checktask command . . . . . . . . . . . . . 67
compare command . . . . . . . . . . . 22 compare command . . . . . . . . . . . . . 68

© Copyright Lenovo 2018, 2024 i

flash command . . . . . . . . . . . . . . . 73 addhsp command . . . . . . . . . . . . 125
iflash command . . . . . . . . . . . . . . . 77 changemode command . . . . . . . . . . 126
multicompare command . . . . . . . . . . . 79 clear command . . . . . . . . . . . . . 126
multiflash command . . . . . . . . . . . . . 80 ekm command . . . . . . . . . . . . . 127
multiscan command . . . . . . . . . . . . . 81 envol command . . . . . . . . . . . . . 128
scan command . . . . . . . . . . . . . . . 82 fwdeviceorder command . . . . . . . . . 129
startstaged command . . . . . . . . . . . . 83 init command . . . . . . . . . . . . . . 129
makegood command . . . . . . . . . . . 130
Chapter 8. Miscellaneous . . . . . . . 85 makejbod command . . . . . . . . . . . 131
bmcpassword command . . . . . . . . . . . 87 rmhsp command . . . . . . . . . . . . 132
cmos command. . . . . . . . . . . . . . . 88 save command . . . . . . . . . . . . . 133
edgeserver command . . . . . . . . . . . . 89 show command . . . . . . . . . . . . . 134
encrypt command . . . . . . . . . . . . . . 89 rebootbmc command . . . . . . . . . . . . 134
ffdc command . . . . . . . . . . . . . . . 90 rebootcmm command . . . . . . . . . . . . 135
fpusb commands . . . . . . . . . . . . . . 92 rebootiom command . . . . . . . . . . . . . 135
set command . . . . . . . . . . . . . . 92 rebootsmm command . . . . . . . . . . . . 136
status command . . . . . . . . . . . . 93 reseatblade command . . . . . . . . . . . . 136
hddlocate command . . . . . . . . . . . . . 93 reseatcmm command . . . . . . . . . . . . 137
hostinterface command. . . . . . . . . . . . 94 reseatswitch command . . . . . . . . . . . . 137
clear command . . . . . . . . . . . . . 95 restorebmu command . . . . . . . . . . . . 137
logmgr commands . . . . . . . . . . . . . 95 restoresmm command . . . . . . . . . . . . 138
multibmcpassword command . . . . . . . . . 97 rpp commands . . . . . . . . . . . . . . . 138
multiffdc command . . . . . . . . . . . . . 97 assert command . . . . . . . . . . . . 138
multiinventory command . . . . . . . . . . . 99 deassert command . . . . . . . . . . . 139
getinfor command . . . . . . . . . . . . 99 status command . . . . . . . . . . . . 139
multiraid command . . . . . . . . . . . . . 101 serase command . . . . . . . . . . . . . . 140
add command . . . . . . . . . . . . . 101 servicedata command . . . . . . . . . . . . 141
clear command . . . . . . . . . . . . . 102 servicelog command . . . . . . . . . . . . . 141
init command . . . . . . . . . . . . . . 103 smartdata command . . . . . . . . . . . . . 142
makegood command . . . . . . . . . . . 104 smmlan commands . . . . . . . . . . . . . 143
makejbod command . . . . . . . . . . . 105 switchcmm command . . . . . . . . . . . . 144
save command . . . . . . . . . . . . . 106 sysguard command . . . . . . . . . . . . . 144
show command . . . . . . . . . . . . . 107 clearsnapshot command . . . . . . . . . 144
multiospower commands . . . . . . . . . . . 108 syshealth command . . . . . . . . . . . . . 145
boottosetup command . . . . . . . . . . 108 usblan command . . . . . . . . . . . . . . 146
reboot command . . . . . . . . . . . . 109 vm commands . . . . . . . . . . . . . . . 147
state command . . . . . . . . . . . . . 109
turnon command . . . . . . . . . . . . 110 Chapter 9. Diagnostics . . . . . . . . 149
turnoff command . . . . . . . . . . . . 110 run command . . . . . . . . . . . . . . . 149
multiservicedata command . . . . . . . . . . 110
multisyshealth command . . . . . . . . . . . 111 Chapter 10. tui . . . . . . . . . . . . . 151
multivm commands . . . . . . . . . . . . . 112
Chapter 11. The FoD key . . . . . . . 153
ospower command . . . . . . . . . . . . . 113
Commands that generate and acquire the FoD
portctrl commands . . . . . . . . . . . . . 114 key . . . . . . . . . . . . . . . . . . . . 153
all command . . . . . . . . . . . . . . 115 acquire command . . . . . . . . . . . . 153
cim command . . . . . . . . . . . . . 115 Commands that generate, get, replace, and
ipmikcs command . . . . . . . . . . . . 116 upload FoD key information . . . . . . . . . . 154
ipmilan command . . . . . . . . . . . . 116 generate command . . . . . . . . . . . 155
raid command . . . . . . . . . . . . . . . 117 get command . . . . . . . . . . . . . . 156
add command . . . . . . . . . . . . . 124 replace command . . . . . . . . . . . . 156

ii Lenovo XClarity Essentials OneCLI User Guide

 uploadreport command . . . . . . . . . . 157
Commands that install, uninstall, and export the
FoD key, and report the FoD key information . . . 158
export command . . . . . . . . . . . . 158
exportreport command . . . . . . . . . . 159
install command . . . . . . . . . . . . . 160
report command. . . . . . . . . . . . . 161
showppin command . . . . . . . . . . . 162
uninstall command . . . . . . . . . . . . 163
multifod commands . . . . . . . . . . . . . 164
acquire command . . . . . . . . . . . . 164
install command . . . . . . . . . . . . . 165
Chapter 12. RDCLI commands . . . . 167
rdmount . . . . . . . . . . . . . . . . . . 167
rdumount . . . . . . . . . . . . . . . . . 168
Chapter 13. OneCLI scenarios . . . . 169
Auto-completion function . . . . . . . . . . . 169
Acquiring update packages for a target server . . . 169
Changing or recovering UEFI administrator
password . . . . . . . . . . . . . . . . . 169
Changing password of BMC account in security
mode . . . . . . . . . . . . . . . . . . . 170
Changing setting values in security mode. . . . . 170
Collecting system inventory data remotely through
BMC . . . . . . . . . . . . . . . . . . . 171
Enabling/disabling advanced memory test . . . . 171
Remotely updating firmware for multiple BMC . . . 172
Secure data deletion for all data storage
devices . . . . . . . . . . . . . . . . . . 173
Staging firmware to remote server in out-of-band
mode on ThinkSystem V3 . . . . . . . . . . . 174
Staging firmware to local server within host OS on
ThinkSystem V3. . . . . . . . . . . . . . . 175
Setting One Time Boot . . . . . . . . . . . . 175
Setting CPU power capping on ThinkSystem
V3 . . . . . . . . . . . . . . . . . . . . 175
Setting security for ThinkEdge servers . . . . . . 176
Setting XCC cache SED key from remote key
management server . . . . . . . . . . . . . 176
Setting XCC extended audit log . . . . . . . . 177
Setting XCC protective power capping . . . . . . 177
© Copyright Lenovo 2018, 2024
Setting XCC MPFA function . . . . . . . . . . 177
Updating a local server within host OS . . . . . . 177
Updating legacy drive firmware on ThinkSystem
V3 servers (in-band mode). . . . . . . . . . . 178
Updating a remote server . . . . . . . . . . . 178
Viewing and changing the setting value of a remote
server through BMC . . . . . . . . . . . . . 179
Chapter 14. ASU, DSA, and UXSPi
proxy tools . . . . . . . . . . . . . . . 181
ASU proxy tool . . . . . . . . . . . . . . . 181
DSA proxy tool . . . . . . . . . . . . . . . 183
UXSPi proxy tool . . . . . . . . . . . . . . 184
Chapter 15. Troubleshooting and
support . . . . . . . . . . . . . . . . . 189
General limitations. . . . . . . . . . . . . . 189
Config limitations . . . . . . . . . . . . 189
Inventory limitations . . . . . . . . . . . 191
Update limitations . . . . . . . . . . . . 192
Miscellaneous limitations . . . . . . . . . 195
ASU/DSA/UXSPi proxy tool limitations . . . . 195
Return codes . . . . . . . . . . . . . . . . 196
Appendix A. Accessibility features
for OneCLI . . . . . . . . . . . . . . . 209
Appendix B. Examples of OneCLI
commands on SR635/SR655 . . . . . 211
Appendix C. OneCLI features
supported on the ThinkServer/WenTian
servers . . . . . . . . . . . . . . . . . 213
Appendix D. OneCLI global
configuration file . . . . . . . . . . . . 217
Appendix E. Notices . . . . . . . . . . 219
Trademarks . . . . . . . . . . . . . . . . 220
Important notes . . . . . . . . . . . . . . . 220
Index . . . . . . . . . . . . . . . . . . 221
iii
iv Lenovo XClarity Essentials OneCLI User Guide
Tables
1. Commonly used terms . . . . . . . . . . . ix 40. template.xml file variables . . . . . . . . 46
2. OneCLI applications . . . . . . . . . . . . 1 41. import command specific parameters . . . . 50
3. OneCLI global parameters . . . . . . . . . 2 42. Application multiconfig commands . . . . . 51
4. Supported Lenovo systems . . . . . . . . . 5 43. batch command specific parameters . . . . 52
5. Supported IBM systems . . . . . . . . . . 7 44. replicate command specific parameters . . . 52
6. Operating systems supported by OneCLI . . . 7 45. restore command specific parameters. . . . 53
7. Required Internet connections . . . . . . . . 9 46. set command specific parameters . . . . . 53
8. The format of compressed file and self- 47. show command specific parameters . . . . 55
extracting executable file for Windows. . . . 11 48. Inventory application commands . . . . . . 57
9. The format of compressed file and self- 49. formatlog command specific
extracting executable file for Linux . . . . . 11 parameters . . . . . . . . . . . . . . 57
10. OneCLI applications and commands . . . . 13 50. getdevices command specific
11. Commands and parameters supporting IBM parameters . . . . . . . . . . . . . . 58
hardware . . . . . . . . . . . . . . . 14 51. getinfor command specific parameters . . . 59
12. Lenovo XClarity Essentials OneCLI to IBM 52. upload command specific parameters . . . . 61
UXSPi command comparison . . . . . . . 15 53. Update application commands . . . . . . 63
13. Configuration setting components . . . . . 17 54. acquire command specific parameters . . . 64
14. Commands that display configuration 55. canceltask command specific
settings . . . . . . . . . . . . . . . . 19 parameters . . . . . . . . . . . . . . 67
15. Settings classes . . . . . . . . . . . . 20 56. checktask command specific
16. compare command specific parameters . . . . . . . . . . . . . . 68
parameters . . . . . . . . . . . . . . 22 57. compare command specific
17. comparedefault command specific parameters . . . . . . . . . . . . . . 69
parameters . . . . . . . . . . . . . . 23 58. flash command specific parameters . . . . 73
18. comparepending command specific 59. iflash command specific parameters . . . . 78
parameters . . . . . . . . . . . . . . 24 60. multicompare command specific
19. show command specific parameters . . . . 25 parameters . . . . . . . . . . . . . . 79
20. showdes command specific 61. multiflash command specific
parameters . . . . . . . . . . . . . . 26 parameters . . . . . . . . . . . . . . 80
21. showdefault command specific 62. multiscan command specific
parameters . . . . . . . . . . . . . . 27 parameters . . . . . . . . . . . . . . 82
22. nodes command specific parameters . . . . 29 63. scan command specific parameters . . . . 83
23. showvalues command specific 64. startstaged command specific
parameters . . . . . . . . . . . . . . 29 parameters . . . . . . . . . . . . . . 84
24. nodes command specific parameters . . . . 31 65. Miscellaneous (misc) commands . . . . . . 85
25. Commands that change and set 66. bmcpassword command specific
configuration settings . . . . . . . . . . 31 parameters . . . . . . . . . . . . . . 88
26. createuuid command specific 67. cmos command . . . . . . . . . . . . 88
parameters . . . . . . . . . . . . . . 32 68. clear command specific parameters . . . . 89
27. delete command specific parameters . . . . 33 69. edgeserver commands. . . . . . . . . . 89
28. loaddefault command specific 70. encrypt command specific parameters . . . 90
parameters . . . . . . . . . . . . . . 33 71. ffdc command specific parameters . . . . . 90
29. set command specific parameters . . . . . 35 72. fpusb commands . . . . . . . . . . . . 92
30. Commands that save, replicate, and restore 73. set command specific parameters . . . . . 92
a system . . . . . . . . . . . . . . . 36
74. status command specific parameters . . . . 93
31. backup command specific parameters . . . 36
75. hddlocate commands . . . . . . . . . . 94
32. batch command specific parameters . . . . 37
76. hddlocate command specific
33. replicate command specific parameters . . . 38 parameters . . . . . . . . . . . . . . 94
34. restore command specific parameters. . . . 39 77. hostinterface commands . . . . . . . . . 94
35. save command specific parameters. . . . . 40 78. clear command specific parameters . . . . 95
36. Configuration commands for certificate 79. logmgr commands and syntax
management . . . . . . . . . . . . . 41 examples . . . . . . . . . . . . . . . 95
37. deletecert command specific 80. logmgr command specific parameters. . . . 96
parameters . . . . . . . . . . . . . . 44
81. multibmcpassword command specific
38. export command specific parameters . . . . 44 parameters . . . . . . . . . . . . . . 97
39. generate command specific 82. multiffdc command specific parameters . . . 98
parameters . . . . . . . . . . . . . . 45

© Copyright Lenovo 2018, 2024 v

83. multiinventory command . . . . . . . . . 99 127. rebootsmm command specific
84. getinfor command specific parameters . . . 99 parameters . . . . . . . . . . . . . . 136
85. multiraid commands. . . . . . . . . . . 101 128. reseatblade command specific
86. add command specific parameters . . . . . 101 parameters . . . . . . . . . . . . . . 136
87. clear command specific parameters . . . . 102 129. reseatcmm command specific
88. init command specific parameters . . . . . 103 parameters . . . . . . . . . . . . . . 137
89. makegood command specific 130. reseatswitch command specific
parameters . . . . . . . . . . . . . . 104 parameters . . . . . . . . . . . . . . 137
90. makejbod command specific 131. restorebmu command specific
parameters . . . . . . . . . . . . . . 105 parameters . . . . . . . . . . . . . . 138
91. save command specific parameters. . . . . 106 132. restoresmm command specific
92. show command specific parameters . . . . 107 parameters . . . . . . . . . . . . . . 138
93. multiospower commands . . . . . . . . . 108 133. rpp commands . . . . . . . . . . . . . 138
94. boottosetup command specific 134. assert command specific parameters . . . . 139
parameters . . . . . . . . . . . . . . 109 135. deassert command specific
95. reboot command specific parameters . . . . 109 parameters . . . . . . . . . . . . . . 139
96. state command specific parameters . . . . 109 136. status command specific parameters . . . . 139
97. turnon command specific parameters . . . . 110 137. serase command specific parameters . . . . 140
98. turnoff command specific parameters . . . . 110 138. servicedata command specific
parameters . . . . . . . . . . . . . . 141
99. multiservicedata command specific
parameters . . . . . . . . . . . . . . 111 139. servicelog command specific
parameters . . . . . . . . . . . . . . 141
100. multisyshealth command specific
parameters . . . . . . . . . . . . . . 112 140. smartdata command specific
parameters . . . . . . . . . . . . . . 143
101. multivm commands and syntax
examples . . . . . . . . . . . . . . . 112 141. smmlan commands and syntax
examples . . . . . . . . . . . . . . . 143
102. multivm command specific
parameters . . . . . . . . . . . . . . 113 142. smmlan command specific
parameters . . . . . . . . . . . . . . 144
103. ospower commands and examples . . . . . 113
143. switchcmm command specific
104. ospower command specific
parameters . . . . . . . . . . . . . . 144
parameters . . . . . . . . . . . . . . 114
144. sysguard command . . . . . . . . . . . 144
105. portctrl commands . . . . . . . . . . . 115
145. clearsnapshot command specific
106. all command specific parameters . . . . . 115
parameters . . . . . . . . . . . . . . 145
107. cim command specific parameters . . . . . 116
146. syshealth command specific
108. ipmikcs command specific parameters . . . . . . . . . . . . . . 146
parameters . . . . . . . . . . . . . . 116
147. usblan commands and examples. . . . . . 147
109. ipmilan command specific parameters . . . 117
148. usblan command specific parameters . . . . 147
110. raid commands. . . . . . . . . . . . . 117
149. vm commands and syntax examples . . . . 147
111. add command specific parameters . . . . . 125
150. vm command specific parameters . . . . . 148
112. addhsp command specific
151. Diagnostics(diags) command . . . . . . . 149
parameters . . . . . . . . . . . . . . 125
152. run command specific parameters . . . . . 149
113. changemode command specific
parameters . . . . . . . . . . . . . . 126 153. Submenus of OneCLI Interactive
Menu . . . . . . . . . . . . . . . . 151
114. clear command specific parameters . . . . 127
154. Commands that acquire FoD key
115. ekm command specific parameters . . . . . 128
information . . . . . . . . . . . . . . 153
116. envol command specific parameters . . . . 128
155. acquire command specific parameters . . . 153
117. fwdeviceorder command specific
156. Commands that generate, get, replace, and
parameters . . . . . . . . . . . . . . 129
upload FoD key information . . . . . . . . 155
118. init command specific parameters . . . . . 130
157. generate command specific
119. makegood command specific parameters . . . . . . . . . . . . . . 155
parameters . . . . . . . . . . . . . . 131
158. get command specific parameters . . . . . 156
120. makejbod command specific
159. replace command specific parameters . . . 156
parameters . . . . . . . . . . . . . . 132
160. uploadreport command specific
121. rmhsp command specific parameters . . . . 133
parameters . . . . . . . . . . . . . . 157
122. save command specific parameters. . . . . 133
161. Commands that install, uninstall, and export
123. show command specific parameters . . . . 134 the FoD key, and report the FoD key
124. rebootbmc command specific information . . . . . . . . . . . . . . 158
parameters . . . . . . . . . . . . . . 135 162. export command specific parameters . . . . 158
125. rebootcmm command specific 163. exportreport command specific
parameters . . . . . . . . . . . . . . 135 parameters . . . . . . . . . . . . . . 159
126. rebootiom command specific 164. install command specific parameters . . . . 160
parameters . . . . . . . . . . . . . . 136
165. report command specific parameters . . . . 161

vi Lenovo XClarity Essentials OneCLI User Guide

166. showppin command specific
parameters . . . . . . . . . . . . . . 162
167. uninstall command specific
parameters . . . . . . . . . . . . . . 163
168. multifod commands . . . . . . . . . . . 164
169. acquire command specific parameters . . . 165
170. install command specific parameters . . . . 165
171. RDCLI commands . . . . . . . . . . . 167
172. rdmount parameters. . . . . . . . . . . 167
173. Scrip and shell . . . . . . . . . . . . . 169
174. Matrix of ASU and OneCLI commands and
parameters . . . . . . . . . . . . . . 181
175. Matrix of DSA and OneCLI commands and
parameters parameters and . . . . . . . . 183
© Copyright Lenovo 2018, 2024
176. DSA script examples . . . . . . . . . . 184
177. Matrix of UXSPi and OneCLI commands and
parameters . . . . . . . . . . . . . . 185
178. OneCLI common return codes . . . . . . . 196
179. OneCLI config-related return codes . . . . . 198
180. OneCLI update-related return codes . . . . 199
181. OneCLI FFDC-related return codes . . . . . 200
182. OneCLI raid-related return codes. . . . . . 201
183. OneCLI diags-related return codes . . . . . 201
184. OneCLI FoD-related return codes . . . . . 201
185. Mapping table of return codes between
OneCLI V2.3.0 and OneCLI V2.4.0 . . . . . 202
vii
viii Lenovo XClarity Essentials OneCLI User Guide
About this publication
Lenovo XClarity Essentials OneCLI (OneCLI) is a collection of command line applications that facilitate
Lenovo server management by providing functions, such as system configuration, system inventory,
firmware and device driver updates. This guide provides information about how to download and use
OneCLI.

Important:
• The previous umbrella name “ToolsCenter” is replaced by “XClarity Essentials”.
• OneCLI will only support 64-bit operating systems after V2.2.0. V2.1.0 32-bit binaries will be saved on
Web site, so users can download it before running 32-bit operating systems.

Who should read this guide

This guide is for system administrators or other individuals responsible for system administration. Basic
knowledge of system hardware, firmware, device driver, and operating system are required.

Conventions and terminology

Paragraphs that start with a Note, Important, or Attention in bold have specific meanings to highlight key
information:

Note: These notices provide important tips, guidance, or advice.

Important: These notices provide information or advice that might help users avoid inconvenient or difficult
situations.

Attention: These notices indicate possible damage to programs, devices, or data. An attention notice
appears before the instruction or situation in which damage can occur.

The following table provides a description of commonly used terms in the Lenovo XClarity Essentials OneCLI
Users Guide.

Table 1. Commonly used terms

Term Definition
ASU Advanced Setting Utility
A utility that allows users to modify firmware settings from the command line on multiple operating-
system platforms.

BMC Baseboard Management Controller

Standard IPMI compliant device for monitoring system sensors and displaying the data of system
sensors.
BMU Bare Metal Update
An OS environment update mode customized by Lenovo in memory of server.

CDM Common Diagnostic Model

Standard diagnostics subprofile of the CIM specification.

CIM Common Information Model

A standard developed by the Distributed Management Task Force for enterprise level modeling of
computer systems.

© Copyright Lenovo 2018, 2024 ix

Table 1. Commonly used terms (continued)

Term Definition
CIM Object A high level service in the operating system that manages the creation and life cycle of managed
Manager (or object data. The format of managed data conforms to the CIM specification.
CIM broker)

CIM Provider A platform specific management software that interfaces between a CIM object manager and any
lower level platform interfaces.

CMM Chassis Management Module

A Flex System module that allows users to configure and manage all Flex System components that
are installed.
CMPI Common Management Programming Interface
Programming API designed to bridge the differences between multiple CIMOM implementations and
CIM provider APIs.

CNA Converged Network Adapter

An I/O device that combines the functionality of a host bus adapter (HBA) with that of a network
interface controller (NIC).

DSA Dynamic System Analysis

Strategic problem determination tool for data collection, fault detection, and remediation.

fpusb Front panel USB

A OneCLI command that changes the configuration settings of the USB on the front panel of
systems.

Fix-ID Unique identifier for updates

The unique string ID for each software packages to be updated.

FoD Features on Demand

A management software that provides a convenient way for users to order and activate optional
features through the management software web interface.

FFDC First Failure Data Capture.

The FFDC feature instantly collects information about events and conditions that might lead up to a
failure. The captured data in these files can be used to analyze a problem.

HBA Host Bus Adapter

An integrated circuit adapter or circuit board that provides I/O processing and physical connectivity
between a host system and storage devices or a network.

IOM I/O Module

Up to four I/O modules can be installed in the Flex System Enterprise Chassis, including Ethernet
switch modules, Fibre Channel switch modules, Infiniband, and pass-thru modules (optical and
copper).

IPMI Intelligent Platform Management Interface

Industry standard interface for communications between management applications and baseboard
management controllers.

IPMI SEL Intelligent Platform Management Interface System Event Log

A tool that used to view System Event Log (SEL) entries.

iSCSI Internet Small Computer System Interface

An Internet protocol-based storage networking standard for linking data storage devices and
transferring data.

KCS Keyboard Controller Style

An interface that is used between a Baseboard Management Controller and payload processor in
Intelligent Platform Management Interface architecture.

x Lenovo XClarity Essentials OneCLI User Guide

Table 1. Commonly used terms (continued)

Term Definition
KMS Key Management System
A method for activating physical computers or virtual machines on a local network.

LightPath The light emitting diode (LED) indicators on each resource in the target system provide status about
informational and error events, location, and resource faults as well as other immediately required
information.
Multitool The Lenovo service site used to parse inventory logs to html and text views.

OOB Out-of-Band
Pertaining to user-specific data that has meaning only for connection-oriented (stream) sockets. The
server generally receives stream data in the same order that it was sent. OOB data is received
independent of its position in the stream (independent of the order in which it was sent).

PXE Preboot Execution Environment

An industry standard target/server interface that allows networked computers that are not yet
loaded with an operating system to be configured and booted remotely. PXE is based on Dynamic
Host Configuration Protocol (DHCP).

RAS Reliability, Availability, Serviceability

A computer hardware engineering term involving reliability engineering, high availability, and
serviceability design. Computers designed with higher levels of RAS have many features that protect
data integrity and help them stay available for long periods of time without failure.

SMM System Management Module

A management device to provide integrated and remote systems management functions for
ThinkSystem Dense products.

SOL Serial Over LAN

Protocol for enabling serial communication over TCP/IP using standard IPMI commands.

UXSP UpdateXpress System Pack

A package of updates that have been verified to work well together and can be updated together.

UXSPi UpdateXpress System Pack Installer

A XClarity Essentials software application that applies UpdateXpress System Packs (UXSPs) and
individual updates to IBM branded system.

VPD Vital Product Data

Configuration and informational data that is associated with a particular set of hardware or software
and allows for administration from the system or network level, such as, but not limited to serial
number and FRU.

Publications and related information

Online help document and topic collections

For information about the System x and BladeCenter tools, go to the
XClarity Essentials online help site http://sysmgt.lenovofiles.com/help/index.jsp

Publications
For the latest version of the Lenovo XClarity Essentials OneCLI Users Guide, go to:
Lenovo XClarity Essentials OneCLI Web site

Supported websites
This section provides support web resources.

© Copyright Lenovo 2018, 2024 xi

• Lenovo XClarity Essentials OneCLI Web site
Use this Web site to download the Lenovo XClarity Essentials OneCLI tool and documentation.
• Lenovo XClarity Essentials website
Use this Web site to download tools that support Lenovo branded systems. XClarity Essentials products
are also available for download to support IBM branded systems.
• Lenovo Flex System support products and services
Use this Web page to obtain information about Flex System products.
• System x Support website
Use this Web site to obtain information about online product information for servers, storage, and
networking products.
• Lenovo ServerProven
Use this Web site to obtain information about the hardware compatibility of ThinkSystem, Flex, System x
systems and BladeCenter with applications and middleware.
• Lenovo Service and Support
Use this Web site to obtain service and support information for Lenovo products.
• Features on Demand on LenovoPress
Use this Web site to download the Using Lenovo System x Features on Demand publication.

xii Lenovo XClarity Essentials OneCLI User Guide

Chapter 1. Technical overview
Lenovo XClarity Essentials OneCLI (hereinafter referred to as OneCLI) is a consolidated command line
software for managing Lenovo systems. It replaces the previous generation of ToolsCenter tools (Advanced
Settings Utility for system configuration, Online Dynamic System Analysis for system inventory collection,
and UpdateXpress System Pack Installer for firmware and device driver update).

Users can run multiple OneCLI instances on a client operating system to manage multiple servers remotely.

The following table lists the functions and applications supported by OneCLI.

Note: When necessary, OneCLI will automatically enable the disabled CIM-over-HTTPs and IPMI-over-LAN
on BMC, and restore them to the original state before exiting.

Table 2. OneCLI applications

Application Description

• View the current system configuration settings.

config
• Create and change configuration settings for BMC-based systems.

multiconfig Remotely show or change the system configuration for multiple IMM- or XCC-based servers.

multiinventory Acquire system information from multi servers.

• Collect system information for BMC-based systems.

inventory
• Upload inventory results to Lenovo Web site.

• Download firmware and device driver updates.

• Get device inventory information and check for available firmware and device driver updates.
• Check for update packages in the local system folder.
update
• Compare installed and available firmware and device driver versions, recommending updates to
perform.
• Update firmware and device drivers requiring upgrade.

• Encrypt credentials in plain text file.

• Execute the CMOS action.
• Collect the FFDC of BMC/CMM/SMM.
• View or set the configurations of the front panel USB port.
• Manage the system event logs and the BMC event logs.
• Manage the LED status of hard disk drive.
• Manage the host server OS power for single or multiple servers.
• Create, clear, and save the RAID configuration for single or multiple servers.
• Restart BMC/CMM/IOM/SMM.
• Reseat the blades/switch on CMM.
• Restore the BMU status on BMC.
misc • Restore the SMM update progress.
• Disable or enable SMM LAN.
• Switch over CMM.
• Query/enable/disable USB LAN.
• Manage virtual medias on BMC.
• Disk Secure Erase.
• Change BMC password when first login or password expired for single or multiple systems.
• Collect system health information for multiple systems.
• Configure Raid for multiple systems.
• Get disk drive SMART data.
• Query/enable/disable cim/ipmilan/ipmikcs connection.
• Assert/deassert Remote Physical Presence.

© Copyright Lenovo 2018, 2024 1

Table 2. OneCLI applications (continued)

Application Description

diags Run the diagnostics program of the remote server.

tui Launch OneCLI interactive menu.

fod Manage the FoD key.

The following table lists the OneCLI global parameters used in different applications.

Table 3. OneCLI global parameters

Parameter Description

--bmc/imm, -b Specify the access information of the target BMC.

The format is userid:password@host[:port].

If the --bmc parameter is specified, OneCLI runs in out-of-band mode; otherwise, OneCLI runs
in in-band mode.

Note: Both the IPv4 address and the IPv6 address are supported. The IPv6 address shall be
enclosed in brackets. For example, [FE80:3BA7:94FF:FE07:CBD0].

If the IPv6 is Link Local Address (LLA), the format is [FE80:3BA7:94FF:FE07:CBD0%xxx].

Replace xxx with the interface name. If the service processor or the SFTP server connects to
local network of the OS that runs OneCLI, the service processor, the SFTP server, and the OS
shall have the same interface name.
--bmc-cim-port, -p Specify the CIM port for in-band connection with BMC.

--bmc-password, -w Specify the BMC password for in-band mode.

--bmc-rest-port Specify the rest port for in-band connection with BMC.

--bmc-username, -u Specify the BMC user name for in-band mode.

--configfile Specify the file containing credentials in plain text.

The template file is available in Sample/credentials_config.json.

--config Specify the OneCLI configuration file path.

--check-trust, -C Verify the SSL certificate by using the HTTPS protocol, or verify the fingerprint of remote host
by using the SSH protocol.
--cmm, -c Specify the CMM information.

Format: user:password@IP:port

--help, -h Specify the help information.

--never-check-trust, Neither verify the SSL certificate by using the HTTPS protocol, nor verify the fingerprint of
-N remote host by using the SSH protocol.

--node, -n Specify the node index for in-band mode in the multi-node system.

--nolog Run OneCLI without recording log.

--output, -o Specify where OneCLI logs are generated.
If not specified, the logs of each OneCLI command are saved in the corresponding folder. The
format of folder name is logs/Onecli-%PID %-%date%-%time%/.

Note: The arguments of the --output parameter are case-sensitive.

2 Lenovo XClarity Essentials OneCLI User Guide

Table 3. OneCLI global parameters (continued)

Parameter Description

--quiet, -q Answer yes for all questions and display less screen output as required.

--redfish Force to communicate with BMC through Redfish API directly.

--unattended Specify the unattended mode for managing password and sensitive setting values.

Notes:
• For the parameters input:
– The userid can contain the following characters: A-Z, a-z, 0-9, -,_.
– The password can contain the following characters: A-Z, a-z, 0-9, ~`!@#$%^&*()-+={}[]|:;”’<>,?/_.
– The userid and password cannot contain space or white-space characters.
– If the password contains special characters, use "" on Windows and ‘’ on Linux to quote these special
characters.
– If the parameter contains path, the path name should not contain reserved characters.
• To start using OneCLI, see Chapter 3 “Downloading and using OneCLI” on page 11.

Chapter 1. Technical overview 3

4 Lenovo XClarity Essentials OneCLI User Guide
Chapter 2. Hardware and software requirements
Before using OneCLI, review the hardware and software requirements in this section carefully.
Hardware requirements
OneCLI supports all Lenovo x86 systems and some Lenovo ThinkServer systems. It can also act as a proxy
to management IBM system x servers. To run OneCLI, ensure that the systems managed are in one of
following tables.
Supported server models
OneCLI supports the following server models:
Table 4. Supported Lenovo systems
Series
• SE350 V2 (7DA9)
ThinkEdge
• SE360 V2 (7DAM)
• D2 Enclosure (7X20, 7X22, 7X85)
• DX1100U Gateway (7D49)
• DX1100U Performance/Capacity (7D4A)
• DXN2000 Storage (7D5W)
• SD530 (7X21)
• SD530 V3 (7DD3, 7DDA)
• SD550 V3 (7DD2, 7DD9)
• SD555 V3 (7DDM, 7DDN)
• SD630 V2 (7D1K)
• SD650 DWC (7X58)
• SD650 V2 (7D1M)
• SD650–N V2 (7D1N)
• SD650 V3 (7D7M)
• SD650-N V3 (7D7N)
• SD650-I V3 (7D7L)
• SD665 V3 (7D9P)
• SD665-N V3 (7DAZ)
ThinkSystem • SE350 (7D1X, 7D27, 7Z46)
• SN550 (7X16)
• SN550 V2 (7Z69)
• SN850 (7X15)
• SR150/SR158 (7Y54, 7Y55)
• SR250 (7Y51, 7Y52)
• SR250 V2 (7D7R, 7D7Q)
• SR250 V3 (7DCM, 7DCL)
• SR258 V2 (7D7S)
• SR258 V3 (7DCN)
• SR530 (7X07, 7X08)
• SR550 (7X03, 7X04)
• SR570 (7Y02, 7Y03)
• SR590 (7X98, 7X99)
• SR630 (7X01, 7X02)
• SR630 V2 (7Z70, 7Z71)
• SR630 V3 (7D72, 7D73, 7D74)
• SR635 (7Y98, 7Y99)1
© Copyright Lenovo 2018, 2024
Server models
• SE450 (7D8T)
• SE455 V3 (7DBY)
• SR635 V3 (7D9G, 7D9H)
• SR645 (7D2X, 7D2Y)
• SR645 V3 (7D9C, 7D9D)
• SR650 (7D4K, 7X05, 7X06)
• SR650 V2 (7D15, 7Z72, 7Z73)
• SR650 V3 (7D75, 7D76, 7D77)
• SR655 (7Y00, 7Z01)1
• SR655 V3 (7D9E, 7D9F)
• SR665 (7D2V, 7D2W)
• SR665 V3 (7D9A, 7D9B)
• SR670 (7D4L, 7Y36, 7Y37, 7Y38)
• SR670 V2 (7Z22, 7Z23)
• SR675 V3 (7D9Q, 7D9R)
• SR850 (7X18, 7X19)
• SR850 V2 (7D31, 7D32, 7D33)
• SR850 V3 (7D96, 7D97, 7D98)
• SR850P (7D2F, 7D2G, 7D2H)
• SR860 (7X69, 7X70)
• SR860 V2 (7Z59, 7Z60, 7D42)
• SR860 V3 (7D93, 7D94, 7D95)
• SR950 (7X11, 7X12, 7X13)
• SR950 V3 (7DC4, 7DC5, 7DC6)
• ST50 (7Y48, 7Y49)3
• ST50 V2 (7D8J, 7D8K)3
• ST58 V2 (7D8L)3
• ST250 (7Y45, 7Y46)
• ST250 V2 (7D8F, 7D8G)
• ST250 V3 (7DCF, 7DCE)
• ST258 V2 (7D8H)
• ST258 V3 (7DCG)
• ST550 (7X09, 7X10)
• ST558 (7Y15, 7Y16)
• ST650 V2/ST658 V2 (7Z74, 7Z75, 7Z76)
• ST650 V3 (7D7A, 7D7B)
• ST658 V3 (7D7C)
5
Table 4. Supported Lenovo systems (continued)

Series Server models

• DN8848 V2 (7D6A, 7D8U)2 • SR660 V2/SR668 V2 (7D6L)2
• SE550 V2 (7D68)2 • SR860P (7D5D)
ThinkServer
• SR590/SR588 (7D4M) • WH5900 Appliance (7D5V)
• SR588 V2/SR590 V2 (7D53)2

• WA5480 G3/WA5488 G3 (7DE7)2 • WR5220 G3/WR5228 G3 (7D8Y)2

WenTian
• WR3220 G2/WR3228 G2 (7DEC)2

• ThinkAgile VX Series (7D2Z, 7D43, 7DDK,
7Y11, 7Y12, 7Y13, 7Y14, 7Y91, 7Y92,
7Y93, 7Y94, 7Z12, 7Z13, 7Z58, 7Z62,
Solutions 7Z63)
• ThinkAgile MX Series (7D19, 7D1B,
7D1H,7D5R, 7D5S, 7D5T,7D66, 7D67,
7D6B, 7DGG, 7Z20)
• ThinkAgile HX Series (7D0W, 7D0Y, 7D0Z,
7D11, 7D20, 7D2T, 7D52, 7D5U, 7X81,
7X82, 7X83, 7X84, 7Y87, 7Y88, 7Y89,
7Y90, 7Y95, 7Y96, 7Z02, 7Z03, 7Z04,
7Z05, 7Z08, 7Z09, 7Z82, 7Z84, 7Z85)

• HX 3310 Appliance (8693) • x3250 M6 (3633, 3943)

• HX 5510/7510 Appliance (8695)
• nx360 M5 (5465, 5467)
• x240 Compute Node (7162, 2588)
System x
• x240 M5 Compute Node (2591, 9532)
• x280 X6/x480 X6/x880 X6 Compute Node
(4258, 7196)4
• x440 (7167, 2590)
• x3500 M5 (5464)
• x3550 M5 (5463, 8869)
• x3650 M5 (5462, 8871)
• x3750 M4 (8753)
• x3850 X6/x3950 X6 (6241)4

Legacy ThinkServer • RS160 • TS460

• TS150
1. This server model is AMD one socket processor-based server. For the specific commands, refer to Appendix B
“Examples of OneCLI commands on SR635/SR655” on page 211. For this server, OneCLI only supports:
• In-band inventory collection
• BMC/UEFI firmware update
– For the in-band update, BMC 4.44 AMBT26O is required.
– For the out-of-band update, BMC 3.56 AMBT20Q is required.
• In-band adapter firmware and device driver update
• In-band LXPM update on Linux
• BIOS setting configuration and save/restore
• BMC partial setting configuration
• Configuration with batch command
• VPD information update
• Out-of-band FFDC collection
• In-band RAID configuration
2. For supported features and limitations of this server model, refer to Appendix C “OneCLI features supported on
the ThinkServer/WenTian servers” on page 213.
3. OneCLI only supports in-band inventory collection with the OneCLI inventory command in this server model. For
more information, refer to Lenovo XClarity Essentials OneCLI User Guide for ThinkServer.
4. This server model supports both the single node and the multiple node.
Note: The Legacy ThinkServer severs are only supported by OneCLI inventory application in in-band mode. For more
information, refer to Lenovo XClarity Essentials OneCLI User Guide for ThinkServer.

6 Lenovo XClarity Essentials OneCLI User Guide

Table 5. Supported IBM systems

Series Server models

• dx360 M4 server (7912, 7913) • x3250 M5 (5458)
• dx360 M4 Water Cooled server (7918, • x3300 M4 (7382)
7919) • x3500 M4 (7383)
• HS23 (7875, 1929) • x3530 M4 (7160)
• HS23E (8038, 8039) • x3550 M4 (7914)
• nx360 M4 (5455) • x3630 M4 (7158, 7159)
• x220 Compute Node (7906, 2585) • x3650 M4 (7915)
System x • x222 Compute Node (7916) • x3650 M4 BD (5466)
• x240 Compute Node (7863, 8737, 8738, • x3650 M4 HD (5460)
8956) • x3750 M4 (8722, 8733)
• x280 X6/x480 X6/x880 X6 (4259, 7903)1 • x3750 M4 (8752, 8718)
• x440 Compute Node (7917) • x3850 X5 (7145, 7146)
• x3100 M4 (2582) • x3850 X6/x3950 X6 (3837, 3839)1
• x3100 M5 (5457) • x3950 X5 (7143, 7191)
• x3250 M4 (2583)

1. This server model supports both the single node and the multiple node.

Server options
OneCLI supports options provided by the following vendors:

• Broadcom
• Intel
• Marvell
• Mellanox
• Microchip

Disk space requirements

To install OneCLI, the system must have a minimum of 300 MB of disk space.

Memory requirements
It is recommended that OneCLI run on a system with a minimum of 2 GB of physical memory.

Software requirements
The information in this section describes the software requirements of OneCLI.

To run OneCLI, users should have administrator or root-equivalent operating system privileges for in-band
functions running inside server host OS. For remote functions such as update package acquisition, out-of-
band update, non-root account is acceptable.

Supported operating systems

Use the information in this section to identify operating systems supported by OneCLI.

Table 6. Operating systems supported by OneCLI

Operating systems Editions

Microsoft Windows Server 2022 Editions

Windows • Microsoft Windows Server 2022 (x64)
• Azure Stack HCI (Versions 23H2, 22H2, 21H2, 20H2 for ThinkAgile servers)

Chapter 2. Hardware and software requirements 7

Table 6. Operating systems supported by OneCLI (continued)

Operating systems Editions

Microsoft Windows Server 2019 Editions

• Microsoft Windows Server 2019 (x64)

Microsoft Windows Server 2016 Editions

• Microsoft Windows Server 2016 (x64)
• Microsoft Windows Server, version 1709 (x64)
• Microsoft Windows Server, version 1803 (x64)

Microsoft Windows Server 2012 Editions

• Microsoft Windows Server 2012 (x64)
• Microsoft Windows Server 2012 R2 (x64)

Microsoft Windows 10/11 Pro for Workstations, version 21H2/22H2Note 1, 2

Red Hat
• Red Hat Enterprise Linux 9 Server(x64) Editions (up to U3)
• Red Hat Enterprise Linux 8 Server (x64) Editions (up to U9)
• Red Hat Enterprise Linux 7 Server (x64) Editions (up to U9)
Linux
SUSE
• SUSE Linux Enterprise Server 15 (x64) (up to SP5)
• SUSE Linux Enterprise Server 12 (x64) (up to SP5)

• ESXi 6.7
VMware Customized ESXi • ESXi 6.5 (up to U3)
image • ESXi 6.0 (up to U3)
• ESXi 5.5 (up to U3)

• Ubuntu 22.04 LTS

Ubuntu3 • Ubuntu 20.04 LTS
• Ubuntu 18.04 LTS
Notes:
1. OneCLI does not support Hyper-V windows and nano.
2. To ensure OneCLI could successfully run on SR635/SR655, user should install the RNDIS driver and enable
RNDIS driver by following the steps in https://sysmgt.lenovofiles.com/help/topic/tsm/rndis_settings.html. OneCLI did
not support the usblan enable/disable/query commands on SR655 with Win10/11 installed.
3. OneCLI only supports config and BMC-based log collection on Ubuntu.

Linux System cmd used by OneCLI

This section describes the required linux system cmds that OneCLI invokes.

These cmds shall be added to system path probably. Not all of the cmds block OneCLI function, but some
warning messages are print on the screenshot. for example:
• Requires xdpyinfo. Receive message: sh: xdpyinfo: command not found.

The examples of cmds:

• Module-related cmds: modinfo modprobe lsmod
• Network-related cmds: ip ifconfig ethtool route hostname lsmod
• Other cmds: hwinfo cat date diskpart /bin/ps ls lspci xpdyinfo dmidecode

Required device drivers

It is recommended to have the appropriate service processor device drivers installed and running before
running OneCLI. It provides access to additional problem determination information, including the hardware
event logs.

8 Lenovo XClarity Essentials OneCLI User Guide

The following list provides necessary device drivers and utilities when running OneCLI to collect system
information.
• To collect SCSI and USB device information (including diagnostics), the sg driver must be loaded. Run
lsmod and verify that the sg driver is loaded before running OneCLI. If it is not loaded, run modprobe sg.
• To collect Emulex HBA information from a system with Linux host OS, the emulex driver and utility
(corekit) must be installed. Run lsmod and verify that lpfc and lpfcdfc are loaded before running OneCLI.
• To collect Service Processor logs, configuration, and environmental data, the appropriate Service
Processor driver must be installed. These drivers are available to download from: http://www.lenovo.com/
support.
• To update firmware using OneCLI on 64-bit Linux operating systems, the 32-bit compatibility library,
compat-libstdc++, must be installed. Users can use the following command to determine if this library is
installed: rpm -qa | grep compat-libstdc++-296.
• To collect Emulex FC HBA data, the Emulex utility (HBAcmd) must be installed.
• To transfer data collections to the support site using SFTP (by default) or FTP, libcurl must be installed.

Supported browsers
To view the information collected by OneCLI, it is recommended to use one of the following Web browsers:

• Internet Explorer
• Chrome
• Firefox

Firewalls and proxy servers

Some functions of OneCLI, including update acquire, inventory upload, and FoD, require access to the
Internet. Configure the firewall (if any) to enable OneCLI to perform these operations. If the management
server does not have direct access to the Internet, configure XClarity Administrator to use a proxy server.

Ensure that the following DNS names and ports are open on the firewalls:

Table 7. Required Internet connections

OneCLI functions DNS names Ports Protocols

update acquire download.lenovo.com 443 HTTPS
support.lenovo.com 80 HTTP
supportapi.lenovo.com

inventory upload logupload.lenovo.com/BLL/Logupload.ashx 443 HTTPS

80
fod acquire/ fod.lenovo.com/lkms/restapi/service 443 HTTPS
generate/get/ fod.lenovo.com/lkms/angular/app/pages/index.htm#/welcome 80 HTTP
replace

Ports availability for the managed BMC, CMM, and SMM targets
If managed targets (such as compute node/rack server BMC, CMM, or SMM) are behind a firewall and if
users intend to manage those devices with OneCLI that is outside of that firewall, all ports should be involved
with communications between OneCLI and the baseboard management controller in each managed device
are open.

Chapter 2. Hardware and software requirements 9

 Managed target OneCLI case or cmd Ports and protocols

IMM2 Most of OneCLI cases IPMI with 623

CIM over HTTPS with 5989

XCC Most of OneCLI cases IPMI with 623

CIM over HTTPS with 5989

Rest over HTTPS with 443

XCC Raid config SSH with 22

BMC on ThinkServer Raid config Rest over HTTPS with 443

XCC Platform update/secure erase Port forwarding of 6990

BMC on ThinkSystem SR635/SR655 ffdc/config/update IPMI with 623

Rest over HTTPS with 443

SMM All SMM cases IPMI with 623
CMM All CMM cases CIM over HTTPS with 5989

Note: Some management ports can be customized. If users customized the value of a management port
instead of using the default port, and did not specify the customized port in the command-line interface,
OneCLI will try the default port first, which definitely fails. In this case, OneCLI will report an error and use the
default port of another service to acquire the customized port value. This process needs some time and
might cause delay.

10 Lenovo XClarity Essentials OneCLI User Guide

Chapter 3. Downloading and using OneCLI
The topics in this section describe how to download and use OneCLI. OneCLI is packaged as the
compressed file (zip file for Windows and tgz file for Linux), which can be used by being decompressed, be
removed by being deleted, and be upgraded by being replaced with the new files.

From V2.5.0, OneCLI supports to collect the inventory and service data by double-clicking the self-extracting
executable file. This executable file automatically runs the OneCLI command to collect inventory and service
data. After this procedure is completed, it automatically cleans up the files while leaving the execution result
and output log at the default designated directory.

The extracted executable file has the same content as the compressed file. However, self-extracting and
cleaning up at every invocation might bring system overload, so it is not recommended to use this feature at
regular basis. This feature is suitable for the scenario that users have limited time to learn about the OneCLI
parameters or hurry to troubleshoot a failing system.

Lenovo recommends the compressed file for regular usage. Considering the security, it is also
recommended to decompress the files to a directory only accessible to administrative users.

The following tables show the formats of the compressed file and the self-extracting executable file for
Windows and Linux:

Table 8. The format of compressed file and self-extracting executable file for Windows

Operating system Compressed file Self-extracting executable file

Microsoft Windows lnvgy_utl_lxce_oneclixxx-x.x.x_ lnvgy_utl_lxceb_oneclixxx-x.x.x_

winsrv_x86-64.zip winsrv_x86-64.exe

Table 9. The format of compressed file and self-extracting executable file for Linux

Operating system Compressed file Self-extracting executable file

SUSE Linux Enterprise Server Edition lnvgy_utl_lxce_oneclixxx-x.x.x_linux_ lnvgy_utl_lxceb_oneclixxx-x.x.x_

x86-64.tgz linux_x86-64.bin

Red Hat Enterprise Linux Edition lnvgy_utl_lxce_oneclixxx-x.x.x_linux_ lnvgy_utl_lxceb_oneclixxx-x.x.x_

x86-64.tgz linux_x86-64.bin

Notes:
• From V2.6.0, OneCLI provides the RPM package for Red Hat Enterprise Linux 6 and its later versions. By default,
OneCLI RPM is installed in /opt/lenovo/lnvgy-utl-lxce-onecli. After installing OneCLI RPM, users can run OneCLI
by inputting OneCLI.
• To install OneCLI RPM, run rpm –ivh lnvgy_utl_lxce_oneclixxx-x.x.x_linux_x86-64.rpm.
• To update OneCLI RPM, run rpm –Uvh lnvgy_utl_lxce_oneclixxx-x.x.x_linux_x86-64.rpm.

Downloading and using OneCLI on Windows

This section describes how to download and use OneCLI on Windows.

Procedure
Step 1. Download the OneCLI zip file from Lenovo XClarity Essentials OneCLI Web site to the target server or
to the system administrator workstation.
Step 2. Copy the OneCLI zip file to the desired directory.

© Copyright Lenovo 2018, 2024 11

Step 3. Decompress the OneCLI zip file by double-clicking it in Windows file explorer or using a
decompression software.
Step 4. Right-click Windows Command Prompt and select Run as administrator to launch Windows
Command Prompt.
Step 5. Switch to the directory in step 2, and run OneCLi.exe. All options are displayed.

Collecting inventory and service data on Windows

This section describes how to collect inventory and service data on Windows. This procedure might take 15
– 45 minutes. The output result will be stored in the %SystemDrive%\Lenovo_Support directory. By default, %
SystemDrive% is the C drive.

Procedure
Step 1. Download the self-extracting executable file from Lenovo XClarity Essentials OneCLI Web site to the
target server.

Note: The file extension is EXE on the download page.

Step 2. In Windows file explorer, right-click the executable file, and select Run as administrator to launch
the program. The inventory and service data are collected.

Downloading and using OneCLI on Linux

This section describes how to download and use OneCLI on Linux. The procedure is the same for both Red
Hat and SUSE platforms.

Procedure
Step 1. Download the OneCLI zip file from Lenovo XClarity Essentials OneCLI Web site to the target server or
to the system administrator workstation.
Step 2. Copy the tgz file to the desired directory and decompress it by running the following shell
command.
tar -xvf lnvgy_utl_lxce_oneclixxx-xxx.tgz
Step 3. Run ./OneCli. All options are displayed.

Collecting inventory and service data on Linux

This section describes how to collect inventory and service data on Linux. This procedure might take 15 – 45
minutes. The output result will be stored in the /var/log/Lenovo_Support directory.

Procedure
Step 1. Download the self-extracting executable file from Lenovo XClarity Essentials OneCLI Web site to the
target server.

Note: The file extension is BIN on the download page.

Step 2. Run the following shell command to make the file executable.
chmod +x lnvgy_utl_lxceb_oneclixxx-xxx.bin
Step 3. Run the following command to collect inventory and service data.
./lnvgy_utl_lxceb_oneclixxx-xxx.bin

12 Lenovo XClarity Essentials OneCLI User Guide

OneCLI applications and commands
Applications represent major function areas that OneCLI supports. OneCLI currently has the following
applications:

Note: Commands are used with applications. Each application supports a different set of commands.

Table 10. OneCLI applications and commands

Application Command

config • show • nodes • replicate

• showvalues • createuuid • restore
• showdefault • delete • save
• compare • loaddefault • deletecert
• comparedefault • set • export
• comparepending • backup • generate
• showdes • batch • import
• showgroups

multiconfig • batch • restore • show

• replicate • set

inventory • formatlog • getinfor • upload

• getdevices

update • acquire • flash • multiscan

• canceltask • iflash • scan
• checktask • multicompare • startstaged
• compare • multiflash

misc • bmcpassword • multiospower • restorebmu

• cmos • multiservicedata • restoresmm
• edgeserver • multisyshealth • rpp
• encrypt • multivm • serase
• ffdc • ospower • servicedata
• fpusb • portctrl • servicelog
• fwdeviceorder • raid • smartdata
• hddlocate • rebootbmc • smmlan
• hostinterface • rebootcmm • switchcmm
• logmgr • rebootiom • sysguard
• multibmcpassword • rebootsmm • syshealth
• multiffdc • reseatblade • usblan
• multiinventory • reseatcmm • vm
• multiraid • reseatswitch
diags • run

tui N/A
fod • acquire • install • uploadreport
• export • replace • uninstall
• generate • report • multifod
• get • showppin • multiinventory

Application and command syntax

/OneCli <or> OneCli.exe <application> <command> [command option] [connect option]

Note: ./OneCli is for Linux, and OneCli.exe is for Windows.

Chapter 3. Downloading and using OneCLI 13

To run OneCLI application, on a command line, enter the command string and press Enter.

IBM system support

The OneCLI only supports Lenovo systems. However, OneCLI supports redirecting to ToolsCenter products
(ASU/UXSPi/DSA) for IBM systems, but does not supports the update acquire function.

OneCLI supports downloading the update packages from IBM Web site for IBM servers by setting
“ACQUIRE_REPOSITORY=BOTH” in the global.config file. The default value is “NONE”, but users can
download the update packages from both Lenovo and IBM Web sites by setting the value to “BOTH”.

If a OneCLI command is issued against a supported IBM system, it automatically invokes the corresponding
ToolsCenter products (ASU/UXSPi/DSA) according to their binary path specified in OneCLI config file. If
ToolsCenter product paths are not correctly specified, an error message displays, indicating the ToolsCenter
version required by the IBM hardware.

Notes:
• The corresponding ToolsCenter product binary should be available (ASU for configuration, UXSPi for
update, DSA for inventory collection).
• The path to the earlier ToolsCenter version must be specified in the global.config file.
• For commands related to the Advanced Settings Utility (ASU), the ASU binary file must be unzipped
before commands can be directed to it (for example; “unzip lnvgy_utl_asu_asut90e-10.*_windows_x86-
64.exe”). The full path to the location where the ASU executable main program, must then be specified (for
example; “C:\asu_bin\asu64.exe”) in the global.config file.

OneCLI commands that support translation to earlier ToolsCenter versions for use with IBM products are
listed in the following.

Table 11. Commands and parameters supporting IBM hardware

Application Commands Parameters

• batch • replicate
• comparedefault • restore
• createuuid • save
• delete • set
• deletecert • show
config N/A
• export • showdefault
• generate • showdes
• import • showgroups
• loaddefault • showvalues
• nodes
• getinfor • upload • --output <dir> • --ffdc
• formatlog • --srcdata <file> • --hldec
inventory • --upload multitool • --proxy user:
• --htmlreport pwd@addr:port
• --bmc
• compare • flash • --backup • --scope
• --type • --noscan
• --forceid • --xml
update
• --dir • --esxi
• --excludeid • --mt
• --includeid •

Lenovo XClarity Essentials OneCLI to IBM UXSPi command comparison

14 Lenovo XClarity Essentials OneCLI User Guide

The following table compares commands and parameters used by the Lenovo XClarity Essentials OneCLI
and IBM UXSPi tools.

Table 12. Lenovo XClarity Essentials OneCLI to IBM UXSPi command comparison

XClarity
Essentials
OneCLI XClarity Essentials
Command OneCLI parameter UXSPi command UXSPi parameter

acquire acquire The XClarity Essentials OneCLI

acquire command is not platform-
dependent, so no command
mapping is required.
scan Not supported.
compare --scanxml compare Not supported.
--noscan --noinventory

--backup --update-args="IMM:--user=userid
--password=pwd,UEFI:--backup"

--disable-imm-lan Not supported.

--mt -m type, --machine-type=type
--ostype Not supported.

--osarch Not supported.

--queryxml Not supported.

--comparexml Not supported.

--type fw -F, --firmware

--type dd -D, --drivers

--scope Latest -L, --latest

--scope UXSP/Default Default (UXSP)

--includeid -i update-ids, --include=update-ids

--excludeid -e update-ids, --exclude=update-ids

--forceid -f update-ids, --force=update-ids,-o

update-ids
Note: The -o parameter works only
with device drivers and has no
functional impact on firmware.

--dir -l UXSP, --local=UXSP

--esxi --vmware-esxi=url
--output Not supported

--log Not supported.

--bmc Not supported.

flash --scanxml flash Not supported.

--noscan --noinventory

Chapter 3. Downloading and using OneCLI 15

Table 12. Lenovo XClarity Essentials OneCLI to IBM UXSPi command comparison (continued)

XClarity
Essentials
OneCLI XClarity Essentials
Command OneCLI parameter UXSPi command UXSPi parameter

--backup --update-args="IMM:--user=userid
--password=pwd,UEFI:--backup"

--disable-imm-lan Not supported.

--ostype Not supported.

--osarch Not supported.

--queryxml Not supported.

--comparexml Not supported.

--type fw -F, --firmware

--type dd -D, --drivers

--scope Latest/Individual -L, --latest

--scope UXSP/Default Default (UXSP)

--includeid -i update-ids, --include=update-ids

--excludeid -e update-ids, --exclude=update-ids

--forceid -f update-ids, --force=update-ids,-o

update-ids
Note: The -o parameter works only
with device drivers and has no
functional impact on firmware.

--dir -l UXSP, --local=UXSP

--esxi --vmware-esxi=url
--output Not supported.

--xml --xml
--log Not supported.

--bmc Not supported.

Example of IBM script support

OneCli.exe update flash --dir c:\ --scope individual --includeid ibm_fw_dsa_dsala7o-9.63_anyos_32-64

16 Lenovo XClarity Essentials OneCLI User Guide

Chapter 4. Configuration
The topics in this section describe how to use the Lenovo XClarity Essentials OneCLI config application and
commands to view the current system configuration settings and modify BMC, UEFI and I/O settings. The
saved configuration information can be used to replicate to another system or restore to current system. The
config application also manages system certification.

For information about specific config application commands, refer to the following sections:
• “Commands that display configuration settings” on page 19
• “Commands that change or set system configuration settings” on page 31
• “Commands that save, replicate, and restore configuration settings” on page 35
• “Commands for certificate management” on page 41
• Chapter 5 “Commands for application multiconfig” on page 51

Configuration setting
A configuration setting has three components: groupname, configname, and instance.

configuration setting format

<groupname>.<configname>.[instance]

This table provides a description of the configuration setting components.

Table 13. Configuration setting components

Component Required/Optional Description

groupname Required • Required for all settings.
• Unique identifier of a group; cannot be duplicated.
• Use the showgroup command to view all of the supported groups
in an instance.
configname Required • Required for all settings.
• Unique identifier of a configuration name; cannot be duplicated
within a group, but can be duplicated in different groups.

instance Optional • The instance ID of a setting instance.

• Values start from 1 and are in an ascending order.
• For more information, see “Instance and non-instance settings” on
page 17.

Instance and non-instance settings

An instance setting includes the [.instance] component, otherwise it is considered a non-instance setting. An
instance setting requires an instance ID.

Instance settings have a minimum and maximum number of allowed instances. To determine which settings
have instances and the number of instances allowed, use the showvalues command with the --instances
parameter. The output provides the number of instances.

Single instance settings do not have an instance number and appear as a non-instance setting. The output of
the showvalues command has the maximum number of instances as single. For example, the iSCSI.
initiatorName is a single instance setting.

© Copyright Lenovo 2018, 2024 17

Users can use the show or set commands for single instance settings. This list provides some examples of
single instance settings/non-instance settings:
• IMM.HttpPortControl
• IMM.RetryLimit
• IMM.LanOverUsbIMMIP
• IMM.NetworkSettingSync
• SYSTEM_PROD_DATA.SysInfoProdName
• AdvancedRAS.MachineCheckRecovery
• SystemRecovery.POSTWatchdogTimer
• Processors.TurboMode

If there are multiple instances, the settings will be shown multiple times. Multiple instances can be viewed
using the show command. For example, if there are three user accounts in a BMC system, then users will see
three loginid settings as shown in the following list.
• IMM.Loginid.1
• IMM.Loginid.2
• IMM.Loginid.3

However, if a BMC system has no user account, the show command will not display anything.

Other instance settings include the following examples:

• IMM.UserAccountManagementPriv.1
• IMM.Community_Name.1
• IMM.RemoteConsolePriv.1
• iSCSI.AttemptName.1
• VPD.CompVPD_PartNumber.1
• PXE.NicPortPxeMode.1

Creating and deleting instances

This topic describes how to create and delete instances.

There are restrictions for creating and deleting instances of settings that are part of a record. For more
information about these restrictions, see “Record management” on page 18.
To create an instance, use the set command. If an instance does not exist, and the instance number is
between 1 and the maximum number of allowed instances, the instance is automatically created and set to
the value specified in the set command.
To delete an instance, use the delete command. This command deletes an instance, if deleting the instance
does not cause the number of instances for that setting to go below the minimum number of allowed
instances for the setting.

Record management
Settings that have instances can be part of a record. A record is a group of settings that have dependencies
on each other. For example, a user ID and a password are dependent on each other. A user ID must have a
password and a password must have a user ID. Therefore, they are grouped in the same record.

Each record has a setting that is defined as the record key. It represents the primary setting for a record.

Settings that are part of a record are marked as:

• recordKey, if the setting is the record key, or
• recordKey=key_name, if the setting is part of a record but is not the key

Use the showvalues command with the --instances parameter to determine if a setting is part of a record.
To see examples of the showvalues output for settings that are part of a record, see “showvalues command”
on page 29.

18 Lenovo XClarity Essentials OneCLI User Guide

All of the settings in a record are created or deleted as a group. To create an instance of a record, users must
first perform a set on the key setting of that record. This automatically creates an instance and sets it to the
default value for all of the other settings in that record. For more information about creating or deleting a
setting instance, see “Creating and deleting instances” on page 18 and “set command” on page 34.

Commands that display configuration settings

The topics in this section provide detailed information about how to use the config application and
commands to display different aspects of the system configuration settings.

Table 14. Commands that display configuration settings

Command Description
compare Compare the current values with the specified values for one or more settings.

For more information, refer to “compare command” on page 22.

comparedefault Compare the default and the current setting values.

For more information, refer to “comparedefault command” on page 23.

comparepending Compare the current values and the pending values.

For more information, refer to “comparepending command” on page 24.

show View the value of one or more settings.

For more information, refer to “show command” on page 24.

showdes View the details of settings.

For more information, refer to “showdes command” on page 25.

showdefault View the default setting values.

For more information, refer to “showdefault command” on page 27.

showgroups Display groups of settings.

For more information, refer to “showgroups command” on page 28.

showvalues Display possible setting values.

For more information, refer to “showvalues command” on page 29.

nodes Obtain nodes.

For more information, refer to “nodes command” on page 30.

Setting classes
Classes are used to indicate groups of settings for commands that support functionality for multiple settings.

Commands that support classes include: show, showvalues, showdefault, comparedefault, showdes, and
loaddefault.

This table lists setting classes and their descriptions.

Chapter 4. Configuration 19
Table 15. Settings classes

Class Description Example

all Includes all of the settings.

All of the settings classified as authentication settings, This example lists the settings defined by
including: authentication, including password settings.
• passwords Password settings are not displayed unless
authenti-
• userIDs the showvalues command is used with the
cation
• authority-related settings password class.
OneCli.exe config showvalues
authentication
• Lists all of the settings that are not restored when This example lists the settings that are not
running the restore command. restored if saved.
• An additional flag is required for these settings to be OneCli.exe config show backupctl
back-
included during a restore operation. For more
upctl
information, see “restore command” on page 39.
• Class filter for the show, showvalues, and
showdefault commands.
• Lists all of the settings that are not replicated when This example lists the settings that are not
running the replicate command. These settings are replicated.
norepli-
unique to each system. OneCli.exe config show noreplicate
cate
• Class filter for the show, showvalues, and
showdefault commands.
• Lists all of the settings that are classified as password This example list the settings defined by the
settings. password settings. Password settings are
pass- • Password setting values are not displayed using the displayed with the showvalues command
word show command. and the password class.
• Use the password class with the showvalues and the OneCli.exe config showvalues password
showdefault commands.
• Includes all of the settings that are read-only.
readonly
• These settings cannot be change.

• Includes all of the settings that are write-only.

writeonly • These settings can be changed but cannot be read, for
example, passwords.

The output of commands that display configuration settings

The format of most outputs is: %settingname%=%settingvalue%. For example:
• IMM.SMTP_Authentication=Disabled
• IMM.SMTP_UserName=

Note: The value is empty string “”.

The following are some examples of the output of the showvalues command:
• IMM.PowerRestorePolicy=Always Off=<Restore>=Always On

Note: The possible value is separated by “=”. The value contained in “<>” is the default value.
• IMM.ManufacturingCertInfo=char[] minchars=0 maxchars-47 pattern=^[a-zA-Z0-9./+]{0,47}$default=""
• Memory.CKSelfRefresh=<AUTO>=L1: CK_DRIVEN=L2: CK_TRI_STATE=L3: CK_LOW=L4: CK_HIGH
This setting is suppressed if the result of the following expression is true: ( ( Memory.
MemoryPowerManagement == Automatic ) || ( Memory.MemoryPowerManagement == Disable ) )
This setting is read-only if the result of the following expression is true: ( ! ( OperatingModes.
ChooseOperatingMode == Custom Mode ) )

20 Lenovo XClarity Essentials OneCLI User Guide

 Note: The showvalues command also shows the sentence to check whether the setting is suppressed/
grayed/read-only or not.
• IMM.SSL_HTTPS_SERVER_CSR=*generate=export

Note: This is for certification management settings. The output of the comparedefault command is IMM.
PwDiffChar=0<2>. The value contained in “<>” is the default value and the other one is the current value.

Configuring the interactive mode

Users can use the interactive mode by configuring the --interactive (-i) option. In this mode, OneCLI supports
to automatically configure the setting name after users press Tab.

The --interactive (-i) option supports the following commands: set, show, showvalues, showdes, and
showdefault.

Do the following to configure the interactive mode:

Procedures
Step 1. Input “OneCli config show –i” to run the show command with the --interactive (-i) option, or input
OneCli config set –i to run the set command with the --interactive (-i) option. The following
information will be displayed:
Welcome to Auto Completion!
Tips:
1. Enter "exit()" to quit OneCLI.
2. Hit key "ESC" to reset all already entered options.
Now please follow wizard to complete options of command line.
setting name:
Step 2. Input the setting name:
a. Input part of setting name, for example, IMM.D.
b. Press Tab, and all setting names will be displayed on OneCLI. The following is the example of
all setting names:
IMM.D
IMM.DeploymentBoot
IMM.DHCPConfig_Hostname
IMM.DHCPConfig_IP
IMM.DHCPConfig_GatewayAddress
IMM.DHCPConfig_Subnet
IMM.DHCPConfig_DomainName
IMM.DHCPConfig_DNS_Primary
IMM.DHCPConfig_DNS_Secondary
IMM.DHCPConfig_DNS_Tertiary
IMM.DNSSettings_Interface
IMM.DNSSettings_preference
IMM.DNSSettings_ServerIp1
IMM.DNSSettings_ServerIp2
IMM.DNSSettings_ServerIp3
IMM.DDNSSettings_Interface
IMM.DDNSSettings_preference
IMM.DDNSSettings_CustomDomain
setting name:
IMM.D
c. Input the entire setting name.

Note: The exclusive setting name will be input automatically, for example, IMM.
DeploymentBoot.
Step 3. Do one of the following:

Chapter 4. Configuration 21
 • If “output directory:” is displayed, input the output directory.
• To input the default value, press Enter.

Note: After OneCLI runs the entire command, the following outputs will be displayed:
output directory:
Invoking SHOW command
Connected to BMC at IP address 10.240.194.225 by IPMI
IMM.DeploymentBoot=Disabled
Success.

compare command
Use the compare command to compare the current values with the specified values for one or more settings.

compare command syntax

OneCli.exe config compare [command option] [common options]

Table 16. compare command specific parameters

Parameter Required/Optional Notes

command option Optional
all
Default value.
Displays all of the supported settings.
group name
Displays the settings that belong to a group name, such as IMM,
UEFI, and so on.
setting name
The setting name value.

--file Optional Specify the file name, contains <setting>=<value> from command
<save>.
--interactive, -i Optional Run OneCLI in the interactive mode.

--kcs Optional Force to use IPMI over KCS local interface.

--pending Optional Compare the current value and the pending value for one or more
settings.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --config
• --configfile
• --check-trust, -C
• --nolog
• --node, -n
• --never-check-
trust, -N
• --output, -o
• --redfish

Notes:

22 Lenovo XClarity Essentials OneCLI User Guide

• When using with the --pending option, the compare command can be used as the comparepending
command, and the format is comparepending or compare --pending.
• For some settings, the updated values are displayed in the pending list and will take effect after the
reboot.

Example of the compare command

Compare the pending value with the current value:

onecli.exe config compare --pending --bmc USERID:[email protected]

Compare the pending value with saved values in the specified file:

onecli.exe config compare --file save.txt --bmc USERID:[email protected]

comparedefault command
Use the comparedefault command to compare the current values and the default values of one or more
settings.

comparedefault command syntax

OneCli.exe config comparedefault [command option] [<options>]

Table 17. comparedefault command specific parameters

Parameter Required/Optional Notes

command option Optional
all
Default value.
Displays all of the supported settings.
group name
Displays the settings that belong to a group name, such as IMM,
UEFI, and so on.
setting name
The setting name value.

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Notes:
• Some settings do not have a default value and will not be included in the list.

Chapter 4. Configuration 23
• The value contained in the <> is the default value, while the other value is current setting value. For
example: IMM.PwDiffChar=0<2>, 0 is the current value and 2 is the default value.

Example of the comparedefault command

OneCli.exe config comparedefault --bmc userid:password@host

comparepending command
Use the comparepending command to compare the current values and the pending values of one or more
settings.

comparepending command syntax

OneCli.exe config comparepending [command option] [<options>]

Table 18. comparepending command specific parameters

Parameter Required/Optional Notes

command option Optional
all
Default value.
Displays all of the supported settings.
group name
Displays the settings that belong to a group name, such as IMM,
UEFI, and so on.
setting name
The setting name value.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Example of the comparepending command

onecli.exe config comparepending --bmc USERID:[email protected]

show command
Use the show command to view the current value of one or more settings.

show command syntax

OneCli.exe config show [command option] [<options>]

24 Lenovo XClarity Essentials OneCLI User Guide

Table 19. show command specific parameters

Parameter Required/Optional Notes

command option Optional
all
Default value.
Displays all of the supported settings.
group name
Displays the settings that belong to a group name, such as IMM,
UEFI, and so on.
setting name
The setting name value.

--interactive, -i Optional Configure the OneCLI interactive mode. In this mode, OneCLI guides
user to input the parameter step by step. Users can also click Tab to
generate the configuration setting name.

--kcs Optional Force to use IPMI over KCS local interface.

--smm Optional Specify the access information of the target SMM. The format is:
userid:password@host[:port].
Notes:
• Both the IPv4 address and the IPv6 address are supported. The
IPv6 address shall be enclosed in brackets. For example,
[FE80:3BA7:94FF:FE07:CBD0].
• If the IPv6 is LLA, the format is [FE80:3BA7:94FF:FE07:CBD0%
xxx]. Replace xxx with the interface name.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --never-check-
trust, -N
• --node
• --nolog
• --output, -o
• --redfish

Example of the show command

In the normal mode:

onecli.exe config show --bmc USERID:[email protected]

In the interactive mode:

onecli.exe config show -i

showdes command
Use the showdes command to view a detailed description of one or more settings. For UEFI settings, the
detailed description for this command is the same information that users access when pressing F1 during
startup.

Chapter 4. Configuration 25
showdes command syntax

OneCli.exe config showdes [command option] [<options>]

Table 20. showdes command specific parameters

Parameter Required/Optional Notes

command option Optional
all
Default value.
Displays all of the supported settings.
group name
Displays the settings that belong to a group name, such as IMM,
UEFI, and so on.
setting name
The setting name value.

--interactive, -i Optional Configure the OneCLI interactive mode. In this mode, OneCLI guides
user to input the parameter step by step. Users can also click Tab to
generate the configuration setting name.

--kcs Optional Force to use IPMI over KCS local interface.

--smm Optional Specify the access information of the target SMM. The format is:
userid:password@host[:port].
Notes:
• Both the IPv4 address and the IPv6 address are supported. The
IPv6 address shall be enclosed in brackets. For example,
[FE80:3BA7:94FF:FE07:CBD0].
• If the IPv6 is LLA, the format is [FE80:3BA7:94FF:FE07:CBD0%
xxx]. Replace xxx with the interface name.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Example of the showdes command

In the normal mode:

onecli.exe config showdes imm --bmc USERID:[email protected]

In the interactive mode:

onecli.exe config showdes -i

Example of the description of a setting:

26 Lenovo XClarity Essentials OneCLI User Guide

IMM.IMMInfo_Location: IMM.IMMInfo_Location:XCC Location
Help for XCC Location
---------------------
Configure the "XCC Information", "location" setting.

Notes:
• Users can enter a maximum of 47 characters for this setting.
• Special characters @`"',{}#$%^*()!~:;?[]=|+&<> are not allowed.

showdefault command
Use the showdefault command to view the default values of one or more settings.

showdefault command syntax

OneCli.exe config showdefault [command option] [<options>]

Table 21. showdefault command specific parameters

Parameter Required/Optional Notes

command option Optional
all
Default value.
Displays all of the supported settings.
group name
Displays the settings that belong to a group name, such as IMM,
UEFI, and so on.
setting name
The setting name value.

--interactive, -i Optional Configure the OneCLI interactive mode. In this mode, OneCLI guides
user to input the parameter step by step. Users can also click Tab to
generate the configuration setting name.

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Note: Some settings do not have a default value and will not be included in the list.

Example of the showdefault command

In the normal mode:

Chapter 4. Configuration 27
OneCli.exe config showdefault

In the interactive mode:

onecli.exe config showdefault -i

showgroups command
Use the showgroups command to list the setting groups that are available on a server.

showgroups command syntax

OneCli.exe config showgroups [<options>]

Notes:
• The showgroups command does not require any command options.
• Groups vary on different systems. See the following for some sample groups. The following is an example
of the groups list:
– UEFI
– AdvancedRAS
– BackupBankManagement
– DevicesandIOPorts
– DiskGPTRecovery
– LegacySupport
– Memory
– Node1
– OperatingModes
– POSTAttempts
– Power
– Processors
– SystemRecovery BootModes BootOrder
– BootModes
– BootOrder
– IMM
– BroadcomGigabitEthernetBCM5720-910
– BroadcomGigabitEthernetBCM5720-000AF72567E6
– BroadcomGigabitEthernetBCM5720-000AF72567E7 IMM
– PXE
– SYSTEM_PROD_DATA
– SecureBootConfiguration
– UEFIMisc
– VPD
– iSCSI

28 Lenovo XClarity Essentials OneCLI User Guide

Table 22. nodes command specific parameters

Parameter Required/Optional Notes

--interactive, -i Optional Configure the OneCLI interactive mode. In this mode, OneCLI guides
user to input the parameter step by step. Users can also click Tab to
generate the configuration setting name.

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Example of the showgroups command

OneCli.exe config showgroups --bmc userid:password@host

showvalues command
Use the showvalues command to list all of the possible values for one or more settings. showvalues also
lists the suppressed, grayed-out dependency information.

showvalues command syntax

OneCli.exe config showvalues [command option] [<options>]

Table 23. showvalues command specific parameters

Parameter Required/Optional Notes

command option Optional
all
Default value.
Displays all of the supported settings.
group name
Displays the settings that belong to a group name, such as IMM,
UEFI, and so on.
setting name
The setting name value.

--instances Optional Display the instances settings.

--interactive, -i Optional Configure the OneCLI interactive mode. In this mode, OneCLI guides
user to input the parameter step by step. Users can also click Tab to
generate the configuration setting name.

Chapter 4. Configuration 29
Table 23. showvalues command specific parameters (continued)

Parameter Required/Optional Notes

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Example of the showvalues command

In the normal mode:

onecli.exe config showvalues

In the interactive mode:

onecli.exe config showvalus -i

nodes command
Use the nodes command to obtain the available nodes in the current system.

nodes command syntax

OneCli.exe config nodes [<options>]

Notes:
• The nodes command does not require any command options.
• The nodes command can be used on a multi-node or a single-node system.
• On a single node system, 1 is always reported.
• On a multi-node system, the available number of nodes is reported.

30 Lenovo XClarity Essentials OneCLI User Guide

Table 24. nodes command specific parameters

Parameter Required/Optional Notes

--interactive, -i Optional Configure the OneCLI interactive mode. In this mode, OneCLI guides
user to input the parameter step by step. Users can also click Tab to
generate the configuration setting name.

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Example of the nodes command

OneCli.exe config nodes

Commands that change or set system configuration settings

The topics in this section provide detailed information about how to use the config application and
commands to change and set the system configuration settings.

Table 25. Commands that change and set configuration settings

Command Description

createuuid Generate and set Universally Unique Identifier.

For more information, refer to “createuuid command” on page 31.

delete Delete a setting instance group.

For more information, refer to “delete command” on page 32.

loaddefault Set the setting value to the default value.

For more information, refer to “loaddefault command” on page 33.

set Change the setting value.

For more information, refer to “set command” on page 34.

createuuid command
Use the createuuid command to generate and set the Universally Unique Identifier.

createuuid command syntax

Chapter 4. Configuration 31
OneCli.exe config createuuid <uuidsetting> [<options>]

Table 26. createuuid command specific parameters

Parameter Required/Optional Notes

uuidsetting Required The setting name is:
SYSTEM_PROD_DATA.

SysInfoUUID

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Note: The value of the uuid created by the createuuid command depends on the time slot and the system
information. Therefore, each time running the command, users will get different setting values.

Example of the creatuuid command

OneCli.exe config createuuid SYSTEM_PROD_DATA.SysInfoUUID --bmc userid:password@host

Example of the UUID value got from createuuid command

The uuid for SYSTEM_PROD_DATA.SysInfoUUID value is 80b958fb5671b70127e57a51e2e00994

delete command
Use the delete command to delete an instance of a setting.

delete command syntax

OneCli.exe config delete <setting_instance> [<options>]

32 Lenovo XClarity Essentials OneCLI User Guide

Table 27. delete command specific parameters

Parameter Required/Optional Notes

setting_instance Required A unique value is required for this parameter.

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Note: The delete command is used only for a setting instance. It does not work for a normal setting.

Example of the delete command

OneCli.exe config delete imm.loginid.6 --bmc userid:password@host

loaddefault command
Use the loaddefault command to load the default values of one or more settings.

loaddefault command syntax

OneCli.exe config loaddefault [command option] [<options>]

Table 28. loaddefault command specific parameters

Parameter Required/Optional Notes

command option Optional
all
Default value.
Displays all of the supported settings.
group name
Displays the settings that belong to a group name, such as IMM,
UEFI, and so on.
setting name
The setting name value.

--exclude Optional Specify the settings group name not be loaded to default.

The valid values include: login_settings, network_settings, and login_

network_settings.

--kcs Optional Force to use IPMI over KCS local interface.

Chapter 4. Configuration 33
Table 28. loaddefault command specific parameters (continued)

Parameter Required/Optional Notes

--post Optional This parameter is only for UEFI settings. By using this parameter,
users can load default settings in the same way as using the “Post
Load Default Settings” function in UEFI (F1) menu. The changed
settings take effect after restarting host server.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Example of the loaddefault command

In the normal mode:

onecli.exe config loaddefault BootModes.SystemBootMode

In the post load setup (default as UEFI menu):

onecli.exe config loaddefault UEFI --post

set command
Use the set command to change the setting value. If the instance does not exist or the instance value is less
than or equal to the allowed maximum value, users can create an instance by using the set command.

Notes:
• For more information about instances, see “Instance and non-instance settings” on page 17.
• If the settingvalue includes some blank, user needs to put the value in quotes.
• If the settingname is a valid setting instance which is not exist before, the set command will create this
setting instance.
• If the settingvalue is not be input, OneCLI will use security mode to change the setting value.
• If users modify the account connecting to BMC when running the set command, the following error
message might be displayed：
Failed to get update status due to BMC internal error.

set command syntax

OneCli.exe config set <settingname> [settingvalue] [common options]

34 Lenovo XClarity Essentials OneCLI User Guide

Table 29. set command specific parameters

Parameter Required/Optional Notes

--force Optional Run Redfish config set command without checking the setting
values.
--interactive, -i Optional Configure the OneCLI interactive mode. In this mode, OneCLI guides
user to input the parameter step by step. Users can also click Tab to
generate the configuration setting name.

settingname Required Use the set command to change the setting value.

Users should input the settingname parameter behind the set

command in command line.
settingvalue Optional Specify the changed setting value.

Users should input the settingvalue parameter behind the setting

name in command line.

Notes:
• If the settingvalue is blank, enter a value in quotes.
• If the settingvalue is not specified, OneCLI will change the setting
value in the security mode. For more information, refer to
“Changing setting values in security mode” on page 170.
--smm Optional Specify the access information of the target SMM. The format is:
userid:password@host[:port].
Notes:
• Both the IPv4 address and the IPv6 address are supported. The
IPv6 address shall be enclosed in square brackets. For example,
[FE80:3BA7:94FF:FE07:CBD0].
• If the IPv6 is LLA, the format is [FE80:3BA7:94FF:FE07:CBD0%
xxx]. Replace xxx with the interface name.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Example of the set command

OneCli.exe config set IMM.DST Off --bmc userid:password@host

Commands that save, replicate, and restore configuration settings

The topics in this section provide detailed information about how to use the config application and
commands to save, replicate, backup, and restore system configuration settings and how to run commands
in batch mode.

Chapter 4. Configuration 35
Table 30. Commands that save, replicate, and restore a system

Command Description

backup Backup all configuration settings, or back up SED AK on SE350 V2 and SE360 V2 by using the
--redfish parameter.

For more information, refer to “backup command” on page 36.

batch Run multiple config commands in a batch file.

For more information, refer to “batch command” on page 37.

replicate Replicate the settings to the other system.

For more information, refer to “replicate command” on page 38.

restore Restore a saved setting value to the current system.

For more information, refer to “restore command” on page 39.

save Save the current settings.

For more information, refer to “save command” on page 40.

backup command
Use the backup command to backup all configuration settings, or back up SED AK on SE350 V2 and SE360
V2 by using the –redfish parameter.

backup command syntax

OneCli.exe config backup [setting] --file [arg] –passphrase[arg] [common options] --redfish

Table 31. backup command specific parameters

Parameter Required/Optional Notes

--file Required Specify the key file name for restoring Self-encrypting
Drive Authentication Key (SED AK) or configuration
settings, which contains the enciphered messages.

--kcs Optional Force to use IPMI over KCS local interface.

--passphrase Required The passphrase to backup and restore SED AK or

configuration settings in a file.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page

• --bmc-username, -u 2.
• --bmc-password, -w
• --bmc-cim-port, -p
• --config
• --configfile
• --check-trust, -C
• --node, -n
• --nolog
• --never-check-trust, -N
• --output, -o
• --redfish

Example of the backup command

36 Lenovo XClarity Essentials OneCLI User Guide

To backup SED AK:

OneCli.exe config backup Security.SED_AK --passphrase xxxxxx --file backup.txt

--bmc USERID:[email protected] --redfish

To backup the configuration settings:

OneCli config backup --passphrase xxxxxx --scope wholeFile --file backup.txt

--bmc USERID:[email protected] –redfish

batch command
Use the batch command to queue config operations without any knowledge of the scripting capabilities of
the operating system that XClarity Essentials OneCLI is running on. When entering the config commands in
a batch file, the XClarity Essentials OneCLI config application individually reads and runs each config
command.

batch command syntax

OneCli.exe config batch --file <batchfilename> [<options>]

The format in the batch file should be:

<command1> <command1 options>

<command2> <command2 options>
<command3> <command3 options>

Note: The --output or connection option is not required for the previous command in the batch file.

Table 32. batch command specific parameters

Parameter Required/Optional Notes

--file Required • The file name of the batch file, which has the config commands.
• XClarity Essentials OneCLI individually reads and runs each
command.
• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.
• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Notes:
• In batch mode, the show and set commands ignore the suppressed information. Users can see the
suppressed settings current value using show, and set the suppressed settings without an error.
• All of the commands in a batch file must target an individual system and not multiple systems. A batch file
that contains commands that target multiple systems is not supported.
• The following example batch file contains the set and show commands. All of the set commands are sent
to BMC at same time, and then all of the show commands are sent.

Chapter 4. Configuration 37
This is an example of batchfile.txt:

set IMM.Community_AccessType.1 Get

set IMM.Duplex1 Auto
set IMM.MTU1 1500
set IMM.SNMPv1Agent Enabled
set IMM.SNMPv3Agent Disabled
show IMM.SNMPv3Agent
set IMM.SNMPv3Agent Enabled
show IMM.SNMPv3Agent

Example of the batch command

OneCli.exe config batch --file batchfile.txt --bmc userid:password@host

replicate command
Use the replicate command to replicate the settings in the configuration file to the target server. The
settings in the nonreplicated group are saved in a specific file, and cannot be replicated.

replicate command syntax

OneCli.exe config replicate --file <filename> [<options>]

Table 33. replicate command specific parameters

Parameter Required/Optional Notes

--file Required • The file name for the saved settings and values to be stored.
• XClarity Essentials OneCLI reads the setting and value from the file
and applies it to the system.

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Notes:
• Users can use the saved file got in the save command. If users create a file and specify with the --file
option, follow the file format. For more information, refer to “save command” on page 40.
• The outputs of the replicate command contain a long list of the saved settings. OneCLI puts the outputs
in a file and shows the summary in the command shell.

Example of the replicate command

OneCli.exe config replicate --file saved.txt --bmc userid:password@host

38 Lenovo XClarity Essentials OneCLI User Guide

restore command
Use the restore command to restore the settings that are already saved in the file for the current server.

Notes:
• To restore the saved settings, use the save command to save the configuration in the file containing
<setting>=<value>.
• For SE350 V2/SE360 V2, to restore the SED AK whose SED key is not installed, use the passphrase or
backup file.
• To restore the configuration settings by using the backup file, the file should be an encrypted file saved
with the backup command, the --redfish and --passphrase parameters.
• Users can use the saved file got in the save command. If users create the file and specify with the --file
option, follow the file format. For more information, refer to “save command” on page 40.
• There may be a long list of settings in the outputs of restore command. Therefore, OneCLI puts the
results including all saved settings in a file and shows the summary in the command shell.

restore command syntax

OneCli.exe config restore --file <filename> [<options>]

Table 34. restore command specific parameters

Parameter Required/Optional Notes

--file Optional • Specify the configuration file name for restoring settings, which
should be used with the save command.
• Specify the encrypted file name for restoring SED AK or the backup
settings, which should be used with the backup command.

--passphrase Optional The passphrase to recover SED AK or configuration settings.

• Specify the password used in the generate command when
recovering SED AK with the passphrase.
• Specify the password used in the backup command when
recovering SED AK or configuration settings with the backup file.

--incbackupctl Optional Include VPD settings when restoring from the external file specified by
“--file”.
--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-username,
-u
• --bmc-password,
-w
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Example of the restore command

To restore with saved settings:

Chapter 4. Configuration 39
onecli.exe config restore --file saved.txt --bmc USERID:[email protected]

To restore SED AK only with passphrase that used to generate the SED AK:

OneCli.exe config restore Security.SED_AK --passphrase xxxxxx

--bmc USERID:[email protected] --redfish

To restore SED AK with passphrase and backup file:

OneCli.exe config restore Security.SED_AK --passphrase xxxxxx

--file backup.txt --bmc USERID:[email protected] --redfish

To restore configuration settings with backup file:

OneCli.exe config restore --passphrase xxxxxx --file backup.txt

--bmc USERID:[email protected] --redfish

save command
Use the save command to save the settings of all groups to a specified file, for example, the UEFI group, the
IMM group. However, the read-only and write-only settings cannot be saved by using the save command.
The file containing the saved settings can be used in the restore command and the replicate command.

save command syntax

OneCli.exe config save --file <savetofilename> [--group <groupname>] [--excbackupctl] [<options>]

Table 35. save command specific parameters

Parameter Required/Optional Notes

--file Required The file name where settings and values are stored. OneCLI reads the
setting from the system and then stores the setting and value in the
file.
--group Optional The name of a group section.
The group_name is the name used in the XML to group setting per
subsystem, which should be obtained by running the command
showgroups.

--excbackupctl Optional Used to exclude the VPD settings.

The default is to include all VPD.

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

40 Lenovo XClarity Essentials OneCLI User Guide

Example of the save command

OneCli.exe config save --file saved.txt --bmc userid:password@host

The format of the content in the saved file is:

<settingname1>=<settingvalue1>
<settingname2>=<settingvalue2>
<settingname3>=<settingvalue3>

This is an example of the saved.txt file output:

IMM.PowerRestorePolicy=Restore
IMM.ThermalModePolicy=Normal
IMM.PowerOnAtSpecifiedTime=0:0:0:0:0
IMM.MinPasswordLen=0
IMM.PwChangeInterval=0
IMM.PwMaxFailure=5
IMM.PwDiffChar=0
IMM.DefPasswordExp=Disabled
IMM.FirstAccessPwChange=Disabled

Commands for certificate management

The topics in this section provide detailed information about how to use the config application and
commands to manage certificates.

Table 36. Configuration commands for certificate management

Command Description

deletecert Delete a certificate.

For more information, refer to “deletecert command” on page 44.

export Export a certificate to a local system.

For more information, refer to “export command” on page 44.

generate Generate a certificate.

For more information, refer to “generate command” on page 45.

import Import a certificate from a local system to another system.

For more information, refer to “import command” on page 49.

Notes:
• The commands in this table are used specifically for certificate management. The supported settings are
certificate management settings.
• The supported setting list can be generated using showvalues using a value such as generate. The values
after the * are for the supported certificate management settings:
IMM.SSH_SERVER_KEY=*generate
IMM.SSL_HTTPS_SERVER_CERT=*generate=import=export
IMM.SSL_HTTPS_SERVER_CSR=*generate=export
IMM.SSL_LDAP_CLIENT_CERT=*generate=import=export
IMM.SSL_LDAP_CLIENT_CSR=*generate=export
IMM.SSL_SERVER_DIRECTOR_CERT=*generate=import=export
IMM.SSL_SERVER_DIRECTOR_CSR=*generate=export
IMM.SSL_CLIENT_TRUSTED_CERT1=*import=export=deletecert

Chapter 4. Configuration 41
 IMM.SSL_CLIENT_TRUSTED_CERT2=*import=export=deletecert
IMM.SSL_CLIENT_TRUSTED_CERT3=*import=export=deletecert

Using XClarity Essentials OneCLI for certificate management

XClarity Essentials OneCLI manages Certificate Authority (CA) and Certificate Sign Request (CSR) files on
BMC-based systems using the generate, import, export, and deletecert commands.

Before users can manage a certificate on BMC, to ensure that the corresponding certificate server is
disabled, complete these steps:
1. Verify that the BMC HTTPS Server Configuration for Web server is disabled using this command:
OneCli.exe config show IMM.SSL_Server_Enable
2. If the server is enabled, disable BMC HTTPS Server Configuration for Web Server using this command:
OneCli.exe config set IMM.SSL_Server_Enable Disabled
The BMC must be restarted before the selected value (enable / disable) takes effect. Use the command:
onecli misc rebootbmc
3. The BMC must be restarted before the selected value (enable / disable) takes effect. Use the command:
onecli misc rebootbmc

Before using SSL Client Certificate Management, disable SSL Client Configuration for the LDAP Client
first:
a. Verify that the SSL Client Configuration for LDAP Client is disabled using this command:
OneCli.exe config show IMM.SSL_Client_Enable
b. If the value is enabled, disable the BMC SSL Client Configuration for LDAP using this command:
OneCli.exe config set IMM.SSL_Client_Enable Disabled

After completing the steps noted above, users can use XClarity Essentials OneCLI to manage certificates on
BMC.

The following procedure provides an overview of how to use the XClarity Essentials OneCLI config
application and commands to:
• View the status of certificate setting
• View the available commands for a setting
• Generate a Certificate Sign Request (CSR)
• Export a certificate sign request
• Generate a self-signed certificate
• Import a Certificate
• Delete a certificate

Getting the status of the certificate setting

To view the status of a certificate setting, use this command:

OneCli.exe config show IMM.SSL_HTTPS_SERVER_CERT

An example of output:

IMM.SSL_HTTPS_SERVER_CERT=Private Key and CA-signed cert installed, Private Key stored, CSR available for download.

Getting the available command for the setting

To view the available commands for a certificate setting, use this command:

OneCli.exe config showvalues IMM.SSL_HTTPS_SERVER_CSR

An example of output:

42 Lenovo XClarity Essentials OneCLI User Guide

IMM.SSL_HTTPS_SERVER_CSR=*generate=export

IMM.SSL_HTTPS_SERVER_CSR is supported by the generate and export commands.

Generating a Certificate Sign Request (CSR)

To generate a Certificate Sign Request (CSR), use this command

OneCli.exe config generate IMM.SSL_HTTPS_SERVER_CSR --file template.xml

An XML file, such as template.xml, is required for the generate command and for all settings which support
generate, except SSH_SERVER_KEY. For more information about the template.xml, see “The template.xml
file” on page 46. "new_key_and_cert_sign_req_info" in the specified XML file is required to generate a CSR.

A certificate sign request must be signed by an independent certificate authority to be a certificate. Users
can use the config application to generate a Self-signed Certificate.

Generating a self-signed certificate

Users can use the config application to generate a Self-signed Certificate. "new_key_and_self_signed_cert_
info" in the specified XML file is required to generate a self-signed certificate. To generate a self-signed
certificate, use this command:

OneCli.exe config generate IMM.SSL_HTTPS_SERVER_CERT --file template.xml

Exporting a certificate sign request

To export a certificate sign request, use this command:

config export IMM.SSL_HTTPS_SERVER_CSR --file tmp_csr.der

The tmp_csr.der file is saved in the current directory.

Users can export a certificate or certificate sign request. If a certificate sign request is signed by an
independent certificate authority, it is a CA-signed certificate.

Importing a certificate

To import a certificate, after completing the export a certificate sign request step, using independent
certificate authority, sign the request in the tmp_csr.der file. Users can only import the CA-signed certificate
(which differs from the self-signed certificate) into the HTTPS Server Certificate Management.

The following two settings for SSL Client Certificate Management permit only CA-signed certificates to be
imported:
• SSL_LDAP_CLIENT_CERT
• SSL_LDAP_CLIENT_CSR

These settings permit both self-signed and CA-signed certificates to be imported:

• SSL_CLIENT_TRUSTED_CERT1
• SSL_CLIENT_TRUSTED_CERT2
• SSL_CLIENT_TRUSTED_CERT3

If a certificate already exists, it must be deleted before importing another certificate.

Chapter 4. Configuration 43
For more detailed information about how to use the config applications and commands for certificate
management, refer to the individual command topics in this section.

deletecert command
Use the deletecert command to delete a certificate on BMC.

deletecert command syntax

OneCli.exe config deletecert <setting> [<options>]

Table 37. deletecert command specific parameters

Parameter Required/Optional Notes

setting Required Certificate management setting

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Example of the deletecert command

OneCli.exe config deletecert IMM.SSL_HTTPS_SERVER_CERT --bmc userid:password@host

export command
Use the export command to export a selected certificate or certificate sign request (CSR) file. The export
command generates a binary file that is saved as the specified file path.

export command specific syntax

OneCli.exe config export <setting> --file <exportfilename> [<options>]

Table 38. export command specific parameters

Parameter Required/Optional Notes

--setting Required Certificate management setting

--file Required The file path to save the exported certificate.

44 Lenovo XClarity Essentials OneCLI User Guide

Table 38. export command specific parameters (continued)

Parameter Required/Optional Notes

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Example of the export command

OneCli.exe config export IMM.SSL_HTTPS_SERVER_CERT --file temp.cert --bmc userid:password@host

generate command
Use the generate command to generate a private key and public key pair with a self-signed certificate or a
certificate sign request, and generate SED AK on SE350 V2/SE360 V2 when using with the –redfish
parameter.

generate command syntax

OneCli.exe config generate <setting> --file <exportfilename> [<options>] --passphrase

Table 39. generate command specific parameters

Parameter Required/Optional Notes

--setting Required Specify the certificate management settings.

--file Optional • This is the file name of *generate file, using the format of
template.xml.
• For more information about the template.xml, see “The template.
xml file” on page 46.

--kcs Optional Force to use IPMI over KCS local interface.

Chapter 4. Configuration 45
Table 39. generate command specific parameters (continued)

Parameter Required/Optional Notes

--passphrase Optional The passphrase to generate SED AK, which is not required when used
to generate a random SED AK.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-rest-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o
• --redfish

Example of the generate command

To generate the certificate:

onecli.exe config generate IMM.SSL_HTTPS_SERVER_CERT --file template.xml

--bmc USERID:[email protected]

To generate SED AK with the random method:

OneCli.exe config generate Security.SED_AK --bmc USERID:PASSW0RD

@XX.XX.XX.XX --redfish

To generate SED AK with the passphrase method:

OneCli.exe config generate Security.SED_AK --passphrase xxxxxx

--bmc USERID:[email protected] --redfish

The template.xml file

Use the template file (template.xml), located in the OneCLI folder, as an example of the correct syntax to use
with the generate command for certificate management. Users can modify this file to generate a certificate.

This table provides a list of the template.xml file variables and their definitions.

Table 40. template.xml file variables

Variables Definition
Country Name The two-letter ISO abbreviation for user’s country.

State or Province Name The state or province where user’s organization is located. This entry cannot be
abbreviated.
Locality Name The city where user’s organization is located.

Organization Name The exact legal name of user’s organization. Do not abbreviate user’s organization
name.

46 Lenovo XClarity Essentials OneCLI User Guide

Table 40. template.xml file variables (continued)

Variables Definition
Common Name A fully qualified domain name that resolves to the SSL VPN device. For example, if
users intend to secure the URL https://ssl.yourdomain.com, then the common
name of the certificate sign request should be ssl.yourdomain.com.

Name This is an optional field for entering a contact name.

Email Address This is an optional field for entering a contact email address.

Organization Unit Name This is an optional field for the name of the unit in user’s organization.

Surname This is an optional field for entering a surname of contact person.

givenName This is an optional field for entering a given name of contact name.

Initials This is an optional field for entering initials of contact name.

dnQualifier This is an optional field for entering the domain name qualifier.

Challenge password This is an optional attribute. When specifying a challenge password in the
certificate sign request and intending to revoke the certificate later, users must
know the challenge password.

unstructuredName This is an optional field for entering the unstructured name for contact

template.xml

Note: The name and value fields cannot be blank. Optional items should be removed if they are not used to
avoid potential failure.
<?xml version="1.0" encoding="utf-8"?>
<asu version="2.1">
<new_key_and_self_signed_cert_info>
<item type="Required">
<vectorID>0001</vectorID>
<name>countryName</name>
<value minlen="2" maxlen="2">XX</value>
</item>
<item type="Required">
<vectorID>0001</vectorID>
<name>stateOrProvinceName</name>
<value minlen="1" maxlen="30">XXXX</value>
</item>
<item type="Required">
<vectorID>0001</vectorID>
<name>localityName</name>
<value minlen="1" maxlen="50">XXXX</value>
</item>
<item type="Required">
<vectorID>0001</vectorID>
<name>organizationName</name>
<value minlen="1" maxlen="60">XXXX</value>
</item>
<item type="Required">
<vectorID>0001</vectorID>
<name>commonName</name>
<value minlen="1" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>Name</name>

Chapter 4. Configuration 47
<value minlen="1" maxlen="60">XXXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>emailAddress</name>
<value minlen="1" maxlen="60">XXXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>validityPeriod</name>
<value minlen="0" maxlen="2">XX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>organizationalUnitName</name>
<value minlen="0" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>Surname</name>
<value minlen="0" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>givenName</name>
<value minlen="0" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>Initials</name>
<value minlen="0" maxlen="20">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>dnQualifier</name>
<value minlen="0" maxlen="60">XXXX</value>
</item>
</new_key_and_self_signed_cert_info>
<new_key_and_cert_sign_req_info>
<item type="Required">
<vectorID>0001</vectorID>
<name>countryName</name>
<value minlen="2" maxlen="2">XX</value>
</item>
<item type="Required">
<vectorID>0001</vectorID>
<name>stateOrProvinceName</name>
<value minlen="1" maxlen="30">XXXX</value>
</item>
<item type="Required">
<vectorID>0001</vectorID>
<name>localityName</name>
<value minlen="1" maxlen="50">XXXX</value>
</item>
<item type="Required">
<vectorID>0001</vectorID>
<name>organizationName</name>
<value minlen="1" maxlen="60">XXXX</value>
</item>
<item type="Required">
<vectorID>0001</vectorID>

48 Lenovo XClarity Essentials OneCLI User Guide

<name>commonName</name>
<value minlen="1" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>Name</name>
<value minlen="1" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>emailAddress</name>
<value minlen="1" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>organizationalUnitName</name>
<value minlen="0" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>Surname</name>
<value minlen="0" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>givenName</name>
<value minlen="0" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>Initials</name>
<value minlen="0" maxlen="20">XXXX</value>
</item>
<item type="Optional">
<vectorID>0001</vectorID>
<name>dnQualifier</name>
<value minlen="0" maxlen="60">XXXX</value>
</item>
<item type="Optional">
<vectorID>0002</vectorID>
<name>challengePassword</name>
<value minlen="6" maxlen="30">XXXX</value>
</item>
<item type="Optional">
<vectorID>0002</vectorID>
<name>unstructuredName</name>
<value minlen="1" maxlen="60">XXXX</value>
</item>
</new_key_and_cert_sign_req_info>
</asu>

import command
Use the import command to import a certificate into a BMC.

import command syntax

OneCli.exe config import <setting> --file <importfilename> [<options>]

Chapter 4. Configuration 49
Table 41. import command specific parameters

Parameter Required/Optional Notes

--setting Required Certificate management setting

--file Required Import file name

--kcs Optional Force to use IPMI over KCS local interface.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Example of the import command

OneCli.exe config import IMM.SSL_HTTPS_SERVER_CERT --file temp.cert --bmc userid:password@host

50 Lenovo XClarity Essentials OneCLI User Guide

Chapter 5. Multiple configuration
The topics in this section describe how to use the OneCLI multiconfig application and commands to remotely
show or change the system configuration for multiple IMM/XCC- based servers.

This table lists the multiconfig application commands:

Table 42. Application multiconfig commands

Command Description
batch Run multiple config commands in the batch file.

For more information, refer to “batch command” on page 51.

replicate Replicate all settings in the input update configuration file.

For more information, refer to “replicate command” on page 52.

restore Restore all settings defined in the update configuration file.

For more information, refer to “restore command” on page 52.

set Change the setting to new value.

For more information, refer to “set command” on page 53.

show Display the current system settings’ values.

For more information, refer to “show command” on page 54.

batch command
Use the batch command to queue config operations without any knowledge of the scripting capabilities of
the operating system on which OneCLI is running.

User input the config commands in the batch file, and then config application will run them one by one.
Following is the sample format in the batch file:

<command1> <command1 options>

<command2> <command2 options>
<command3> <command3 options>

Note: No “--output” or connection options is needed for the command in the batch file.

batch command syntax

OneCli.exe config batch <--file <batchfilename>> <--configfile <arg>> [common options]

© Copyright Lenovo 2018, 2024 51

Table 43. batch command specific parameters

Parameter Required/Optional Notes

--file Required The file name of batch file, which includes the config commands in it.
Onecli will read the commands and run them one by one. This
parameter is required.

--configfile Required Specify the config file for multi task command, the format refer to
Sample/multi_task_config.json.

• --bmc-cim-port, Optional Refer to Table 3 “OneCLI global parameters” on page 2.

-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

replicate command
Use the replicate command to replicate all settings in the input update configuration file.

replicate command syntax

OneCli.exe config replicate --file <filename> [common options]

Table 44. replicate command specific parameters

Parameter Required/Optional Notes

--file Required Specify the file name of saved settings. OneCLI reads the setting from
the system and then stores the setting and value in the file.

--kcs Optional Force to use IPMI over KCS local interface.

--quiet,-q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the replicate command

Onecli.exe config replicate –file saved.txt --bmc USERID:[email protected]

restore command
Use the restore command to restore all settings defined in the update configuration file.

restore command syntax

OneCli.exe config restore --file <filename> [common options]

52 Lenovo XClarity Essentials OneCLI User Guide

Table 45. restore command specific parameters

Parameter Required/Optional Notes

--file Required Specify the file name of saved settings. OneCLI reads the setting from
the system and then stores the setting and value in the file.

--kcs Optional Force to use IPMI over KCS local interface.

--quiet,-q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the restore command

Onecli.exe config replicate –file saved.txt --bmc USERID:[email protected]

set command
Use the set command to change the value of a setting or to list a setting. The set command also creates an
instance if the instance number does not exist, and if the instance value is less than or equal to the maximum
allowed instances for the setting. For more information about instances, see setting format.

Notes:
• If the settingvalue includes some blank, user needs to put the value in quotes.
• If the settingname is a valid setting instance which is not exist before, the set command will create this
setting instance.
• If the settingvalue is not be input, OneCLI will use security mode to change the setting value.
• If users modify the account connecting to BMC when running the set command, the following error
message might be displayed：
Failed to get update status due to BMC internal error.

set command syntax

OneCli.exe multiconfig set <settingname> [settingvalue] <--configfile <arg>> [common options]

Table 46. set command specific parameters

Parameter Required/Optional Notes

settingname Required The setting which user wants to change the value of it. User must to
input it. And it should right after the set command in command line.

settingvalue Optional The setting value which user wants to change to. If user input it, it
should right after the setting name in command line.

Chapter 5. Multiple configuration 53

Table 46. set command specific parameters (continued)

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi task command, the format refer to
Sample/multi_task_config.json.

• --bmc-cim-port, Optional Refer to Table 3 “OneCLI global parameters” on page 2.

-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

show command
Use the show command to see the current value of one or more settings.

show command syntax

OneCli.exe multiconfig show [command option] <--configfile <arg>> [common options]

54 Lenovo XClarity Essentials OneCLI User Guide

Table 47. show command specific parameters

Parameter Required/Optional Notes

command option Optional The value can be put as “all”, group name or setting name. The “all” is
used to display all supported settings, while group name is to display
the settings belong to that group, and the setting name is only display
the value for that setting. The group name can be got from
showgroups command or see section “setting groups” for details.

The default value for command option is “all”. If no command option

is specified, the config application will show all the supported
settings.

If it is specified, it should right after show command in the command

line.
--configfile Required Specify the config file for multi task command, the format refer to
Sample/multi_task_config.json.

• --bmc-cim-port, Optional Refer to Table 3 “OneCLI global parameters” on page 2.

-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --node
• --nolog
• --never-check-
trust, -N
• --output, -o

Chapter 5. Multiple configuration 55

56 Lenovo XClarity Essentials OneCLI User Guide
Chapter 6. Inventory
The topics in this section describe how to use the OneCLI inventory application and commands to collect
system information for BMC-based systems.

This table lists the inventory application commands.

Table 48. Inventory application commands

Command Description

formatlog Translate the inventory output XML file into the HTML file.

For more information, refer to “formatlog command” on page 57.

getdevices Obtain the inventory application supported devices list.

For more information, refer to “getdevices command” on page 58.

getinfor Obtain devices inventory information.

For more information, refer to “getinfor command” on page 59.

upload Uploads the XML files or other log files to a specified server or Lenovo service site.

For more information, refer to “upload command” on page 60.

formatlog command
Use the formatlog command to transform the inventory XML files to HTML files.

formatlog command syntax

OneCli.exe inventory formatlog [<options>]

Table 49. formatlog command specific parameters

Parameter Required/Optional Notes

--hldec Optional Generate UEFI hidden logs by parsing inventory XML file specified
with “--srcdata”. This is useful for trouble shooting.

--srcdata Required Specify the inventory XML result file.

• --nolog Optional Refer to Table 3 “OneCLI global parameters” on page 2

• --output, -o

Example of the formatlog command

This example formats the xxx.xml file to HTML file and save the results to specified output folder.

OneCli.exe inventory formatlog –srcdata xxx.xml –output d:\onecli\inventory

© Copyright Lenovo 2018, 2024 57

getdevices command
Use the getdevices command to obtain the supported inventory categories. Users can then use “getinfor
--device” to collect data for any category of interest.

getdevices command syntax

OneCli.exe inventory getdevices <options>

Table 50. getdevices command specific parameters

Parameter Required/Optional Notes

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the getdevices command

OneCli.exe inventory getdevices

This is the complete device list generated for Linux and Microsoft Windows systems, as noted. All items are
case-sensitive.

1 - system_overview
2 - installed_applications (Windows only)
3 - installed_hotfixes (Windows only)
4 - installed_packages (Linux only)
5 - kernel_modules (Linux only)
6 - device_drivers (Windows only)
7 - system_services (Windows only)
8 - network_settings
9 - resource_utilization
10 - processes
11 - os_configuration
12 - hardware_inventory
13 - persistent_memory
14 - pci_information
15 - firmware_vpd
16 - bmc_configuration
17 - bmc_environmental
18 - light_path
19 - pci_adapters
20- storage_devices
21 - ssd
22 - fod_key
23 - application_event (Windows only)
24 - var_log_boot_log (Linux only)
25 - var_log_mail_err (SUSE only)
26 - var_log_mail_warn (SUSE only)
27 - var_log_messages (Linux only)
28 - var_log_warn (SUSE only)
29 - var_log_cron (RHEL only)
30- var_log_dmesg (RHEL only)
31 - var_log_secure (RHEL only)
32 - system_event (Windows only)

58 Lenovo XClarity Essentials OneCLI User Guide

33 - security_event (Windows only)
34 - bmc_event_logs
35 - ipmi_event_logs
36 - execution_log
37 - system_settings

getinfor command
Use the getinfor command to obtain hardware and software information for the target system through in-
band or out-of-band method. By default, the inventory results are saved to an XML file.

getinfor command syntax

OneCli.exe inventory getinfor [<options>]

Table 51. getinfor command specific parameters

Parameter Required/Optional Notes

--cmm Optional If specified, the inventory application will only obtain the information
of a remote CMM.
• Default format: user:password@IP
• IPv6 address format: user:password@[IPv6]
--device Optional Default value: all

Displays all of the supported inventory items.

Device name separated by commas or space, such as: system_

overview, processes

Gets the inventory information for the specified items.

--ffdc Optional If specified, the inventory application will retrieve the BMC FFDC log.

--hldec Optional Collect the UEFI hidden logs. This option is only supported for System
X.
--htmlreport Optional If specified, the output results will contain HTML file report.
--proxy Optional Use proxy to connect to upload server. The format is user:
password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--servicelog Optional If specified, the inventory application will retrieve the BMC service
data log.
--smm Optional If specified, the inventory application will only get the information for a
remote SMM.

The format is user:password@IP. For the IPv6 address, the format is

user:password@[IPv6].

Chapter 6. Inventory 59
Table 51. getinfor command specific parameters (continued)

Parameter Required/Optional Notes

--upload Optional This parameter can be specified with the following arguments: lenovo
and server address.

If specified with lenovo, the format is: --upload lenovo. The inventory
data is uploaded to Lenovo Upload Facility. Users should specify the
case number, or specify both machine type and serial number.

If specified with server address, the format is: --upload server

address. The inventory data is uploaded to the target server. The
supported protocols include: TFTP, FTP, and SFTP.

If not specified, no inventory data will be uploaded.

--sftp Optional SFTP connection information. Format: user:password@IP[port][dir/].

The address is used to save FFDC logs for VMWare ESXi.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --nolog
• --never-check-
trust, -N
• --output, -o

inventory example

This is an example of the inventory application and the getinfor command using OneCLI.

OneCli.exe inventory getinfor --output d:\onecli\inventory --htmlreport --ffdc --upload lenovo

Notes:
• To collect Windows event logs in Windows OS, change the configuration item in the global.config file to
ONECLI_EVENTLOG_MAX=All. For more information, refer to Appendix D “OneCLI global configuration
file” on page 217.
• When downloading any executable version of the OneCLI utility (Windows or Linux) from https://
support.lenovo.com/solutions/lnvo-tcli and running this executable version by double-clicking its package,
the global.config file will not be evaluated.

upload command
Use the upload command to upload the XML files or other log files to Lenovo service or other remote server.

upload command syntax

OneCli.exe inventory upload [<options>]

60 Lenovo XClarity Essentials OneCLI User Guide

Table 52. upload command specific parameters

Parameter Required/Optional Notes

--cn Optional Specify the case number to upload the files to Lenovo System CARE.
The case number should be composed of at least seven characters.
--mt Optional Specify with --sn. Specify the machine of the target system when
uploading the files to System CARE.
--proxy Optional Use proxy to connect to upload server. The format is user:
password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--srcdata Required Used to identify the log file that will be uploaded.
--sn Optional Specify with --mt. Specify the serial number of the target system
when uploading the files to System CARE.

--upload Required This parameter can be specified with the following arguments: lenovo
and server address.

If specified with lenovo, the format is: --upload lenovo. The inventory
data is uploaded to Lenovo Upload Facility. Users should specify the
case number, or specify both machine type and serial number.

If specified with server address, the format is: --upload server

address. The inventory data is uploaded to the target server. The
supported protocols include: TFTP, FTP, and SFTP.

If not specified, no inventory data will be uploaded.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2

• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the upload command

In this example, --srcdata is used to identify the log file name that is uploaded.
OneCli.exe inventory upload --srcdata xxx.xml --upload lenovo

Chapter 6. Inventory 61
62 Lenovo XClarity Essentials OneCLI User Guide
Chapter 7. Update
The topics in this section describe the following:
• How to use the OneCLI update application and commands to update firmware and device driver in IB
mode for BMC-based system
• How to update firmware in OOB mode for BMC-based system
• How to update firmware for CMM-based components(CMM & I/O switch)
• How to update firmware remotely of the VMware ESXI OS for BMC-based system
• How to update firmware for SMM-based components.

This table lists the update application commands.

Table 53. Update application commands

Command Description

acquire Download firmware and device driver updates for the BMC-based system and firmware
updates of CMM, SMM, and I/O switch module.

For more information, refer to “acquire command” on page 64.

canceltask Cancel the update task staged in XCC2 on the ThinkSystem V3 systems.

For more information, refer to “canceltask command” on page 66.

checktask Check the status of update task staged in XCC2 on the ThinkSystem V3 systems.

For more information, refer to “checktask command” on page 67.

compare Compare versions of installed firmware and device driver with candidate updates, and
generates a list of recommended updates.

For more information, refer to “compare command” on page 68.

flash Apply updates of firmware and device drivers requiring upgrade, based on the result of the
compare command.

For more information, refer to “flash command” on page 73.

iflash Parse and update the system firmware.

For more information, refer to “iflash command” on page 77.

multicompare Remotely compare the firmware information of multiple BMC, and specify the BMC
information and the configuration parameters.

For more information, refer to “multicompare command” on page 79.

multiflash Remotely upgrade multiple BMC, and specify the BMC information and configuration
parameters.

For more information, refer to “multiflash command” on page 80.

multiscan Remotely scan the firmware information of multiple BMC, and specify the BMC information
and the configuration parameters.

For more information, refer to “multiscan command” on page 81.

© Copyright Lenovo 2018, 2024 63

Table 53. Update application commands (continued)

Command Description
scan Get installed firmware and device driver inventory information of a BMC-based system or
installed CMM firmware and I/O switch module firmware or installed SMM firmware.

For more information, refer to “scan command” on page 82.

startstaged Start the update task staged in XCC2 on the ThinkSystem V3 systems.

For more information, refer to “startstaged command” on page 83.

acquire command
Use the acquire command to download firmware and device driver updates for BMC-based system, CMM-
based component, and SMM-based component from Lenovo or IBM support site.

acquire command syntax

OneCli.exe update acquire [--mt <arg>] [--ostype|-t <arg>] [--scope|-s <arg>] [--dir <arg>] [--includeid|-I <arg>]
[--report] [--metaonly] [--proxy|-P <arg>] [--type|-T <arg>] [--xml] [--quiet|-q] [--platform] [--output|-o <arg>]
[--nolog] [--config <arg>] [--proxy-cacert <arg>] [--cacert <arg>] [--proxy-insecure] [--insecure] [--help|-h]

Table 54. acquire command specific parameters

Parameter Required/Optional Notes

--comparexml Optional Specify the file name for the packages to be downloaded based on
the compare result.

--dir Optional Specify the path name of the directory that will be used by the
command.

If no "--dir", the current directory will be used.

--includeid, -I Optional Acquire the specified included packages or UXSP through IDs.

Usually an ID is the package file name without extension.

For example:
• Target package ID: lnvgy_dd_sraidmr_7.700.20.00_sles12_x86-64
• UXSP ID: lnvgy_utl_uxsp_tcsp06p-2.40_win2012r2_32-64

It is allowed to input multiple packages IDs using a comma-separated

list.

By default: none is included.

--metaonly Optional If the --metaonly parameter is specified, the acquire command will
only download the XML files specifying the metadata for the update
packages without downloading the update packages payload.
--mt Optional Specify the machine type of target device. Lenovo server, chassis,
and enclosure all have machine types.
--noprereq Optional If specified, users should not download the prerequisite packages.

64 Lenovo XClarity Essentials OneCLI User Guide

Table 54. acquire command specific parameters (continued)

Parameter Required/Optional Notes

--ostype, -t Optional Specify the OS deployed on the target servers. Valid choices are
win2008, win2012, win2012r2, win2016, rhel5, rhel6, rhel7, rhel8,
rhel9, sles10, sles11, sles12, sles15, esxi5.0, esxi5.1, esxi5.5, esxi6.0,
esxi6.5, platform, and none.

"none" is the default setting and is used for OS independent updates,

such as UEFI or BMC updates.

When the ostype parameter is “platform”, OneCLI will acquire all

packages required in update, including Maintenance OS, OneCLI, and
platform UXSP.

The --ostype parameter is not required for CMM, SMM, or I/O module
targets.

--platform Optional Download the maintenance image and OneCLI tool for BMU secure
erase and platform flash.

--proxy, -P Optional userid:password@host[:port] specifies the proxy information for

connecting to the Lenovo Support Web site to download update
packages or information.
Note: Both IPv4 and IPv6 addresses are supported. Enclose IPv6
addresses in brackets. For example, [FE80::3BA7:94FF:FE07:CBD0]. If
the IPv6 is LLA (Link Local IPV6), the format is [FE80::3BA7:94FF:FE07:
CBD0%xxx]. Replace xxx with the name of the interface. Users can find
the service processor or the SFTP server (for the --sftp argument)
through this name on the local network of the OS that the OneCLI
runs.
--report Optional If the --report parameter is specified, the acquire command will only
output the IDs of the packages to update without downloading the
packages or their metadata.
--scope, -s Optional Specify the scope of updates. Different scopes indicate different
operation strategies. Valid choices are:
• uxsp (default choice): Suggest acquiring UXSP for the specific MT
and ostype.
• latest: Suggest acquiring the latest packages or UXSP.
• individual: Suggest acquiring the specific packages or UXSP. In
this case, the --scope (-s) parameter should be used with the
--includeid parameter.

--type, -T Optional type specifies the type of package to download. Valid choices are:
• fw|dd (default) to download firmware and device drivers
• fw to download firmware
• dd to download device drivers

For the CMM and I/O module targets, only firmware can be
downloaded.
--xml Optional Specify the output XML.
--proxy-cacert Optional Specify the path of proxy CACert.
--cacert Optional Specify the path of CACert.

--proxy-insecure Optional Do HTTPS proxy connections without verifying the proxy

Chapter 7. Update 65
Table 54. acquire command specific parameters (continued)

Parameter Required/Optional Notes

--insecure Optional Allow insecure server connections when using SSL.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --configfile
• --help,-h
• --nolog
• --output, -o

Example of the acquire command

In this example, we are downloading (update acquire command) information (--metaonly argument) about
the latest updates (--scope latest argument) for a machine type 8737 (--mt 8737 argument), storing it in the
“pkg” directory (--dir .\pkg argument) and storing the log file in the “output” directory (--output .\output
argument).

Onecli.exe update acquire --scope latest --mt 8737 --metaonly --output .\output --dir .\pkg

Network requirement of the acquire command

OneCLI supports to acquire the updates for the IBM system and the Lenovo system.
• To acquire the updates for the IBM system from the IBM Web site, ensure that the firewall allows the
following DNSes and ports. User can also obtain the URL from https://www-03.ibm.com/services/projects/
ecc/serviceProviderIBM.gzip.

DNS IP address Port Protocol

www.ibm.com / / /
www-03.ibm.com 204.146.30.17 443 and 80 HTTP and HTTPS
eccgw01.boulder.ibm.com 207.25.252.197 443 HTTPS

• To acquire the updates for the Lenovo system from the Lenovo Web site, ensure that the firewall allows
the following DNSes and ports. User can also obtain the URL from https://support.lenovo.com/services/
ContentService/SearchDrivers.

DNS Port Protocol

support.lenovo.com 443 and 80 HTTP and HTTPS

download.lenovo.com 443 and 80 HTTPS

Notes: To use a proxy to run the acquire command, ensure that the proxy meets the following
requirements:
• The proxy is accessible to one of the following DNS: www.ibm.com, www-03.ibm.com, eccgw01.boulder.
ibm.com, support.lenovo.com, and download.lenovo.com.
• The proxy is set to “Use basic authentication”.
• The proxy is a non-terminating and forwarding proxy.

canceltask command
Use the canceltask command to cancel the update task staged in XCC2 on the ThinkSystem V3 systems.

canceltask command syntax

66 Lenovo XClarity Essentials OneCLI User Guide

Usage: OneCli.exe update canceltask [--bmc|-b <arg>] [--bmc-username|-u <arg>]
[--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>]
[--taskid <arg>] [--xml]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 55. canceltask command specific parameters

Parameter Required/Optional Notes

--taskid Optional Specify the staged update task ID.

--xml Optional Specify the output XML.

• --bmc-password, Optional Refer to Table 3 “OneCLI global parameters” on page 2.

-w
• --bmc-rest-port
• --bmc-username,
-u
• --check-trust, -C
• --config
• --help, -h
• --never-check-
trust, -N
• --nolog
• --output, -o
• --quiet, -q

Example of the canceltask command

OneCli.exe update canceltask --taskid "314e2aa0-5192-4bf1-8d62-23ba990df67d"

--bmc userid:password@host

checktask command
Use the checktask command to check the status of update task staged in XCC2 on the ThinkSystem V3
systems.

checktask command syntax

Usage: OneCli.exe update checktask [--bmc|-b <arg>] [--bmc-username|-u <arg>]

[--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>]
[--taskid <arg>] [--xml]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Chapter 7. Update 67
Table 56. checktask command specific parameters

Parameter Required/Optional Notes

--taskid Optional Specify the staged update task ID.

--xml Optional Specify the output XML.

• --bmc-password, Optional Refer to Table 3 “OneCLI global parameters” on page 2.

-w
• --bmc-rest-port
• --bmc-username,
-u
• --check-trust, -C
• --config
• --help, -h
• --never-check-
trust, -N
• --nolog
• --output, -o
• --quiet, -q

Example of the checktask command

OneCli.exe update checktask --taskid "314e2aa0-5192-4bf1-8d62-23ba990df67d"

--bmc userid:password@host

compare command
Use the compare command to compare the list of installed firmware and device drivers, generated by the
scan command, to the available update list, generated by the query command, and recommend a set of
updates to apply. The XML file generated by the compare command can be used by the flash command.

Users can specify XML files generated by previously run scan and query commands using the --scanxml
and --queryxml parameters. The compare command also checks the prerequisite requirements for all update
packages and list updates in their required order for the flash command.

compare command syntax

Onecli.exe update compare [--scanxml <filename>] [--noscan] [--backup] [--bmc <userid:password@host[:port]>]

[--remoteos userid:passord@host[:port]>] [--cmm <userid:password@host[:port]>]
[--smm <userid:password@host[:port]>] [--esxi <userid:password@host[:port]>] [--iobay <bay_number>]
[--mt <machine type>] [ostype <operating_system> --osarch <architecture>] [--queryxml <filename>]
[--scope <scope>] [--type <type>] [--includeid <includeids>] [--forceid <forceids>] [--excludeid <excludeids>]
[--dir <folder>] [--output <folder>] [<options>]

Options

--remoteos
Specify the remote OS for OneCLI to manage system. After connecting to Linux OS, OneCLI supports to
update firmware and device driver. Ensure that the OneCLI binary for the remote Linux OS is in the
directory specified with “--dir”. The sample command is: ./OneCli update compare --remoteos root@xx.
xx.xx.xx --dir packages --quiet.

Note: Before using this function, users should set “PasswordAuthentication yes” to enable the tunneled
clear text passwords in /etc/ssh/ sshd_config.

68 Lenovo XClarity Essentials OneCLI User Guide

Table 57. compare command specific parameters

Parameter Required/Optional Notes

--backup Optional By default, if the --backup parameter is specified, OneCLI flashes the
IMM and UEFI backup firmware by running the flash command.

The --backup parameter is only used with the --nocompare parameter

(in no compare mode).

--checkdevice Optional Scan dd of the physical exist device.

--cmm Optional Specify the CMM information for scan functions. If the --scanxml
parameter or the --noscan parameter is specified, this parameter is
not required.

--dir Optional folder specifies the path name location of the packages directory.

If no directory is specified, the current directory is used for the

compare command queries.

--excludeid, -E Optional Never flash the excluded packages unless they are prerequisite.
Users can set multiple IDs by separating them with comma(,).

By default: none is excluded.

--forceid, -F Optional The ids can be a comma-separated list that specifies the package IDs
which are usually the package file name without file extension for
queries and comparison. Users can also specify an argument of all to
force query and comparison of all listed packages.

For example: lnvgy_dd_sraidmr_7.700.20.00_sles12_x86-64

By default: none is included.

Use the --forceid parameter to force firmware or device driver queries

and comparison that support package downgrades and in-box to out-
of-box device driver updates. It works in the following cases:
• Query and compare for downgrade packages.
• Ignores the “never” tag in the package XML file. For example, when
querying and comparing HBA updates for QLogic devices.
• Forces out-of-box device driver updates to override in-box device
drivers.
• Ignores missing prerequisites, listing packages to install in all
cases.
--iobay Optional bay_number specifies the I/O module bay number. Valid values are 1,
2, 3, or 4.

The --iobay parameter specifies an I/O module compare operation.

When comparing an I/O module target, the --cmm parameter must
also be specified.

Chapter 7. Update 69
Table 57. compare command specific parameters (continued)

Parameter Required/Optional Notes

--includeid, -I Optional Specify the target package ID for different commands. Usually an ID is
the package file name without extension.

For example: lnvgy_dd_sraidmr_7.700.20.00_sles12_x86-64

It is allowed to input multiple packages IDs using a comma-separated

list.

By default: none is included.

For the BMC target, if the --includeid parameter is not specified, only
the packages specified by the --scope parameter are queried and
compared.

For the BMC target, if the --includeid parameter is specified, only the
listed packages are queried and compared in addition to those
specified by the --scope parameter: if no packages are listed, no
additional packages are queried and compared.

For the CMM, SMM and I/O module targets the --scope parameter is
not used, so only those packages specified by the --includeid
parameter are queried and compared.
--mt Optional Specify the machine type of target device. Lenovo server, chassis,
and enclosure all have machine types.

The --mt parameter is required only when using the --noscan

parameter (the system is not automatically obtaining the machine-
type information).

For the I/O module target, the CMM machine type is specified.
--noscan Optional If the --noscan parameter is specified, the compare command
obtains query results directly for comparison without using the scan
results.

If the --noscan parameter is specified, the following command

parameters are not required:
• --scanxml
• --bmc
• --cmm
• --smm

If the --queryxml parameter is not specified when using the --noscan

parameter, users must specify the --mt, --ostype, and --osarch
parameters.

70 Lenovo XClarity Essentials OneCLI User Guide

Table 57. compare command specific parameters (continued)

Parameter Required/Optional Notes

--ostype, -t Optional Specify operating system deployed on the target system. Valid
choices are win2008, win2012, win2012r2, win2016, rhel5, rhel6,
rhel7, sles10, sles11, sles12, esxi5.0, esxi5.1, esxi5.5, esxi6.0,
esxi6.5, platform, and none.

"none" is the default setting and is used for operating system

independent updates, such as UEFI or BMC updates.

"platform" type represents a bundle of updates which are specially

used for remote update. They include firmware only and are also OS
independent.

The --ostype parameter is not required for CMM, SMM, or I/O module
targets.

The --ostype parameter is required only when using the --noscan

parameter (the system is not automatically obtaining the operating
system information).

--osarch, -a Optional architecture specifies operating system architecture where users are
running the OneCLI. Valid choices are x86, x64, and none.

None is the default setting and is used for operating system

independent operations, such as BMC & CMM firmware updates.

The --osarch parameter is needed only when the user is unable to

determine their operating system information. It is used with the
--noscan parameter.

The --osarch parameter is not used for CMM, SMM, or I/O module
targets.

--queryxml Optional filename specifies a query result file to control the compare
command. If a query result file is specified, the following command
parameters cannot be used:
• --mt
• --includeid
• --forceid
• --dir
• --ostype
• --osarch
• --scope
• --type
--remoteos Optional Specify the remote OS login credential for OneCLI to manage system
in the local host OS.

Support Windows-to-Windows, Linux-to-Linux, and Windows-to-

Linux.

Chapter 7. Update 71
Table 57. compare command specific parameters (continued)

Parameter Required/Optional Notes

--scanxml Optional filename specifies a scan result file to control the compare command.
If a scan result file is specified, the following command parameters
cannot be used:
• --noscan
• --bmc
• --cmm
• --smm
• --iobay
• --mt
• --ostype
• --osarch
• --config
--scope, -s Optional Specify the scope of update operations. Different scopes mean
different operation strategies. Valid choices are:
• uxsp: operation strategy is to focus on UXSP and make bundle
update.
• latest: operation strategy is to help users to find and use latest
updates. Even a particular package name is given by using
"--includeid", OneCLI will still search whether there are later
versions of the package and use the newest one if there are.
• individual: operation strategy is to find and use the packages
specified by the --includeid parameter.
--smm Required Specify the access information of the target SMM. The format is:
userid:password@host[:port].
Notes:
• Both the IPv4 address and the IPv6 address are supported. The
IPv6 address shall be enclosed in square brackets. For example,
[FE80:3BA7:94FF:FE07:CBD0].
• If the IPv6 is LLA, the format is [FE80:3BA7:94FF:FE07:CBD0%
xxx]. Replace xxx with the interface name.

--type, -T Optional type specifies the type of package to compare. Valid choices are:
• fw|dd (default) to compare firmware and device drivers
• fw to compare firmware
• dd to compare device drivers

Packages are not compared for the CMM and I/O module targets.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-rest-port
• --bmc-username,
-u
• --configfile
• --check-trust, -C
• --config
• --nolog
• --never-check-
trust, -N
• --output, -o

Example of the compare command

72 Lenovo XClarity Essentials OneCLI User Guide

In this example, we are creating an update list (update compare command) of the latest updates (--scope
latest argument) for a BMC that is accessed with a user ID of “userid”, a password of “password”, and an IP
address of “host” (--bmc userid:password@host argument), storing it in the “.\packages\” directory (--dir .
\packages\ argument) and storing the log file in the “.\787502cn03e\output\” directory (--output .
\787502cn03e\output\ argument). In this example, the compare command performs its own scan and query
functions, since no XML files are specified for the --scanxml and --queryxml parameters.

Onecli.exe update compare --scope latest --bmc userid:password@BMCIP --dir .\packages\

--output .\787502cn03e\output\

flash command
Use the flash command to deploy updates in sequence, from the list generated by the compare command
to the command target. Results of the update flash operation are stored in an XML file. If errors occur during
a CMM, SMM or I/O module or core firmware flash update, the flash command retrieves the FFDC logs
from BMC, CMM, or SMM.

• For In-Band (IB) mode, both firmware and device drivers are supported. An SFTP server is not required to
be specified (--sftp parameter) in IB mode.
• For Remote Update (including Platform, OOB, BMU) mode:
– Scan results include only firmware.
– An SFTP server can be specified (--sftp parameter) when in OOB mode. Users can upload the package
payload to the SFTP server manually, then specify the package location as part of the --sftp parameter.
OneCLI checks the SFTP folder and the local folder, as specified in the compare command results XML
file. If both locations contain an update payload, OneCLI checks if they are the same, using the SFTP
payload file if they are the same and generating an error and exiting the command if they are not the
same. If only the SFTP location has a payload, this payload is used. If only the local location has a
payload, it is uploaded to the SFTP server and flashed (the --uselocalimg parameter must be
specified).

Note: An SFTP is not required for OOB(Out-Of-Band) update on ThinkSystem.

flash command syntax

Onecli.exe update flash [--esxi <userid:password@host[:port]>] [--comparexml <filename>]

[--nocompare--includeid <ids>] [--includeid <includeids>] [--dir <folder>] [--backup]
[--noreboot] [--output <folder>] [--bmc <userid:password@host[:port]>]
[--remoteos userid:passord@host[:port]>] [--cmm <userid:password@host[:port]>]
[--iobay <bay_number>] [--sftp <userid:password@host [:port]>] [--uselocalimg]
[--ffdc <userid:password@host [:port]>/ffdc/] [<options>] [--psu <arg>][--ftp <arg>] [--tftp <arg>]

Table 58. flash command specific parameters

Parameter Required/Optional Notes

--applytime Optional Specify the firmware apply time for bundle update.

Valid values include:

• OnStartUpdateRequest
• OnReset: Default value for IB update.
• Immediate: Default value for Remote update.

--backup Optional By default, if the --backup parameter is specified, OneCLI flashes the
IMM and UEFI backup firmware by running the flash command.

The --backup parameter is only used with the --nocompare parameter

(in no compare mode).

Chapter 7. Update 73
Table 58. flash command specific parameters (continued)

Parameter Required/Optional Notes

--bmu Optional The --bmu parameter is the BMU OOB update parameter, which can
only be used when the --bmc and --sftp parameters are specified.

--bundle Optional Update the firmware with bundled packages.

--checkdevice Optional Scan dd of the physical exist device.

--cmm Optional Specify the CMM information for scan functions. If the --scanxml
parameter or the --noscan parameter is specified, this parameter is
not required.

--comparexml Optional filename specifies an XML file (typically named compare.xml)

containing comparison results to control the flash command. All
suggested packages listed in the comparison file are flashed.

--dir Optional Specify the firmware package folder.

By default, OneCLI runs the --dir parameter in the default folder.

Do not use the --dir parameter if the --comparexml parameter is used.

--esxi Required Specify the esxi OS information, including OS user name, password,
IP address, and port.

--ffdc Optional userid:password@host[:port] specifies access information for the

SFTP server. Both read and write access are required.

If the --ffdc parameter is specified and there are update failures, the
flash command will try to output the FFDC log file from the BMC or
CMM (for I/O module updates only) to the location specified by the
current --output parameter. The --ffdc parameter specifies the SFTP
server to be used to be a temporary storage location for the FFDC log
file. After the log file is downloaded, it is deleted from the SFTP server.

If the --ffdc parameter is not used, OneCLI will use the same SFTP
location that the --sftp parameter uses to specify the file payload
location.
--fileserver Optional Format: <scheme>://[userid:password@]host[:port][/path].
• For XCC, specify sftp/http/https. For example, https://user:
[email protected]/tmp.
• For SMM, specify tftp. For example, tftp://10.240.0.1:123/tmp/
images.
• For CMM, specify sftp. For example, sftp://user:[email protected]/
tmp/upload.
• For ThinkServer, specify ftp/http/https. For example, ftp://
10.240.0.1/tmp
Note: If the options --tfp, --tftp, --sftp, and --https cannot be used,
use --fileserver instead.

74 Lenovo XClarity Essentials OneCLI User Guide

Table 58. flash command specific parameters (continued)

Parameter Required/Optional Notes

--forceid, -F Optional Similar with --includeid. But it can add force tag for these updateids
to enforce the downgrade. Besides the specified id, it also supports
“all”, which means it can add force tag for all the suggested flash
packages.

The force tag works on the following cases:

1. Force to downgrade.
2. Force to install the package no matter the device is listed in the
scan.xml or not.
3. Ignore “never”” section tag in the package xml. For example,
when querying HBA updates for QLogic.
4. Ignore the missing of prereq. Force to install the package.
By default, there is no force tag for the flash packages.

--graceful Optional Gracefully power off OS in the platform update process.

--includeid, -I Optional This parameter should be used with the --nocompare parameter.

--iobay Optional bay_number specifies the I/O module bay number. Valid values are 1,
2, 3, or 4.

The --iobay parameter specifies an I/O module scan operation. When

scanning an I/O module target, the --cmm parameter must also be
specified.
--nocompare Optional If this parameter is specified, the flash command will update the
firmware and device drivers without performing a comparison.

This parameter should be used with the --includeid parameter to

specify the flash packages.

--noreboot Optional By default, BMC will automatically restart and take effect after the
update. However, if the --noreboot parameter is specified, the flashed
BMC will not restart automatically after the update. To activate the
new firmware, users should manually restart the BMC.

The --noreboot parameter is only used for flashing the primary IMM.

By default, the --noreboot parameter will restart IMM automatically.

--noscan Optional If the --noscan parameter is specified, OneCLI obtains the query
results for comparison by running the compare command without
using the scan results.
--nostage Optional Update the firmware without staging the packages.

--platform Optional The --platform parameter is used to update the OOB and BMU
update packages of the remote server in the platform.

It can only be used when the --bmc parameter is specified.

--queryxml Optional Specify the file containing the query results to control the compare
command.
--remoteos Optional Specify the remote OS login credential for OneCLI to manage system
in the local host OS.

Support Windows-to-Windows, Linux-to-Linux, and Windows-to-

Linux.

Chapter 7. Update 75
Table 58. flash command specific parameters (continued)

Parameter Required/Optional Notes

--scanxml Optional Specify the file containing the scan results to control the compare
command.
--sftp Optional Only used for the remote update of the firmware temporary payload
file in the server.

If the --uselocalimg parameter is specified, OneCLI will copy the

firmware temporary payload file from the local folder to the SFTP
server. If the SFTP server contains a firmware temporary payload file,
this payload file will be overwritten with the local copy.

By default, if the --uselocalimg parameter is not specified, OneCLI will

check if the firmware temporary payload file is in the SFTP server. If
yes, OneCLI will use the file on the SFTP server; if no, OneCLI will
detect and upload the local file to the SFTP server.
--smm Required Specify the access information of the target SMM. The format is:
userid:password@host[:port].
Notes:
• Both the IPv4 address and the IPv6 address are supported. The
IPv6 address shall be enclosed in brackets. For example,
[FE80:3BA7:94FF:FE07:CBD0].
• If the IPv6 is LLA, the format is [FE80:3BA7:94FF:FE07:CBD0%
xxx]. Replace xxx with the interface name.

--type, -T Optional Specify the type of package or component to be downloaded,

scanned, compared, or flashed.

--uselocalimg Optional If the --uselocalimg parameter is specified, OneCLI will copy the
firmware temporary payload file from the local folder to the SFTP
server. If the SFTP server contains a firmware temporary payload file,
this payload file will be overwritten by the local copy.

The --uselocalimg parameter is only used when OneCLI runs in the

remote update mode. In this case, an SFTP server might be used as a
temporary file server for payload files.

By default, if the --uselocalimg parameter is not specified, OneCLI will

check if the firmware temporary payload file is in the SFTP server. If
yes, OneCLI will use the file on the SFTP server; if no, OneCLI will
detect and upload the local file to the SFTP server.
--psu Optional The number of Power Supply Unit (PSU).

76 Lenovo XClarity Essentials OneCLI User Guide

Table 58. flash command specific parameters (continued)

Parameter Required/Optional Notes

--tftp Optional TFTP server for SMM interface.
Format: IP[:port][/path].

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-username,
-u
• --bmc-password,
-w
• --bmc-cim-port,
-p
• --bmc-rest-port
• --configfile
• --check-trust, -C
• --config
• --nolog
• --never-check-
trust, -N
• --nolog
• --output, -o
• --unattended

Example of the flash command

In this example, we are performing a flash update (update flash command) based on compare results stored
in the “.\#VID:#PID\output\Onecli-update-compare.xml” file (--comparexml .\output\Onecli-update-
compare.xml argument) for an I/O module in bay 2 (--iobay 2 argument) that is accessed via a CMM with a
user ID of “userid”, a password of “password”, an IP address of “host”, and a port number of “5989” (--cmm
userid:password@host[:5989] argument), where the update package file is on a temporary SFTP server
accessed with a user ID of “user”, a password/authentication string of “password;38:a8:21:16:
cb:5d:0c:13:56:7c:2a:b9:f3:62:ed:17”, and an IP address of “host” (--sftp user:password;38:a8:21:16:
cb:5d:0c:13:56:7c:2a:b9:f3:62:ed:[email protected] argument), and storing the log file in the “.\872102cn03e
\output\” directory (--output .\872102cn03e\output\ argument).

Onecli.exe update flash --comparexml .\output\Onecli-update-compare.xml

--output .\872102cn03e\output\ --cmm userid:password@host[:5989]
--iobay 2
--sftp user:password;38:a8:21:16:cb:5d:0c:13:56:7c:2a:b9:f3:62:ed:[email protected]

iflash command
Use the iflash command to parse and update the system firmware. OneCLI will flash these system firmware
packages one by one in legacy way (ipmi).

Chapter 7. Update 77
Table 59. iflash command specific parameters

Parameter Required/Optional Notes

--dir Optional Specify the directory of the firmware package.

If no directory is specified, use the current directory.

The --dir parameter is only used with the --nocompare parameter (in
no compare mode).

--forceid Optional Similar with the --includeid parameter, but it can add force tag for
these updateids to enforce the downgrade. Besides the specified ID,
it also supports “all”, which means it can add force tag for all the
suggested flash packages.

The --forceid parameter works on the following cases:

1. Force to downgrade.
2. Force to install the package no matter the device is listed in the
scan.xml or not.
3. Ignore the “never” section tag in the package xml when querying
HBA updates for QLogic.
4. Ignore the missing prereq. Force to install the package.
By default, there is no force tag for the flash packages.

--includeid Optional Specify the target package ID for different commands.

Usually an ID is the package file name without extension.

For example: lnvgy_dd_sraidmr_7.700.20.00_sles12_x86-64

--noreboot Optional By default, BMC will automatically restart and take effect after the
update. However, if the --noreboot parameter is specified, the flashed
BMC will not restart automatically after the update. To activate the
new firmware, users should manually restart the BMC.

When flashing a BMC, the --noreboot parameter can only be used

with the primary BMC.

The --noreboot parameter is not used for I/O module targets.

--output, -o Optional Specify the output directory. By default, the output directory is saved
in ./logs/.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc-username Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-password Note: Users can only use --bmc-username and --bmc-password for
the iflash command in the ThinkSystem servers.

--backup Optional If the --backup parameter is specified, the command compares

backup IMM and UEFI firmware, instead of the primary BMC and
UEFI firmware.
--kcs Optional If the --kcs parameter is specified, the control channel will be over
KCS.
--nolog Optional Run OneCLI without logging.

--config Optional Specify the OneCLI global config file path, in the format of ./global.
config.

Example of the iflash command

78 Lenovo XClarity Essentials OneCLI User Guide

OneCli.exe update iflash [--dir <arg>] [--includeid|-I <arg>] [--forceid|-F <arg>] [--bmc-username|-u <arg>]
[--bmc-password|-w <arg>] [--quiet|-q] [--kcs] [--noreboot] [--output|-o <arg>] [--help|-h] [--backup]

multicompare command
Use the multicompare command to remotely compare the firmware information of multiple BMC, and
specify the BMC information and the configuration parameters by using a JSON configuration file. The
output results are saved in the OneCLI logs in xml format, for example, multi_task\20190429_154002
\Success-10.240.194.248\Onecli-update-compare.xml.

multicompare command syntax

OneCli.exe update multicompare <--configfile <arg>> [--dir <arg>] [--quiet|-q] [--check-trust|-C]

[--never-check-trust|-N] [--pattern <arg>] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Options

--pattern
Filter the items in the compare result tables of multi servers through the regular expression. The outputs
are displayed on the screen and recorded in the JSON file in the log directory.
--configfile
Specify the JSON configuration file. The template file is available in Sample/multi_task_config.json in
OneCLI binary.

Table 60. multicompare command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the JSON configuration file for multi-task commands. The
template file is available in Sample/multi_task_config.json in OneCLI
binary.

--config Optional Specify the file path for the OneCLI config commands.

--dir Optional Specify the directory of the firmware package.

If no directory is specified, use the current directory.

--pattern Optional Specify the pattern for filtering the results.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the multicompare command

OneCli.exe update multicompare --configfile xxxconfig.json --quiet

Chapter 7. Update 79
multiflash command
Use the multiflash command to remotely upgrade the firmware of multiple BMC/SMM, update the
firmware and driver for multiple Linux servers. It also specifies the information and the configuration
parameters of the BMC/SMM and the Linux servers by using a JSON configuration file.

multiflash command syntax

OneCli.exe update multiflash <--configfile <arg>> [--dir <arg>] [--quiet|-q] [--forceid|-F <arg>] [--uselocalimg]
[--check-trust|-C] [--never-check-trust|-N] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Options

--configfile
Specify the JSON configuration file. The template file is available in Sample/multi_task_config.json or
Sample/ multi_remote_task_config.json in OneCLI binary.

Table 61. multiflash command specific parameters

Parameter Required/Optional Notes

--applytime Optional Specify the firmware apply time for bundle update.

Valid values include:

• OnStartUpdateRequest
• OnReset: Default value for IB update.
• Immediate: Default value for Remote update.

--bundle Optional Update the firmware with bundled packages.

--configfile Required Specify the JSON configuration file for multi-task commands. The
template file is available in Sample/multi_task_config.json in OneCLI
binary.

--config Optional Specify the file path for the OneCLI config commands.

--dir Optional Specify the directory of the firmware package.

If no directory is specified, use the current directory.

--forceid, -F Optional It supports to add the force tag for the update ID to enforce the
downgrade.

It also supports <all>, which means it can add force tag for all the
suggested flash packages.

--includeid, -I Optional This parameter should be used with the --nocompare parameter.
--output, -o Optional Specify the output directory. By default, the output directory is saved
in ./logs/.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

80 Lenovo XClarity Essentials OneCLI User Guide

Table 61. multiflash command specific parameters (continued)

Parameter Required/Optional Notes

--scope, -s Optional Specify the scope of update operations. Different scopes mean
different operation strategies. Valid choices are:
• uxsp: operation strategy is to focus on UXSP and make bundle
update.
• latest: operation strategy is to help users to find and use latest
updates. Even a particular package name is given by using
"--includeid", OneCLI will still search whether there are later
versions of the package and use the newest one if there are.
• individual: operation strategy is to find and use the packages
specified by the --includeid parameter.

--uselocalimg Optional If the --uselocalimg parameter is specified, the flash command forces
to copy the payload file from the local folder to the SFTP server.

--platform Optional Update firmware with OOB method and Bare Metal Update (BMU)
method.
• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.
• --help,-h
• --never-check-
trust, -N
• --nolog

Example of the multiflash command

OneCLI update multiflash --configfile xxxconfig.json --sftp user:pass@ip/xx

multiscan command
Use the multiscan command to remotely scan the firmware information of multiple BMC, and specify the
BMC information and the configuration parameters by using a JSON configuration file. The output results are
saved in the OneCLI logs in xml format, for example, multi_task\20190429_154002\Success-10.240.194.248
\Onecli-update-scan.xml.

multiscan command syntax

OneCli.exe update multiscan <--configfile <arg>> [--dir <arg>] [--quiet|-q] [--pattern <arg>] [--check-trust|-C]
[--never-check-trust|-N] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Options

--pattern
Filter the items in the scan result tables of multi servers through the regular expression. The outputs are
displayed on the screen and recorded in the JSON file in the log directory.
--configfile
Specify the JSON configuration file. The template file is available in Sample/multi_task_config.json in
OneCLI binary.

Chapter 7. Update 81
Table 62. multiscan command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the JSON configuration file for multi-task commands. The
template file is available in Sample/multi_task_config.json in OneCLI
binary.

--config Optional Specify the file path for the OneCLI config commands.

--dir Optional Specify the directory of the firmware package.

If no directory is specified, use the current directory.

--pattern Optional Filter the items in the scan result tables of multi servers through the
regular expression. The outputs are displayed on the screen and
recorded in the JSON file in the log directory.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the multiscan command

OneCli.exe update multiscan --configfile xxxconfig.json --quiet --pattern “^UEFI”

scan command
Use the scan command to build a list of available firmware and device driver updates for the targeted device.
The XML file generated with scan command can be used by the compare command.

• For Out-of-Band (OOB) mode, scan results include only firmware.

• For In-Band (IB) mode, scan results include both firmware and device drivers.

Options

--remoteos
Specify the remote OS login credential for OneCLI to manage the servers. After connecting to Linux OS,
OneCLI supports to update firmware and device driver. Ensure that the OneCLI binary for the remote
Linux OS is in the directory specified with the --dir parameter. The sample command is: ./OneCli update
compare --remoteos root@xx. xx.xx.xx --dir packages --quiet.

Note: Before using this function, users should set “PasswordAuthentication yes” to enable the tunneled
clear text passwords in /etc/ssh/ sshd_config.

scan command syntax

Onecli.exe update scan [--bmc <userid:password@host[:port]>] [--esxi <userid:password@host[:port]>]

[--remoteos userid:password@host[:port]][--cmm <userid:password@host[:port]>]
[--smm <userid:password@host[:port]>] [--iobay <bay_number>][--output<folder>] [<options>]

82 Lenovo XClarity Essentials OneCLI User Guide

Table 63. scan command specific parameters

Parameter Required/Optional Notes

--iobay Optional bay_number specifies the I/O module bay number. Valid values are 1,
2, 3, or 4.

The --iobay parameter specifies an I/O module scan operation. When

scanning an I/O module target, the --cmm parameter must also be
specified.
--cmm Optional Specify the CMM information for the scan functions. If the --scanxml
parameter or the --noscan parameter is specified, this parameter is
not required.

--esxi Required Specify the esxi OS information, including OS user name, password,
IP address, and port.
--remoteos Optional Specify the remote OS login credential for OneCLI to manage system
in the local host OS.

Support Windows-to-Windows, Linux-to-Linux, and Windows-to-

Linux.
--smm Required Specify the access information of the target SMM. The format is:
userid:password@host[:port].
Notes:
• Both the IPv4 address and the IPv6 address are supported. The
IPv6 address shall be enclosed in square brackets. For example,
[FE80:3BA7:94FF:FE07:CBD0].
• If the IPv6 is LLA, the format is [FE80:3BA7:94FF:FE07:CBD0%
xxx]. Replace xxx with the interface name.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-username,
-u
• --bmc-password,
-w
• --bmc-rest-port
• --bmc-cim-port,
-p
• --configfile
• --check-trust, -C
• --config
• --output, -o
• --nolog
• --never-check-
trust, -N

Example of the scan command

In this example, we are building a list of firmware (update scan command) installed in a CMM that is
accessed with a user ID of “userid”, a password of “password”, and an IP address of “host” (--cmm userid:
password@host argument) storing the scan report XML file (using the default file name) in the “output”
directory (--output .\872102cn03e\output\ argument).

Onecli.exe update scan --cmm userid:password@host --output .\872102cn03e\output\

startstaged command
Use the startstaged command to start the update task staged in XCC2 on the ThinkSystem V3 systems.

Chapter 7. Update 83
startstaged command syntax

Usage: OneCli.exe update startstaged [--bmc|-b <arg>] [--bmc-username|-u <arg>]

[--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 64. startstaged command specific parameters

Parameter Required/Optional Notes

--xml Optional Specify the output XML.

• --bmc-password, Optional Refer to Table 3 “OneCLI global parameters” on page 2.

-w
• --bmc-rest-port
• --bmc-username,
-u
• --check-trust, -C
• --config
• --help, -h
• --never-check-
trust, -N
• --nolog
• --output, -o
• --quiet, -q

Example of the startstaged command

OneCli.exe update startstaged --bmc userid:password@host

84 Lenovo XClarity Essentials OneCLI User Guide

Chapter 8. Miscellaneous
The topics in this section describe how to use the Lenovo XClarity Essentials OneCLI miscellaneous
commands.

The following table list the miscellaneous commands supported by XClarity Essentials OneCLI.

Table 65. Miscellaneous (misc) commands

Commands Description

bmcpassword Remotely change password of BMC accounts when first login or password expired.

For more information, refer to “bmcpassword command” on page 87.

cmos Execute the CMOS action.

For more information, refer to “cmos command” on page 88.

edgeserver Manage the status of the ThinkEdge servers.

For more information, refer to “edgeserver command” on page 89.

encrypt Encrypt credentials in plain text file.

For more information, refer to “encrypt command” on page 89.

ffdc Collect the FFDC of BMC/ESXi/CMM/SMM.

For more information, refer to “ffdc command” on page 90.

fpusb Set and view the configurations of the front panel USB port.

For more information, refer to “fpusb commands” on page 92.

hddlocate Manage the LED status of hard disk drive.

For more information, refer to “hddlocate command” on page 93.

hostinterface Manage Host Interface of BMC Redfish.

For more information, refer to “hostinterface command” on page 94.

logmgr Manage BMC event logs.

For more information, refer to “logmgr commands” on page 95.

multibmcpassword Remotely change password of BMC accounts for multiple systems when first login or
password expired.

For more information, refer to “multibmcpassword command” on page 97.

multiffdc Obtain the BMC/SMM FFDC logs from multiple servers.

For more information, refer to “multiffdc command” on page 97.

multiinventory Remotely collect system information for multiple IMM-based or XCC-based servers.

For more information, refer to “multiinventory command” on page 99.

© Copyright Lenovo 2018, 2024 85

Table 65. Miscellaneous (misc) commands (continued)

Commands Description

multiraid Remotely create, clear, and save the RAID configuration for multiple systems.

For more information, refer to “multiraid command” on page 101.

multiospower Turn on, turn off and restart the server, obtain the server power state, and restart the server to
BIOS setup.

For more information, refer to “multiospower commands” on page 108.

multiservicedata Obtain service data information from multiple BMC.

For more information, refer to “multiservicedata command” on page 110.

multisyshealth Remotely collect system health information for multiple systems.

For more information, refer to “multisyshealth command” on page 111.

multivm List, mount, or unmout the virtual medias on multiple BMC.

For more information, refer to “multivm commands” on page 112.

ospower Power on, power off, or restart host OS.

For more information, refer to “ospower command” on page 113.

portctrl Query/enable/disable the cim/ipmilan/ipmikcs connection.

For more information, refer to “portcrl command” on page 114.

raid Create, clear, and save the RAID configurations.

For more information, refer to “raid command” on page 117.

rebootbmc Restart BMC.

For more information, refer to “rebootbmc command” on page 134.

rebootcmm Restart CMM.

For more information, refer to “rebootcmm command” on page 135.

rebootiom Restart I/O Module on the Flex chassis.

For more information, refer to “rebootiom command” on page 135.

rebootsmm Restart SMM.

For more information, refer to “rebootsmm command” on page 136.

reseatblade Reseat the blades on the Flex chassis.

For more information, refer to “reseatblade command” on page 136.

reseatcmm Reseat CMM.

For more information, refer to “reseatcmm command” on page 137.

reseatswitch Reseat the switch on the Flex chassis.

For more information, refer to “reseatswitch command” on page 137.

86 Lenovo XClarity Essentials OneCLI User Guide

Table 65. Miscellaneous (misc) commands (continued)

Commands Description

restorebmu Restore the BMU status on BMC.

For more information, refer to “restorebmu command” on page 137.

restoresmm Restore the SMM update progress.

For more information, refer to “restoresmm command” on page 138.

rpp Assert and deassert Remote Physical Presence(RPP), or obtain its status.

For more information, refer to “rpp commands” on page 138.

serase Securely and permanently erase the data of hard disk drives in the BMU mode.

For more information, refer to “serase command” on page 140.

servicedata Obtain service data information from BMC.

For more information, refer to “servicedata command” on page 141.

servicelog Obtain service data log from BMC.

For more information, refer to “servicelog command” on page 141.

smartdata Get the disk drive SMART data.

For more information, refer to “smartdata command” on page 142.

smmlan Disable or enable SMM LAN.

For more information, refer to “smmlan commands” on page 143.

switchcmm Toggle active CMM.

For more information, refer to “switchcmm command” on page 144.

sysguard Manage BMC system guard.

For more information, refer to “sysguard command” on page 144.

syshealth Query system health status.

For more information, refer to “syshealth command” on page 145.

usblan Enable or disable USB LAN.

For more information, refer to “usblan command” on page 146.

vm List, mount, or unmount the virtual media.

For more information, refer to “vm commands” on page 147.

bmcpassword command
Use the bmcpassword command to remotely change the password of BMC accounts when users log in to
BMC for the first time or the password is expired on the XCC-based servers.

bmcpassword command syntax

OneCli.exe misc bmcpassword <--bmc <arg>>

Chapter 8. Miscellaneous 87
Table 66. bmcpassword command specific parameters

Parameter Required/Optional Notes

--newpwd Optional Specify the new password of BMC accounts.

If this parameter is not specified, OneCLI will change the password of

BMC accounts in the security mode. For more information, refer to
“Changing password of BMC account in security mode” on page 170.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --help,-h
• --never-check-
trust, -N
• --node, -n
• --nolog, -n
• --output, -o

Example of the bmcpassword command

OneCli.exe misc bmcpassword --bmc USERID:PASSWORD@host --newpwd xxxxxx

cmos command
Use the cmos command to execute the CMOS action. The system should be powered off before running the
cmos command.

cmos command syntax

OneCli.exe [misc] cmos <command> [options]

Table 67. cmos command

Command Syntax example Description

clear OneCli.exe [misc] cmos clear Remotely clear the CMOS data.

88 Lenovo XClarity Essentials OneCLI User Guide

Table 68. clear command specific parameters

Parameter Required/Optional Notes

--pap Optional Specify UEFI PAP(UEFI admin password).

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --config
• --never-check-
trust, -N
• --output, -o
• --nolog, -n

Example of the clear command

OneCli.exe cmos clear --bmc USERID:[email protected]

edgeserver command
Use the edgeserver command to manage the status of the ThinkEdge servers.

edgeserver command syntax

OneCli.exe [misc] edgeserver <command> [options...]

Table 69. edgeserver commands

Commands Description Syntax

getsecurityinfo Get ThinkEdge server OneCli.exe [misc] edgeserver getsecurityinfo [--bmc|-b <arg>]
security information [--check-trust|-C] [--never-check-trust|-N] [--quiet|-q] [--noping]
from BMC. [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

lock Lock the server. OneCli.exe [misc] edgeserver lock [--bmc|-b <arg>] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q] [--noping] [--output|-o <arg>]
[--nolog] [--config <arg>] [--help|-h]

unlock Unlock server over OneCli.exe [misc] edgeserver unlock [--bmc|-b <arg>] [--check-trust|-C]
BMC. [--never-check-trust|-N] [--quiet|-q] [--noping] [--output|-o <arg>]
[--nolog] [--config <arg>] [--help|-h]

Example of the edgeserver command

OneCli.exe edgeserver unlock -b USERID:[email protected]

encrypt command
Use the encrypt command to encrypt, save, and update the credentials or the sensitive setting values in the
specified plain text file.

encrypt command syntax

OneCli.exe misc encrypt <--configfile <arg>> [--unattended]

Chapter 8. Miscellaneous 89
Table 70. encrypt command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the JSON configuration file.

• For encrypting the credentials, the template file is available in

Sample/credentials_config.json.
• For encrypting the sensitive setting values, the template file is
available in Sample/setting.json.

--unattended Optional Refer to Table 3 “OneCLI global parameters” on page 2.

Example of the encrypt command

OneCli.exe misc encrypt --configfile credentials.json --unattended

ffdc command
Use the ffdc command to collect the FFDC of BMC/ESXi/CMM/SMM.

ffdc command syntax

Onecli.exe [misc] ffdc [<options>]

Option

Usage
Usage: OneCli.exe [misc] ffdc [ [--cmm|-c <arg>] [--smm <arg>]
[--bmc|-b <arg>] [--esxi|-e <arg>] ]
[--cn <arg>] [--sn <arg>]
[--mt <arg>] [--check-trust|-C]
[--never-check-trust|-N] [--upload <arg>]
[--proxy|-P <arg>] [--proxy-cacert <arg>]
[--cacert <arg>] [--proxy-insecure]
[--insecure] [--tftp <arg>]
[--sftp <arg>] [--bmc-username|-u <arg>]
[--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>]
[--bmc-cim-port|-p <int>] [--iobay <arg>]
[--node|-n <int>] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 71. ffdc command specific parameters

Parameter Required/Optional Notes

--cacert Optional Specify the path of CACert.
--cmm Required Specify CMM IP and credential information.
--cn Optional Specify the case number to upload the files to Lenovo System CARE.
The case number should be composed of at least seven characters.

--esxi Optional Specify IP and credential information of VMware ESXI OS.

--insecure Optional Allow insecure server connections when using SSL.

--mt Optional Specify with --sn. Specify the machine of the target system when
uploading the files to System CARE.

90 Lenovo XClarity Essentials OneCLI User Guide

Table 71. ffdc command specific parameters (continued)

--proxy, -P Optional Specify proxy user credential and IP address used to connect to the
target server specified in the --upload parameter.

This parameter should be used with --upload.

The format is user: password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--proxy-cacert Optional Specify the path of proxy CACert.

--proxy-insecure Optional Connect to HTTPS proxy without verifying.

--smm Required Specify the access information of the target SMM. The format is:
userid:password@host[:port].
Notes:
• Both the IPv4 address and the IPv6 address are supported. The
IPv6 address shall be enclosed in brackets. For example,
[FE80:3BA7:94FF:FE07:CBD0].
• If the IPv6 is LLA, the format is [FE80:3BA7:94FF:FE07:CBD0%
xxx]. Replace xxx with the interface name.
--sn Optional Specify with --mt. Specify the serial number of the target system
when uploading the files to System CARE.

--upload Required This parameter can be specified with the following arguments: lenovo
and server address.

If specified with lenovo, the format is: --upload lenovo. The inventory
data is uploaded to Lenovo Upload Facility. Users should specify the
case number, or specify both machine type and serial number.

If specified with server address, the format is: --upload server

address. The inventory data is uploaded to the target server. The
supported protocols include: TFTP, FTP, and SFTP.

If not specified, no inventory data will be uploaded.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-password,
-w
• --bmc-username,
-u
• --config
• --check-trust, -C
• --iobay
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the ffdc command

OneCli.exe misc ffdc --bmc userid:password@host

OneCli.exe misc ffdc --cmm userid:password@host --sftp root:password@host
OneCli.exe misc ffdc --smm userid:password@host --tftp host

Chapter 8. Miscellaneous 91
fpusb commands
The topics in this section provide detailed information about how to use the fpusb commands to set and view
the configurations of the front panel USB port.

Table 72. fpusb commands

Command Description
set Set the configurations of the front panel USB port. For more information, refer to “set
command” on page 92.
status View the configurations of the front panel USB port. For more information, refer to “status
command” on page 93.

Notes:
• The front panel USB port does not support the following servers: ThinkSystem SD530, ThinkSystem
SD650, System nx360 M5, System x240 M5 Compute Node, System x240 Compute Node, System x440
Compute Node, System x280/x480/x880 X6 Compute Node, System x3250 M6, System x3500 M5,
System x3550 M5, System x3650 M5, System x3750 M4, System x3850 X6, and System x3950 X6.
• Before configuring the front panel USB port in the target server, select the --bmc-username option and
the --bmc-password option to specify the SSH credentials for the BMC connection.

set command
Use the set command to set the configurations for the front panel USB port in the target server.

set command syntax

OneCli.exe [misc] fpusb set [command options]

Table 73. set command specific parameters

Parameter Required/Optional Notes

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-password,
-w
• --bmc-username,
-u
• --config
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

--btn Optional Switch the owner by enabling or disabling ID button when the
specified mode is shared.

--mode Optional Specify the mode for the front panel USB. The mode can be set as
bmc, server and shared.
--owner Optional Set the preferred owner when the specified mode is shared. The
values inlcude: server, and bmc.
--timeout Optional Set the inactivity time-out for the fpusb command of the BMC. The
unit is minute.

Example of the set command

92 Lenovo XClarity Essentials OneCLI User Guide

OneCli.exe fpusb set --bmc userid:password@IP --mode shared --btn on
OneCli.exe fpusb set --bmc-username userid –bmc-password password
--mode shared --timeout 30 --owner bmc

Notes:
• To set the owner, input the status command to check if the front panel USB port is in shared mode; if no,
select the --mode shared option to set the front panel USB port to shared mode, and then select the
owner.
• To set the inactivity time-out, input the status command to check if the front panel USB port is in shared
mode and if BMC is the preferred owner; if no, select the --mode shared option to set the front panel
USB port to shared mode, and select the --owner bmc option to set BMC as the preferred owner.

status command
Use the status command to view the configurations of the front panel USB port in the target server.

status command syntax

OneCli.exe [misc] fpusb status [options] [connection options]

Table 74. status command specific parameters

Parameter Required/Optional Notes

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-password,
-w
• --bmc-username,
-u
• --config
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the status command

OneCli.exe fpusb status --bmc userid:password@IP

OneCli.exe fpusb status --bmc-username userid --bmc-password password

hddlocate command
Use the hddlocate command to manage the LED status of hard disk drive.

Note: The hddlocate command is only supported in the ThinkServer/WenTian/KaiTian systems.

hddlocate command syntax

OneCli.exe [misc] hddlocate <command> [options...]

Chapter 8. Miscellaneous 93
Table 75. hddlocate commands

Command Syntax example Description

show OneCli.exe [misc] hddlocate show [--bmc|-b <arg>] Show the LED status of
[--check-trust|-C] [--never-check-trust|-N] [--quiet|-q] hard disk drive.
[--slot|-S <int>] [--bmc-username|-u <arg>]
[--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>]
[--output|-o <arg>] [--nolog] [--config <arg>]
[--help|-h]
turnon OneCli.exe [misc] hddlocate turnon [--bmc|-b <arg>] Turn on the LEDs of the
[--check-trust|-C] [--never-check-trust|-N] [--quiet|-q] hard disk drive and set
[--slot|-S <int>] [--bmc-username|-u <arg>] them to blink by disk slot
[--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>] number.
[--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

turnoff OneCli.exe [misc] hddlocate turnoff [--bmc|-b <arg>] Turn off the LEDs of the
[--check-trust|-C] [--never-check-trust|-N] [--quiet|-q] hard disk drive by disk slot
[--slot|-S <int>] [--bmc-username|-u <arg>] number.
[--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>]
[--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 76. hddlocate command specific parameters

Parameter Required/Optional Notes

--slot Optional Specify the slot number of the target hard disk drive for the LED
status management.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --config
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the hddlocate command

OneCli.exe hddlocate turnon --slot 1 -b USERID:[email protected]

hostinterface command
Use the hostinterface command to manage Host Interface of BMC Redfish.

hostinterface command syntax

OneCli.exe [misc] hostinterface <command> [options...]

Table 77. hostinterface commands

Command Description

clear Clear Host Interface account. For more information, refer to “clear command” on page 95.

Example of the hostinterface command

OneCli.exe hostinterface clear -b USERID:[email protected]

94 Lenovo XClarity Essentials OneCLI User Guide

clear command
Use the clear command to clear Host Interface account.

clear command syntax

OneCli.exe [misc] hostinterface clear [--bmc|-b <arg>] [--check-trust|-C]

[--never-check-trust|-N] [--bmc-username|-u <arg>]
[--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>]
[--quiet|-q] [--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 78. clear command specific parameters

Parameter Required/Optional Notes

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-password,
-w
• --bmc-rest-port
• --bmc-username,
-u
• --check-trust, -C
• --config
• --help, -h
• --never-check-
trust, -N
• --nolog
• --output, -o
• --quiet
•

Example of the clear command

OneCli.exe hostinterface clear -b USERID:[email protected]

logmgr commands
Use the logmgr commands to obtain and clear BMC event logs. The logmgr commands support in-band and
out-of-band mode.

logmgr command syntax

OneCli.exe [misc] logmgr <cmds> [<options>]

Table 79. logmgr commands and syntax examples

Command Syntax example Description

clearbmclog OneCli.exe misc logmgr • Clear the BMC event logs of the server.
clearbmclog • Clear the remote BMC event logs by inputting --bmc
user:password@host:port.
• Can be run on the local host OS without specifying
“--bmc”.
clearall OneCli.exe misc logmgr • Clear the BMC event logs and the system event logs of
clearall --bmc userid: the server.
password@host • Clear the remote BMC event logs and the system event
logs by inputting --bmc user:password@host:port.
• Can be run on the local host OS without specifying
“--bmc”

Chapter 8. Miscellaneous 95
Table 79. logmgr commands and syntax examples (continued)

Command Syntax example Description

clearsel OneCli.exe misc logmgr • Clear the system event logs of the server.
clearsel --bmc userid: • Clear the remote BMC system event logs by inputting
password@host --bmc user:password@host:port.
• Can be run on the local host OS without specifying
“--bmc”.
showauditlog OneCli.exe misc logmgr • Display the BMC audit event logs of the server.
showauditlog --bmc userid: • Display the remote BMC audit event logs by inputting
password@host --bmc user:password@host:port.
• Can be run on the local host OS without specifying
“--bmc”.
showbmclog OneCli.exe misc logmgr • Display the BMC Platform event logs of the server.
showbmclog --bmc userid: • Display the remote BMC event logs by inputting --bmc
password@host user:password@host:port.
• Can be run on the local host OS without specifying
“--bmc”.
showmaintlog OneCli.exe misc logmgr • Display the BMC maintenance logs of the server.
showmaintlog --bmc userid: • Display the remote BMC maintenance logs by inputting
password@host --bmc user:password@host:port.
• Can be run on the local host OS without specifying
“--bmc”.
showsel OneCli.exe logmgr • Display the system event logs of the server.
showsel --bmc userid: • Display the remote BMC system event logs by
password@host inputting --bmc user:password@host:port.
• Can be run on the local host OS without specifying
“--bmc”.

Table 80. logmgr command specific parameters

Parameter Required/Optional Notes

--type, -T Optional Specify the type of BMC log to be cleared.

AEL: Audit Event Log

PEL: Platform Event Log

ALL: Audit Event Log and Platform Event Log

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on

• --bmc-cim-port, -p page 2.
• --bmc-password, -w
• --bmc-username, -u
• --check-trust, -C
• --config
• --nolog
• --never-check-trust, -N
• --output, -o

Example of the logmgr command

OneCli.exe logmgr clearbmclog --bmc userid:password@host

96 Lenovo XClarity Essentials OneCLI User Guide

multibmcpassword command
Use the multibmcpassword command to remotely change the password of BMC accounts for multiple
systems when users log in to BMC for the first time or the password is expired on the XCC-based servers.

multibmcpassword command syntax

OneCli.exe [misc] multibmcpassword <--configfile <arg>>

[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q]
[--newpwd <arg>] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 81. multibmcpassword command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

--newpwd Optional Specify the new password of BMC accounts.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --config
• --help,-h
• --never-check-
trust, -N
• --nolog, -n
• --output, -o

Example of the multibmcpassword command

OneCli.exe misc multibmcpassword --newpwd xxxxxxxx --configfile multi_task_config.json

multiffdc command
Use the multiffdc command to obtain the BMC/SMM FFDC logs from multiple servers.

multiffdc command syntax

OneCli.exe [misc] multiffdc [ [--smm <arg>] [--bmc|-b <arg>] ][--cn <arg>] [--sn <arg>]
[--mt <arg>] [--check-trust|-C] [--never-check-trust|-N] [--upload <arg>] [--proxy|-P <arg>]
[--proxy-cacert <arg>][--cacert <arg>] [--proxy-insecure][--insecure] [--tftp <arg>]
[--sftp <arg>] [--bmc-username|-u <arg>] [--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>]
[--bmc-cim-port|-p <int>] [--iobay <arg>] [--node|-n <int>] [--quiet|-q][--configfile <arg>]
[--output|-o <arg>][--nolog] [--config <arg>] [--help|-h]

Chapter 8. Miscellaneous 97
Table 82. multiffdc command specific parameters

Parameter Required/Optional Notes

--cn Optional Specify the case number to upload the files to Lenovo System CARE.
The case number should be composed of at least seven characters.

--iobay Optional bay_number specifies the I/O module bay number. Valid values are 1,
2, 3, or 4.

The --iobay parameter specifies an I/O module scan operation. When

scanning an I/O module target, the --cmm parameter must also be
specified.
--mt Optional Specify with --sn. Specify the machine of the target system when
uploading the files to System CARE.
--sn Optional Specify with --mt. Specify the serial number of the target system
when uploading the files to System CARE.

--sftp Optional SFTP connection information. Format: user:password@IP[port][dir/].

The address is used to save FFDC logs for VMWare ESXi.
--smm Optional If specified, the inventory application will only get the information for a
remote SMM.

The format is user:password@IP. For the IPv6 address, the format is

user:password@[IPv6].

--tftp Optional TFTP server for SMM interface.

Format: IP[:port][/path].

--upload Required This parameter can be specified with the following arguments: lenovo
and server address.

If specified with lenovo, the format is: --upload lenovo. The inventory
data is uploaded to Lenovo Upload Facility. Users should specify the
case number, or specify both machine type and serial number.

If specified with server address, the format is: --upload server

address. The inventory data is uploaded to the target server. The
supported protocols include: TFTP, FTP, and SFTP.

If not specified, no inventory data will be uploaded.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --config
• --configfile
• --help, -h
• --never-check-
trust, -N
• --node, -n
• --nolog
• --output, -o
• --quiet

Example of the multiffdc command

OneCli.exe misc multiffdc --configfile multi_task_config.json

98 Lenovo XClarity Essentials OneCLI User Guide

multiinventory command
Use the multiinventory command to acquire system information from multi servers.

multiinventory command syntax

OneCli.exe [misc] multiinventory <command> [options...]

Table 83. multiinventory command

Command Description

getinfor Gets device inventory information from multiple servers. For more information, refer to
“getinfor command” on page 99.

Example of the multiinventory command

OneCli.exe multiinventory getinfor --configfile xxxx/xxxx

getinfor command
Use the getinfor command to get device inventory information from multiple servers.

getinfor command syntax

OneCli.exe multiinventory getinfor <--configfile <arg>> [ [--cn <arg>] [--sn <arg>] [--mt <arg>]
[--check-trust|-C] [--never-check-trust|-N] [--device <arg>] [--upload <arg>]
[--proxy|-P <arg>] [--proxy-cacert <arg>] [--cacert <arg>] [--proxy-insecure]
[--insecure] [--htmlreport] [--ffdc] [--tftp <arg>] [--sftp <arg>] [--hldec]
[--quiet|-q] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 84. getinfor command specific parameters

Parameter Required/Optional Notes

--cn Optional Specify the case number to upload the files to Lenovo System CARE.
The case number should be composed of at least seven characters.
--cacert Optional Specify the path of CACert.

--device, -d Optional Specify the device to get the status.

The supported parameters used with --device: system, processor,

fan, dimm, power, and pci_adapter.

If not specified, the system health summary containing errors and

warning events will be displayed.

--ffdc Optional If specified, the inventory application will retrieve the BMC FFDC log.

--hldec Optional Collect the UEFI hidden logs. This option is only supported for System
X.
--htmlreport Optional If specified, the output results will contain HTML file report.

--insecure Optional Allow insecure server connections when using SSL.

Chapter 8. Miscellaneous 99
Table 84. getinfor command specific parameters (continued)

Parameter Required/Optional Notes

--mt Optional Specify the machine type of target device. Lenovo server, chassis,
and enclosure all have machine types.

The --mt parameter is required only when using the --noscan

parameter (the system is not automatically obtaining the machine-
type information).

For the I/O module target, the CMM machine type is specified.
--proxy Optional Use proxy to connect to Lenovo Web site.

The format is user: password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--proxy-cacert Optional Specify the path of proxy CACert.

--proxy-insecure Optional Do HTTPS proxy connections without verifying the proxy

--sn Optional Specify with --mt. Specify the serial number of the target system
when uploading the files to System CARE.

--sftp Optional SFTP connection information. Format: user:password@IP[port][dir/].

The address is used to save FFDC logs for VMWare ESXi.

--tftp Optional TFTP server for SMM interface.

Format: IP[:port][/path].

--upload Required This parameter can be specified with the following arguments: lenovo
and server address.

If specified with lenovo, the format is: --upload lenovo. The inventory
data is uploaded to Lenovo Upload Facility. Users should specify the
case number, or specify both machine type and serial number.

If specified with server address, the format is: --upload server

address. The inventory data is uploaded to the target server. The
supported protocols include: TFTP, FTP, and SFTP.

If not specified, no inventory data will be uploaded.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --configfile
• --check-trust, -C
• --never-check-
trust, -N
• --help, -h
• --nolog
• --output, -o
• --quiet

Example of the getinfor command

OneCli.exe multiinventory getinfor --configfile xxxx/xxxx

100 Lenovo XClarity Essentials OneCLI User Guide

multiraid command
Use the multiraid command to remotely create, clear, and save the RAID configuration, check the drive
information, convert the JBOD drives to the unconfigured good drives, and convert the unconfigured good
drives to the JBOD drives for multiple IMM/XCC-based servers.

multiraid command syntax

OneCli.exe [misc] multiraid <command> [options...]

Table 85. multiraid commands

Command Description

add Create RAID configuration. For more information, refer to “add command” on page 101.

clear Clear RAID configuration. For more information, refer to “clear command” on page 102.

init Fastly initialize volumes. For more information, refer to “init command” on page 103.

makegood Convert the JBOD drives to the unconfigured good drives. For more information, refer to
“makegood command” on page 104.

makejbod Convert the unconfigured good drives to the JBOD drives. For more information, refer to
“makejbod command” on page 105.
save Save RAID configuration. For more information, refer to “save command” on page 106.

show Show controller and drive information. For more information, refer to “show command” on
page 107.

add command
Use the add command to create the RAID configuration for multiple IMM/XCC-based servers.

add command syntax

Usage: OneCli.exe [misc] multiraid add <--configfile <arg>> <--file|-f <arg>>

[--target|-t <arg>] [--force]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 86. add command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--file,-f Requied Specify the config file.

The template file of software raid is available in Sample/sw_raid.ini.

The template file of other raids is available in Sample/hw_raid.ini.

Chapter 8. Miscellaneous 101

Table 86. add command specific parameters (continued)

Parameter Required/Optional Notes

--force Optional Forcibly create RAID configuration when there is no user interaction.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the add command

OneCli.exe misc multiraid add --configfile ./mutli_raid.json --file ./hw_raid.ini

clear command
Use the clear command to clear the RAID configuration for multiple IMM/XCC-based servers.

clear command syntax

Usage: OneCli.exe [misc] multiraid clear <--configfile <arg>> <--target|-t <arg>>

[--volume|-v <arg>] [--force]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 87. clear command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--force Optional If specified, it will forcibly create RAID configuration without user
interaction.
--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

102 Lenovo XClarity Essentials OneCLI User Guide

Table 87. clear command specific parameters (continued)

Parameter Required/Optional Notes

--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

--volume, -v Optional Specify the target volume ID. The argument can be specified to
multiple targets by comma. If not specified, it means all.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the clear command

OneCli.exe misc multiraid clear --configfile ./mutli_raid.json --target xxx

init command
Use the init command to fastly initialize volumes for multiple IMM/XCC-based servers.

Note: This command can only be used in the ThinkSystem servers with XCC level versions released later
than October 2018.

init command syntax

Usage: OneCli.exe [misc] multiraid init <--configfile <arg>> <--target|-t <arg>>

[--volume|-v <arg>] [--force]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 88. init command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--force Optional Forcibly create RAID configuration when there is no user interaction.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

Chapter 8. Miscellaneous 103

Table 88. init command specific parameters (continued)

Parameter Required/Optional Notes

--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

--volume, -v Optional Specify the target volume ID. The argument can be specified to
multiple targets by comma. If not specified, it means all.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the init command

OneCli.exe misc multiraid init --configfile ./mutli_raid.json --target xxx

makegood command
Use the makegood command to convert the JBOD drives to the unconfigured good drives for multiple IMM/
XCC-based servers.

makegood command syntax

Usage: OneCli.exe [misc] multiraid makegood <--configfile <arg>> <--target|-t <arg>>

[--drive|-d <arg>] [--force]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 89. makegood command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--drive, -d Optional Specify target drive ID.

The arguments can be grouped in multiple targets and separated by

commas.

If it is not specified, it means all.

104 Lenovo XClarity Essentials OneCLI User Guide

Table 89. makegood command specific parameters (continued)

Parameter Required/Optional Notes

--force Optional Forcibly create RAID configuration when there is no user interaction.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the makegood command

OneCli.exe misc multiraid makegood --configfile ./mutli_raid.json --target xxx

makejbod command
Use the makejbod command to convert the unconfigured good drives to the JBOD drives for multiple IMM/
XCC-based servers.

Note: This command can only be used in the ThinkSystem servers.

makejbod command syntax

Usage: OneCli.exe [misc] multiraid makejbod <--configfile <arg>> <--target|-t <arg>>

[--drive|-d <arg>] [--force]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 90. makejbod command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

Chapter 8. Miscellaneous 105

Table 90. makejbod command specific parameters (continued)

Parameter Required/Optional Notes

--drive, -d Optional Specify target drive ID.

The arguments can be grouped in multiple targets and separated by

commas.

If it is not specified, it means all.

--force Optional Forcibly create RAID configuration when there is no user interaction.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the makejbod command

OneCli.exe misc multiraid makejbod --configfile ./mutli_raid.json --target xxx

save command
Use the save command to save the RAID configuration for multiple IMM/XCC-based servers.

save command syntax

Usage: OneCli.exe [misc] multiraid save <--configfile <arg>> <--file|-f <arg>>

[--target|-t <arg>] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 91. save command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

106 Lenovo XClarity Essentials OneCLI User Guide

Table 91. save command specific parameters (continued)

Parameter Required/Optional Notes

--file,-f Requied Specify the config file.

The template file of software raid is available in Sample/sw_raid.ini.

The template file of other raids is available in Sample/hw_raid.ini.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the save command

OneCli.exe misc multiraid save --configfile ./mutli_raid.json --file ./hw_raid.ini

show command
Use the show command to show controller and drive information for multiple IMM/XCC-based servers.

show command syntax

Usage: OneCli.exe [misc] multiraid show <--configfile <arg>> [--target|-t <arg>]

[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 92. show command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

Chapter 8. Miscellaneous 107

Table 92. show command specific parameters (continued)

Parameter Required/Optional Notes

--target,-t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C
• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the show command

OneCli.exe misc multiraid show --configfile ./mutli_raid.json

multiospower commands
Use the multiospower commands to turn on, turn off and restart the server, obtain the server power state,
and restart the server to BIOS setup.

multiospower command syntax

OneCli.exe misc multiospower <command> [options]

Table 93. multiospower commands

Option Description

boottosetup Restart the server to BIOS setup. For more information, refer to “boottosetup command” on
page 108.

reboot Restart the server. For more information. refer to “reboot command” on page 109.
state Obtain the server power state. For more information. refer to “state command” on page 109.
turnon Turn on the server. For more information. refer to “turnon command” on page 110.

turnoff Turn off the server. For more information. refer to “turnoff command” on page 110.

Example of the multiospower commands

OneCli.exe misc multiospower status --configfile xxxx/xxxx

boottosetup command
Use the boottosetup command to restart the server to BIOS setup.

boottosetup command syntax

OneCli.exe misc multiospower <boottosetup> [--check-trust|-C] [--never-check-trust|-N] [--quiet|-q]

108 Lenovo XClarity Essentials OneCLI User Guide

[--configfile <arg>] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 94. boottosetup command specific parameters

Parameter Required/Optional Notes

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the boottosetup command

OneCli.exe misc multiospower boottosetup --configfile xxxx/xxxx

reboot command
Use the reboot command to restart the server.

reboot command syntax

OneCli.exe misc multiospower <reboot> [--check-trust|-C] [--never-check-trust|-N] [--quiet|-q]

[--configfile <arg>] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 95. reboot command specific parameters

Parameter Required/Optional Notes

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the reboot command

OneCli.exe misc multiospower reboot --configfile xxxx/xxxx

state command
Use the state command to obtain the server power state.

state command syntax

OneCli.exe misc multiospower <state> [--check-trust|-C] [--never-check-trust|-N] [--quiet|-q]

[--configfile <arg>] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 96. state command specific parameters

Parameter Required/Optional Notes

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Chapter 8. Miscellaneous 109

Example of the state command

OneCli.exe misc multiospower state --configfile xxxx/xxxx

turnon command
Use the turnon command to turn on the server.

turnon command syntax

OneCli.exe misc multiospower <turnon> [--check-trust|-C] [--never-check-trust|-N] [--quiet|-q]

[--configfile <arg>] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 97. turnon command specific parameters

Parameter Required/Optional Notes

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the turnon command

OneCli.exe misc multiospower turnon --configfile xxxx/xxxx

turnoff command
Use the turnoff command to turn off the server.

turnoff command syntax

OneCli.exe misc multiospower <turnoff> [--check-trust|-C] [--never-check-trust|-N] [--quiet|-q]

[--configfile <arg>] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 98. turnoff command specific parameters

Parameter Required/Optional Notes

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the turnoff command

OneCli.exe misc multiospwer turnoff --configfile xxxx/xxxx

multiservicedata command
Use the multiservicedata command to obtain service data information from multiple BMC.

multiservicedata command syntax

OneCli.exe [misc] multiservicedata [--bmc|-b <arg>] [--type|-T <arg>] [--check-trust|-C]

110 Lenovo XClarity Essentials OneCLI User Guide

[--never-check-trust|-N][--bmc-username|-u <arg>] [--bmc-password|-w <arg>]
[--bmc-rest-port|-p <int>] [--quiet|-q][--cn <arg>] [--sn <arg>][--mt <arg>]
[--upload <arg>][--proxy|-P <arg>] [--proxy-cacert <arg>][--cacert <arg>]
[--proxy-insecure][--insecure] [--configfile <arg>][--output|-o <arg>]
[--nolog][--config <arg>] [--help|-h]

Table 99. multiservicedata command specific parameters

Parameter Required/Optional Notes

--cn Optional Specify the case number to upload the files to Lenovo System CARE.
The case number should be composed of at least seven characters.
--mt Optional Specify with --sn. Specify the machine of the target system when
uploading the files to System CARE.
--sn Optional Specify with --mt. Specify the serial number of the target system
when uploading the files to System CARE.

--type, -T Optional Specify the type of service data obtained from BMC.

osfailure: Last OS failure screen

healthreport: Health report

all: Last OS failure screen and health report

--upload Required This parameter can be specified with the following arguments: lenovo
and server address.

If specified with lenovo, the format is: --upload lenovo. The inventory
data is uploaded to Lenovo Upload Facility. Users should specify the
case number, or specify both machine type and serial number.

If specified with server address, the format is: --upload server

address. The inventory data is uploaded to the target server. The
supported protocols include: TFTP, FTP, and SFTP.

If not specified, no inventory data will be uploaded.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --configfile
• --check-trust, -C
• --help, -h
• --never-check-
trust, -N
• --nolog
• --output, -o
• --quiet

Example of the multiservicedata command

OneCli.exe misc multiservicedata --configfile multi_task_config.json

multisyshealth command
Use the multisyshealth command to remotely collect system health information for multiple IMM/XCC-
based servers.

multisyshealth command syntax

Chapter 8. Miscellaneous 111

OneCli.exe misc multisyshealth <--configfile <arg>> [--device|-d <arg>]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>] [--help|-h]

Table 100. multisyshealth command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the config file for multi-task command.

The template file is available in Sample/multi_task_config.json.

--device, -d Optional Specify the device to get the status.

The supported parameters used with --device: system, processor,

fan, dimm, power, and pci_adapter.

If not specified, the system health summary containing errors and

warning events will be displayed.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help,-h
• --nolog, -n
• --output, -o

Example of the multisyshealth command

OneCli.exe misc multisyshealth --configfile ./mutli_systemhealth.json

multivm commands
Use the multivm command to list, mount, or unmount the virtual media on multiple BMC.

multivm command syntax

Usage: OneCli.exe [misc] multivm mount <--configfile <arg>> [--id|-I <arg>]

[--path|-P <arg>] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--writeprotected] [--unattended]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 101. multivm commands and syntax examples

Command Syntax example Description

list OneCLI multivm list --bmc <bmc connection info> List the virtual media status
on BMC.
mount OneCLI multivm mount --id <virtual media id> --path Mount virutal media on
<httpfs or nfs url> --bmc <bmc connection info> BMC by using ID.
umount OneCLI multivm umount --id <virtual media id> --bmc Unmount virutal media on
<bmc connection info> BMC by using ID.

112 Lenovo XClarity Essentials OneCLI User Guide

Table 102. multivm command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the configuration file for multiple task commands,
the format is: Sample/muti_task_config.json.

--id, -I Only required in the mount and Specify the virtual media ID, for example, RDOC1, EXT1,
umount commands. and Remote1.

For ThinkBMC, the virtual media ID is CD.

--path, -P Only required in the mount and Specify the URL of virtual media path, which supports
umount commands. NFS and HTTPFS.

Support NFS and CIFS in ThinkBMC.

NFS URL address form:

• ipaddress:/path/to/file
• domain-name:/path/to/file

NFS (ThinkBMC) form:

• nfs://host[:port]/path/to/file

CIFS(ThinkBMC) form:
• cifs://[username:password@]host[:port]/path/to/file

HTTPFS URL address form:

• https://ipaddress[:port]/path/to/file
• https://domain-name[:port]/path/to/file

The domain-name can be alphanumeric characters “.”,

“-”, or “_” and should be composed of at least two
domain items. The port number is optional.

Example of the multivm command

OneCli.exe misc multivm list --configflie multitask.json

ospower command
Use the ospower commands to power on, power off, and restart host OS, and display the power status of the
host server OS. The ospower commands support in-band mode and out-of-band mode.

ospower command syntax

OneCli.exe [misc] ospower <cmds> [<options>]

Table 103. ospower commands and examples

Command Syntax example Description

acpower OneCli.exe ospower acpower Remotely perform AC power cycle by inputting --bmc
--bmc userid:password@ host user:password@host:port.
boottosetup OneCli.exe ospower boottosetup Restart the host server to make the UEFI setting take effect.
--bmc userid:password@ host

Chapter 8. Miscellaneous 113

Table 103. ospower commands and examples (continued)

Command Syntax example Description

reboot OneCli.exe ospower • Restart the host server OS.

reboot --bmc userid: • Restart the remote host OS by inputting --bmc
password@host user:password@host:port.
• Restart only works if the current power state is on.
state OneCli.exe misc ospower • Check the host server OS power status.
state --bmc userid: • Check the power status of the remote host OS by inputting
password@host --bmc user:password@host:port.

turnoff OneCli.exe ospower turnoff • Turn off the host server OS.
--bmc userid:password@ • Turn off the remote host OS by inputting --bmc
host user:password@host:port.
turnon OneCli.exe ospower turnon • Turn on the host server OS.
--bmc userid:password@ • Turn on the remote host OS by inputting --bmc
host user:password@host:port.

Table 104. ospower command specific parameters

Parameter Required/Optional Notes

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the state command

OneCli.exe ospower state --bmc userid:passwordD@host

portctrl commands
Use the portctrl command to display and configure CIM, IPMI, or all interfaces and discovery protocols.

portctrl command syntax

OneCli.exe misc portctrl <command> [options] [connection options]

Option

--help
Display the help information for commands.

Connection option

--bmc <arg>/--bmc-username <arg> --bmc-password <arg>

114 Lenovo XClarity Essentials OneCLI User Guide

 Specify the BMC connection information.

Table 105. portctrl commands

Option Description

all Display and configure all interfaces and discovery protocols. For more information, refer to “all
command” on page 115.

cim Display and configure CIM over HTTPS. For more information. refer to “cim command” on
page 115.

ipmikcs Display and configure IPMI over KCS. For more information. refer to “ipmikcs command” on
page 116.

ipmilan Display and configure IPMI over LAN. For more information. refer to “ipmilan command” on
page 116.

Example of the portctrl command

OneCli.exe misc portctrl cim off --bmc-username USERID --bmc-password PASSW0RD

all command
Use the all command to display and configure all interfaces and discovery protocols.

all command syntax

OneCli.exe misc portctrl <all> [on|off] [--bmc <arg>] [--bmc-username|-u <arg>] [--bmc-password|-w <arg>]
[--check-trust|-C] [--never-check-trust|-N] [--bmc-rest-port|-p <int>] [--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>] [--help|-h]

Table 106. all command specific parameters

Parameter Required/Optional Notes

on Optional Enable all interfaces and discovery protocols.

off Optional Disable all interfaces and discovery protocols.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the all command

OneCli.exe misc portctrl all on --bmc USERID:[email protected]

cim command
Use the cim command to display and configure CIM over HTTPS.

cim command syntax

OneCli.exe misc portctrl <cim> [on|off] [--bmc <arg>] [--bmc-username|-u <arg>]

[--bmc-password|-w <arg>][--check-trust|-C] [--never-check-trust|-N] [--bmc-rest-port|-p <int>]
[--quiet|-q] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Chapter 8. Miscellaneous 115

Table 107. cim command specific parameters

Parameter Required/Optional Notes

on Optional Enable CIM over HTTPS.

off Optional Disable CIM over HTTPS.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the cim command

OneCli.exe misc portctrl cim on --bmc USERID:[email protected]

ipmikcs command
Use the ipmikcs command to display and configure IPMI over KCS.

ipmilan command syntax

OneCli.exe misc portctrl <ipmikcs> [on|off] [--bmc <arg>] [--bmc-username|-u <arg>]

[--bmc-password|-w <arg>] [--check-trust|-C] [--never-check-trust|-N] [--bmc-rest-port|-p <int>]
[--quiet|-q] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 108. ipmikcs command specific parameters

Parameter Required/Optional Notes

on Optional Enable IPMI over KCS.

off Optional Disable IPMI over KCS.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the ipmikcs command

OneCli.exe misc portctrl ipmikcs on --bmc USERID:[email protected]

ipmilan command
Use the ipmilan command to display and configure IPMI over LAN.

ipmilan command syntax

OneCli.exe misc portctrl <ipmilan> [on|off] [--bmc <arg>] [--bmc-username|-u <arg>]

[--bmc-password|-w <arg>] [--check-trust|-C] [--never-check-trust|-N] [--bmc-rest-port|-p <int>]
[--quiet|-q] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

116 Lenovo XClarity Essentials OneCLI User Guide

Table 109. ipmilan command specific parameters

Parameter Required/Optional Notes

on Optional Enable IPMI over LAN.

off Optional Disable IPMI over LAN.

--quiet, -q Optional This parameter answers “yes” for all questions, and decreases the
outputs displayed on screen.

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the ipmilan command

OneCli.exe misc portctrl ipmilan off --bmc USERID:PASSWORD@ xx.xx.xx.xx

raid command
Use the raid command to create, clear, and save the RAID configuration, check the drive information,
convert the JBOD drives to the unconfigured good drives, and convert the unconfigured good drives to the
JBOD drives.

Notes:
• It is risky to change the RAID configuration because all data on the disk might not be available.
• From V2.4.0, OneCLI supports the RAID configuration on M.2 SSD with the matching XCC level. The RAID
configuration on M.2 SSD supports the following commands: add, clear, save, and show.
• From V2.5.0, OneCLI supports Software Raid configuration with Intel RSTe Software on Linux. The
Software Raid configuration with Intel RSTe Software supports the following commands: show, add, and
clear.
• From V2.8.0, OneCLI supports Broadcom RAID configuration with storcli utility on Windows and Linux.
The Broadcom RAID configuration supports the following commands: show, add, save, clear, makegood,
and makejbod.
• From V3.0.0, OneCLI supports M.2 controller RAID configuration in the in-band mode on Windows and
Linux. The M.2 controller RAID configuration supports the following commands: show, add, save, and
clear.
• From V3.5.1, OneCLI supports Broadcom RAID/Microchip RAID configuration through out-of-band mode
for the ThinkServer servers.

Table 110. raid commands

Command Description

add Create RAID configuration.

For more information, refer to “add command” on page 124.

addhsp Assign the drive as hot spare.

For more information, refer to “addhsp command” on page 125.

changemode Change the connector mode for Microchip RAID adapter.

For more information, refer to “changemode command” on page 126.

clear Clear RAID configuration.

For more information, refer to “clear command” on page 126.

Chapter 8. Miscellaneous 117

Table 110. raid commands (continued)

Command Description

fwdeviceorder Enable or disable the “firmware device ordering” feature of the RAID adapter.

For more information, refer to “fwdeviceorder command” on page 129.

init Quickly initialize volumes.

For more information, refer to “init command” on page 129.

makegood Convert the JBOD drives to the unconfigured good drives.

For more information, refer to “makegood command” on page 130.

makejbod Convert the unconfigured good drives to the JBOD drives.

For more information, refer to “makejbod command” on page 131.

rmhsp Remove the hot spare.

For more information, refer to “rmhsp command” on page 132.

save Save RAID configuration.

For more information, refer to “save command” on page 133.

show Show controller and drive information.

For more information, refer to “show command” on page 134.

Template policy file

The following is the template policy file for Hardware Raid configuration. For the latest template policy
file, refer to RAID_HW_new.ini in OneCLI binary.

# Sample template to create hardware RAID configuration using --ctrl parameter.

#
# USAGE NOTE
# Broadcom and Marvell controller RAID can be remotely created and configured by OneCLI running in the local
# via out-of-band mode.
# Broadcom, Microchip and Marvell controller RAID can be created and configured by OneCLI running in the local
# via inband mode.
# One or more volumes can be created in Broadcom and Microchip controller RAID, but only one volume can be
# created in Marvell controller RAID.
#
# Note:
# 1. Broadcom 5xx series cards do not have cache, so the cache related settings are not applicable, such as
# Read Policy, Write Policy and I/O Policy.
#
#
# To use this sample, uncomment and edit a block of example based on your needs.

# EXAMPLE
# Create one simple RAID1 volume for Broadcom controller RAID, one simple RAID1 volume for Microchip controller
# RAID and one simple RAID0 volume for Marvell controller RAID.
# For Broadcom controller RAID, create one RAID1 volume which consumes 200GB.
# For Microchip controller RAID, create one RAID1 volume which consumes 300GB.
# For Marvell controller RAID, create one RAID0 volume that consumes all volume capacity.
# For controller RAID on ThinkServer, create one RAID0 volume that consumes 446GB.

118 Lenovo XClarity Essentials OneCLI User Guide

# This is for Broadcom controller
# [ctrl1-vol0]
# disks=0,1
# hot_spares=2
# raid_level=1
# vol_name=volume0
# write_policy=0
# read_policy=0
# io_policy=0
# access_policy=0
# cache_policy=0
# volume_size=200GB
# strip_size=64K
# [ctrl1]
# global_hot_spares=3
#
# This is for Microchip controller
# [ctrl2-vol1]
# disks=3,4
# hot_spares=5
# raid_level=1
# vol_name=volume1
# io_policy=1
# volume_size=300GB
# strip_size=128K
#
# This is for Marvell controller
# [ctrl3]
# raid_level=0
# vol_name=m2vol
# strip_size=64K
#
# This is for Broadcom controller on ThinkServer
# [ctrl4-vol0]
# disks=6
# raid_level=0
# vol_name=EEE
# write_policy=0
# read_policy=0
# access_policy=0
# cache_policy=0
# volume_size=446GB
# strip_size=256K
# initialization=0

# SYNTAX EXPLANATION
#
# disks
# In out-of-band mode:
# [Broadcom] [Required] Specify drive(s) index separated by ",", supporting ”rest”(case insensitive).
# Specify span(s) index separated by ":"when RAID level is 1E, 10, 50, 60 or 00.(For example, 0,1:2,3)
# [Microchip] [Required] Specify drive(s) index separated by ",". Specify span(s) index separated by ":"
# when RAID level is 10, 50, 60 or 00.(For example, 0,1:2,3)
# [Marvell] [Unsupported]
# [ThinkServer] [Required] The same as Broadcom oob way except not supporting ”rest”.
#
# In inband mode:
# [Broadcom] [Required] The same as Broadcom oob way except not supporting ”rest”.
# [Microchip] [Required] Specify drive(s) index separated by ",".
# [Marvell] [Unsupported]
#

Chapter 8. Miscellaneous 119

# [Format] disks=0,1
#
# hot_spares
# Drive group for hot spare. Specify drive(s) index separated by ",".
# In out-of-band mode:
# [Broadcom] [Optional]
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
# [ThinkServer] [Unsupported]
#
# In inband mode:
# [Broadcom] [Optional]
# [Microchip] [Optional]
# [Marvell] [Unsupported]
#
# [Format] hot_spares=2,3
#
# raid_level
# [Required]
# In out-of-band mode:
# [Broadcom] Values: 0, 1, 5, 1E, 6, 10, 50, 60, 00.
# [Microchip] Values: 0, 1, 5, 1E, 6, 10, 50, 60, 00, 1triple, 10triple.
# [Marvell] Values: 0, 1.
# [ThinkServer] Values: 0, 1, 5, 1E, 6, 10, 50, 60, 00 and so on.
#
# In inband mode:
# [Broadcom] Values: The same as Broadcom oob way.
# [Microchip] Values: 0, 1, 5, 1E, 6, 10, 50, 60, 00, 1triple, 10triple.
# [Marvell] Values: The same as Marvell oob way.
#
# [Format] raid_level=1
#
# vol_name
# [Required] Allowed characters: A-Z, a-z, 0-9, -(dash), .(period), and _(underscore).
# Marvell NVMe RAID: vol_name is unapplicable.
# [ThinkServer] [Optional]
# [Format] vol_name=volume1
#
# write_policy
# Cache write policy
# In out-of-band mode:
# [Broadcom] [Optional] Values: 0-Write Through, 1-Always Write Back, 2-Write Back with BBU. Default value 0.
# [Microchip] [Optional] Values: 1-Always Write Back, 2-Write Back, 3-Off. Default value 3.
# [Marvell] [Unsupported]
# [Broadcom on ThinkServer] [Optional] Values: 0-Write Through, 1-Unprotected Write Back. Default value 0.
# [Microchip on ThinkServer] [Unsupported]
#
# In inband mode:
# [Broadcom] [Optional] The same as Broadcom oob way.
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
#
# [Format] write_policy=0
#
# read_policy
# Cache read policy.
# In out-of-band mode:
# [Broadcom] [Optional] In System X, values: 0-No Read Ahead, 1-Read Ahead, 2-Adaptive Read Ahead. Default value 0.
# In ThinkSystem, values: 0-No Read Ahead, 1-Always Read Ahead. Default value 0.
# [Microchip] [Optional] Values: 0-No Read Ahead, 1-Read Ahead. Default value 0.
# [Marvell] [Unsupported]

120 Lenovo XClarity Essentials OneCLI User Guide

# [Broadcom on ThinkServer] [Optional] Values: 0-Off, 1-Read Ahead. Default value 0.
# [Microchip on ThinkServer] [Unsupported]
#
# In inband mode:
# [Broadcom] [Optional] The same as Broadcom oob way.
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
#
# [Format] read_policy=0
#
# io_policy
# In out-of-band mode:
# [Broadcom] [Optional] Cache IO policy. Values: 0-Direct I/O, 1-Cached I/O. Default value 0.
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
# [ThinkServer] [Unsupported]
#
# In inband mode:
# [Broadcom] [Optional] The same as Broadcom oob way.
# [Microchip] [Optional] Acceleration Method. values: 0-None, 1-Controller Cache, 2-SsdIOBypass.
# [Marvell] [Unsupported]
#
# [Format] io_policy=0
#
# access_policy
# Access policy.
# In out-of-band mode:
# [Broadcom] [Optional] Values: 0-Read Write, 2-Read Only, 3-Blocked. Default value 0.
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
# [ThinkServer] [Optional] The same as Broadcom oob way.
#
# In inband mode:
# [Broadcom] [Optional] The same as Broadcom oob way.
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
#
# [Format] access_policy=0
#
# cache_policy
# Disk cache policy.
# In out-of-band mode:
# [Broadcom] [Optional] 0-Unchanged, 1-Enable, 2-Disable. Default value 0.
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
# [ThinkServer] [Optional] The same as Broadcom oob way.
#
# In inband mode:
# [Broadcom] [Optional] The same as Broadcom oob way.
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
#
# [Format] cache_policy=1
#
# volume_size
# New volume size. Unit: MB/GB.
# In out-of-band mode:
# [Broadcom] [Required] Support percentage.
# [Microchip] [Required]
# [Marvell] [Unsupported]
# [Marvell on ThinkServer] [Unsupported] Marvell will use all space by default.

Chapter 8. Miscellaneous 121

# [Broadcom/Mircochip on ThinkServer] [Required] Not support percentage.
#
# In inband mode:
# [Broadcom] [Required]
# [Microchip] [Required]
# [Marvell] [Unsupported]
#
# [Format] volume_size=50%
# volume_size=500GB
#
# strip_size
# Strip Size. Unit: K
# In out-of-band mode:
# [Broadcom] [Optional] Values: 8K, 16K, 32K, 64K, 128K and so on. Default value 128K.
# [Microchip] [Optional] The same as Broadcom oob way.
# [Marvell] [Required] Values: 32K, 64K, 128K, 256K, 512K.
# [ThinkServer] [Required] Values: 64K, 128K, 256K, 512K, 1024K.
#
# In inband mode:
# [Broadcom] [Optional] The same as Broadcom oob way.
# [Microchip] [Optional] The same as Broadcom oob way.
# [Marvell] [Required] The same as Marvell oob way.
#
# [Format] strip_size=64K
#
# initialization
# Initialization for this volume.
# In out-of-band mode:
# [Broadcom] [Optional] Values: 0-No initialization, 1-Quick initialization, 2-Full initialization.
# To run full initialization on System x servers use IMM or UEFI, on ThinkSystem servers
# use XCC or LXPM, or use the vendor provided RAID setup utility tool in both cases.
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
# [Broadcom on ThinkServer] [Optional] Values: 0-No initialization, 1-Quick initialization, 2-Full initialization.
# Default value 0.
# [Microchip on ThinkServer] [Unsupported]
#
# In inband mode:
# [Broadcom] [Unsupported]
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
#
# [Format] initialization=0
#
# global_hot_spares
# Drive group for global hot spare. Specify drive(s) index separated by ",".
# In out-of-band mode:
# [Broadcom] [Optional]
# [Microchip] [Unsupported]
# [Marvell] [Unsupported]
# [ThinkServer] [Unsupported]
#
# In inband mode:
# [Broadcom] [Optional]
# [Microchip] [Optional]
# [Marvell] [Unsupported]
#
# [Format] global_hot_spares=2
#
# END OF FILE

122 Lenovo XClarity Essentials OneCLI User Guide

The following is the template policy file for Software Raid configuration. For the latest template policy
file, refer to RAID_SW_new.ini in OneCLI binary.

# Sample template to configure RAID volumes with Intel RSTe Software RAID and Intel(R) virtual RAID using
# --ctrl parameter.
#
# Intel VROC and Intel Rapid Storage Technology Enterprise (Intel RSTe) were previously related products in
# the same product family.
# The SATA RAID portion of the product family was called Intel RSTe and the NVMe RAID portion was called Intel VROC.
# However, starting in Q1 2019, with the launch of Intel VROC 6.0, the Intel RSTe name was removed, and all RAID
# solutions in this product
# family were branded as Intel VROC. The SATA functionality remains, but is now branded as Intel VROC (SATA RAID).

# USAGE NOTE
# Software RAID can be created and configured by OneCLI running in the Operating System.
# If the disk count is sufficient, one array and up to two volumes of mixed RAID levels can be created.
# Ensure that the proper Intel software RAID driver is installed on Windows.
#
# To use this sample, uncomment and edit a block of example based on your needs.

# EXAMPLE 1
# For Intel VROC via out-of-band mode, create one RAID0 volume which consumes 300GB.
#[ctrl1-vol0]
# disks=1,2
# raid_level=0
# vol_name=volume1
# volume_size=300GB
# strip_size=128K
#
# EXAMPLE 2
# For Intel VROC via inband mode in windows, create one RAID0 volume which consumes 50GB and one RAID0 volume
# which consumes rest capacity.
#[ctrl0-vol0]
# disks=1,2
# raid_level=0
# vol_name=vol0
# vol_capacity=50GB
# vol_strip_size=64K
# RAID_write_hole=Off
#[ctrl0-vol1]
# disks=1,2
# raid_level=0
# vol_name=vol1
# vol_strip_size=64K
# RAID_write_hole=Off
#[ctrl0]
# global_hot_spares=3

# SYNTAX EXPLANATION
#
# disks
# [Required] Specify drive(s) index separated by ",".
# [Format] disks=0,1
#
# raid_level
# [Required] Values: 0, 1, 5, 10.
# [Format] raid_level=1
#
# vol_name
# [Required] Allowed characters: A-Z, a-z, 0-9, -(dash), .(period), and _(underscore).
# [Format] vol_name=vol0

Chapter 8. Miscellaneous 123

#
# volume_size
# In out-of-band mode:
# [Required] New volume size. Unit: MB / GB.
# [Format] volume_size=500GB
#
# vol_capacity
# In inband mode:
# [Optional] Capacity of the volume, in gigabyte (use the value number). Default value is all available space.
# The second volume under the same Array uses all the remaining space by default.
# [Format] vol_capacity=50GB
#
# strip_size
# In out-of-band mode:
# [Optional] Values: 4K, 8K, 16K, 32K, 64K, 128K. Default value 128K.
# [Format] strip_size=64K
#
# vol_strip_size
# In inband mode:
# [Optional] Strip size of the volume, in kilobyte.
# RAID1, not support the stripSize setting.
# RAID0, default value(128K), values : 4K, 8K, 16K, 32K, 64K, 128K.
# RAID5, default value(64K), values : 4K, 8K, 16K, 32K, 64K, 128K.
# RAID10, default value(64K), values : 4K, 8K, 16K, 32K, 64K, 128K.
# [Format] vol_strip_size=64K
#
# global_hot_spares
# [Optional] Drive group for global hot spare，specify drive(s) index separated by ",".
# If no value is specified, there will be no global hot spare.
# [Format] global_hot_spares=3
#
# RAID_write_hole
# In inband mode:
# [Optional] Close RAID Write Hole policy(RAID5). Default value(Off), values : Off, Distributed.
# [Format] RAID_write_hole=Off
#
#
#
# END OF FILE

Example of the raid command

OneCli.exe misc raid add --bmc userid:password@host--file raid.ini

add command
Use the add command to create RAID configuration.

add command syntax

Usage: ./OneCli [misc] raid add <--file|-f <arg>> [--bmc|-b <arg>]

[--ctrl <arg>] [--target|-t <arg>]
[--force] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

124 Lenovo XClarity Essentials OneCLI User Guide

Table 111. add command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--file, -f Required Specify the policy file of RAID configuration.

--force Optional Forcibly create RAID configuration when there is no user interaction.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

Example of the add command

OneCli.exe misc raid add --bmc xxxx:[email protected] --file raid.ini

addhsp command
Use the addhsp command to assign the drive as hot spare.

addhsp command syntax

Usage: ./OneCli [misc] raid addhsp <--drive|-d <arg>> [--bmc|-b <arg>]

[--ctrl <arg>] [--target|-t <arg>]
[--dg <arg>] [--force]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 112. addhsp command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--drive, -d Optional Specify target drive ID.

The arguments can be grouped in multiple targets and separated by

commas.

If it is not specified, it means all.

Chapter 8. Miscellaneous 125

Table 112. addhsp command specific parameters (continued)

Parameter Required/Optional Notes

--dg Optional Specify drive groups.

The argument can be specified multiple targets by commas.

If it is specified, it means assigning the drive as dedicated hot spare.
If it is not specified, it means assigning the drive as a global hot spare.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

Example of the addhsp command

OneCli.exe misc raid addhsp --target 0 --drive 0 --bmc userid:password@host

changemode command
Use the changemode command to change the connector mode for Microchip RAID adapter.

changemode command syntax

Usage: ./OneCli [misc] raid changemode <--connectorid|-c <arg>> <--mode <arg>>

[--ctrl <arg>] [--target|-t <arg>]
[--force] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 113. changemode command specific parameters

Parameter Required/Optional Notes

--connectorid, -c Required Specify connector ID for Microchip RAID adapter.

--ctrl Required Specify controller ID starting with index 1.

Example: --ctrl 1.

--mode Required Specify the mode for the front panel USB. The mode can be set as
bmc, server and shared.

Example of the changemode command

OneCli.exe misc raid changemode -connectorid 0 -mode MIX –ctrl 1

clear command
Use the clear command to clear RAID configuration.

clear command syntax

Usage: ./OneCli [misc] raid clear [--bmc|-b <arg>] [--ctrl <arg>]

126 Lenovo XClarity Essentials OneCLI User Guide

[--target|-t <arg>] [--volume|-v <arg>]
[--force] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 114. clear command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--force Optional Force to create RAID configuration when there is no user interaction.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

--volume, -v Optional Specify the target volume ID. The argument can be specified to
multiple targets by comma. If not specified, it means all.

Example of the clear command

OneCli.exe misc raid clear –ctrl 1 --bmc xxxx:[email protected]

ekm command
Use the ekm command to display the external key management status of the RAID adapter, and enable or
disable the external key management.

ekm command syntax

Usage: OneCli.exe [misc] raid ekm [--bmc|-b <arg>] [--ctrl <arg>]

[--mode <arg>] [--check-trust|-C]
[--never-check-trust|-N] [--force]
[--quiet|-q] [--bmc-username|-u <arg>]
[--bmc-password|-w <arg>] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Chapter 8. Miscellaneous 127

Table 115. ekm command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--mode Optional Specify the external key management mode.

Values: enable, disable.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.
• --bmc-username,
-u
• --bmc-password,
-w
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the ekm command

OneCli.exe raid ekm --bmc xxxx:[email protected]

envol command
Use the envol command to display the encryption status of the virtual disks/volumes managed by RAID
adapter, and enable the encryption of the virtual disks/volumes.

envol command syntax

Usage: OneCli.exe [misc] raid envol [--bmc|-b <arg>] [--ctrl <arg>]

[--volume|-v <arg>] [--mode <arg>]
[--check-trust|-C] [--never-check-trust|-N]
[--force] [--quiet|-q]
[--bmc-username|-u <arg>] [--bmc-password|-w <arg>]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 116. envol command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--mode Optional Specify the volume encryption mode.

Value: enable.

128 Lenovo XClarity Essentials OneCLI User Guide

Table 116. envol command specific parameters (continued)

Parameter Required/Optional Notes

--volume, -v Optional Specify the target volume ID. The argument can be specified to
multiple targets by comma. If not specified, it means all.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-username,
-u
• --bmc-password,
-w
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the envol command

OneCli.exe raid envol --bmc xxxx:[email protected]

fwdeviceorder command
Use the fwdeviceorder command to enable or disable the “firmware device ordering” feature of the RAID
adapter.

fwdeviceorder command syntax

Usage: OneCli.exe [misc] raid fwdeviceorder [--bmc|-b <arg>] [--mode <arg>]

[--ctrl <arg>] [--force]
[--check-trust|-C] [--never-check-trust|-N]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 117. fwdeviceorder command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--mode Optional Specify the firmware device order mode. The values include: on, off.

Example of the fwdeviceorder command

OneCli.exe misc raid fwdeviceorder --bmc xxxx:[email protected]

init command
Use the init command to quickly initialize volumes. This command can only be used in the ThinkSystem
servers with XCC level versions released after October 2018.

init command syntax

Usage: ./OneCli [misc] raid init <--bmc|-b <arg>> [--ctrl <arg>]

[--target|-t <arg>] [--volume|-v <arg>]
[--force] [--check-trust|-C]

Chapter 8. Miscellaneous 129

[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 118. init command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

--volume, -v Optional Specify the target volume ID. The argument can be specified to
multiple targets by comma. If not specified, it means all.

Example of the init command

OneCli.exe misc raid init --ctrl 1 --volume 0,1 --bmc xxxx:[email protected]

makegood command
Use the makegood command to convert the JBOD drives to the unconfigured good drives.

makegood command syntax

Usage: ./OneCli [misc] raid makegood [--bmc|-b <arg>] [--ctrl <arg>]

[--target|-t <arg>] [--drive|-d <arg>]
[--force] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

130 Lenovo XClarity Essentials OneCLI User Guide

Table 119. makegood command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--drive, -d Optional Specify target drive ID.

The arguments can be grouped in multiple targets and separated by

commas.

If it is not specified, it means all.

--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

Example of the makegood command

OneCli.exe misc raid makegood --ctrl 1 --bmc xxxx:[email protected]

makejbod command
Use the makejbod command to convert the unconfigured good drives to the JBOD drives. This command
can only be used in the ThinkSystem servers.

makejbod command syntax

Usage: ./OneCli [misc] raid makejbod [--bmc|-b <arg>] [--ctrl <arg>]

[--target|-t <arg>] [--drive|-d <arg>]
[--force] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Chapter 8. Miscellaneous 131

Table 120. makejbod command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--drive, -d Optional Specify target drive ID.

The arguments can be grouped in multiple targets and separated by

commas.

If it is not specified, it means all.

--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

Example of the makejbod command

OneCli.exe misc raid makejbod --ctrl 1 --bmc xxxx:[email protected]

rmhsp command
Use the rmhsp command to remove the hot spare.

rmhsp command syntax

Usage: ./OneCli [misc] raid rmhsp <--drive|-d <arg>> [--bmc|-b <arg>]

[--ctrl <arg>] [--target|-t <arg>]
[--force] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

132 Lenovo XClarity Essentials OneCLI User Guide

Table 121. rmhsp command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--drive, -d Optional Specify target drive ID.

The arguments can be grouped in multiple targets and separated by

commas.

If it is not specified, it means all.

--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

Example of the rmhsp command

OneCli.exe misc raid rmhsp --target 0 --drive 0 --bmc userid:password@host

save command
Use the save command to save RAID configuration.

save command syntax

Usage: ./OneCli [misc] raid save <--file|-f <arg>> [--bmc|-b <arg>]

[--ctrl <arg>] [--target|-t <arg>]
[--check-trust|-C] [--never-check-trust|-N]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 122. save command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.

--file, -f Required Specify the policy file of RAID configuration.

--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

Example of the save command

Chapter 8. Miscellaneous 133

OneCli.exe misc raid save --file policy.ini --bmc xxxx:[email protected]

show command
Use the show command to show the drive information to the controllers.

show command syntax

Usage: ./OneCli [misc] raid show [--bmc|-b <arg>] [--ctrl <arg>]

[--target|-t <arg>] [--check-trust|-C]
[--never-check-trust|-N] [--quiet|-q]
[--output|-o <arg>] [--nolog]
[--config <arg>] [--help|-h]

Table 123. show command specific parameters

Parameter Required/Optional Notes

--ctrl Optional Specify controller ID starting with index 1.

Example: --ctrl 1.
--target, -t Optional (Deprecated It is recommended to use the --ctrl option instead.
from V3.5.1)
Specify the target controller ID. The following is the description on ID:
• 1: ctrl[1]
• m2/m.2: Single m.2 raid
• m2-1/m.2-1: Multi m.2 raid
The argument can be specified to multiple targets by comma. If not
specified, it means all.

Example of the show command

OneCli.exe misc raid show --bmc xxxx:[email protected]

rebootbmc command
Use the rebootbmc command to restart BMC. The rebootbmc command still works for backward
compatibility, so the script solution will not destroy the rebootimm command specified in the scripts.

rebootbmc command syntax

OneCli.exe [misc] rebootbmc [--bmc <userid:password@host[:port]>][<options>]

134 Lenovo XClarity Essentials OneCLI User Guide

Table 124. rebootbmc command specific parameters

Parameter Required/Optional Notes

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the rebootbmc command

OneCli.exe misc rebootbmc --bmc userid:password@host[:port]

rebootcmm command
Use the rebootcmm command to restart CMM.

rebootcmm command syntax

OneCli.exe [misc] rebootcmm [--cmm <userid:password@host[:port]>] [<options>]

Table 125. rebootcmm command specific parameters

Parameter Required/Optional Notes

• --check-trust, -C Required Refer to Table 3 “OneCLI global parameters” on page 2.
• --cmm
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the rebootcmm command

OneCli.exe misc rebootcmm --cmm userid:password@host[:port]

rebootiom command
Use the rebootiom command to restart I/O Module on the Flex chassis.

rebootiom command syntax

OneCli.exe [misc] rebootiom[--cmm <userid:password@host[:port]> --iobay <bay number> [<options>]

Chapter 8. Miscellaneous 135

Table 126. rebootiom command specific parameters

Parameter Required/Optional Notes

• --check-trust, -C Required Refer to Table 3 “OneCLI global parameters” on page 2.
• --cmm
• --iobay
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the rebootiom command

OneCli.exe misc rebootiom --cmm userid:password@host[:port]

--iobay 2

rebootsmm command
Use the rebootsmm command to restart SMM.

rebootsmm command syntax

OneCli.exe [misc] rebootsmm [--smm <userid:password@IP[:port]>

Table 127. rebootsmm command specific parameters

Parameter Required/Optional Notes

--smm Required Specify SMM IP and credential information.

Example of the rebootsmm command

OneCli.exe misc rebootsmm --smm userid:password@ host

reseatblade command
Use the reseatblade command to reseat the blades on the Flex chassis.

reseatblade command syntax

OneCli.exe [misc] reseatblade [--cmm <userid:password@IP[:port]> --nodebay x

Table 128. reseatblade command specific parameters

Parameter Required/Optional Notes

--cmm Required Specify CMM IP and credential information.

--nodebay Required Specify the switch bay ID to be scanned.

Example of the reseatblade command

OneCli.exe misc reseatblade --cmm userid:password@host --nodebay 1

136 Lenovo XClarity Essentials OneCLI User Guide

reseatcmm command
Use the reseatcmm command to reseat CMM.

reseatcmm command syntax

OneCli.exe [misc] reseatcmm [--cmm <userid:password@IP[:port]>

Table 129. reseatcmm command specific parameters

Parameter Required/Optional Notes

--cmm Required Specify CMM IP and credential information.

--standby Optional If the --standby parameter is specified, the reseatcmm command will
reseat the standby CMM instead of the primary CMM.

Example of the reseatcmm command

OneCli.exe misc reseatcmm --cmm userid:password@host

reseatswitch command
Use the reseatswitch command to reseat the switch on the Flex chassis.

reseatswitch command syntax

OneCli.exe [misc] reseatswitch [--cmm <userid:password@IP[:port]>

Table 130. reseatswitch command specific parameters

Parameter Required/Optional Notes

--cmm Required Specify CMM IP and credential information.

--iobay Required Specify I/O bay number of the switch.

Example of the reseatswitch command

OneCli.exe misc reseatswitch --cmm userid:password@host --iobay x

restorebmu command
Use the restorebmu command to restore the BMU status on BMC.

restorebmu command syntax

OneCli.exe misc restorebmu --bmc <userid:password@IP[:port]>

Chapter 8. Miscellaneous 137

Table 131. restorebmu command specific parameters

Parameter Required/Optional Notes

--bmc Optional Specify information of the target BMC.

--node, -n Optional Specify the node index for in-band mode on the multi-node system.

--config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

Example of the restorebmu command

OneCli.exe misc restorebmu --bmc userid:password@host

restoresmm command
Use the restoresmm command to restore the SMM update progress.

restoresmm command syntax

OneCli.exe [misc] restorebmu [--smm <userid:password@IP[:port]>

Table 132. restoresmm command specific parameters

Parameter Required/Optional Notes

--smm Required Specify SMM IP and credential information.

Example of the restoresmm command

OneCli.exe misc restoresmm --smm userid:password@host

rpp commands
Use the rpp commands to assert and deassert Remote Physical Presence(RPP), or obtain its status.

rpp commands syntax

OneCli.exe misc rpp <command> [options]

Table 133. rpp commands

Command Description
assert Assert RPP in the target server. For more information, refer to “assert command” on page 138.

deassert De-Assert RPP in the target server. For more information, refer to “deassert command” on
page 139.
status Obtain RPP status. For more information, refer to “status command” on page 139.

Example of the rpp command

OneCli.exe misc rpp status –bmc USERID:[email protected]

assert command
Use the assert command to assert RPP in the target server.

138 Lenovo XClarity Essentials OneCLI User Guide

assert command syntax

OneCli.exe misc rpp <assert> [--bmc|-b <arg>] [--check-trust|-C] [--never-check-trust|-N]

[--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 134. assert command specific parameters

Parameter Required/Optional Notes

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the assert command

OneCli.exe misc rpp assert --bmc USERID:PASSWORD@ xx.xx.xx.xx

deassert command
Use the deassert command to deassert RPP in the target server.

deassert command syntax

OneCli.exe misc rpp <deassert> [--bmc|-b <arg>] [--check-trust|-C] [--never-check-trust|-N]

[--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 135. deassert command specific parameters

Parameter Required/Optional Notes

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the deassert command

OneCli.exe misc rpp deassert --bmc USERID:[email protected]

status command
Use the status command to obtain RPP status.

status command syntax

OneCli.exe misc rpp <status> [--bmc|-b <arg>] [--check-trust|-C] [--never-check-trust|-N]

[--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 136. status command specific parameters

Parameter Required/Optional Notes

• --bmc/imm, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --help, -h
• --nolog

Example of the status command

OneCli.exe misc rpp status --bmc USERID:[email protected]

Chapter 8. Miscellaneous 139

serase command
Use the serase command to securely and permanently erase the data of hard disk drives in the BMU mode.

Notes:
• Using the standardized secure erase/sanitize commands applicable to the media-specific techniques,
OneCLI supports to erase SATA/SAS/NVMe drives attached to the backplane, managed by a RAID
controller, or connected with an HBA adapter.
• Following are the erase methods:

Erase methods Descriptions

Secure Erase When using Secure Erase/Block Erase/Enhanced Erase, a pre-defined
pattern or default value(0 or 1) will be written on the user addressable
Block Erase
area of the media.
Enhanced Erase
Cryptographic Erase Cryptographic Erase is applicable to SED or NVMe drive with media
encryption key(MEK). The MEKs will be sanitized and make recovery of
the decrypted Target Data infeasible.
• By default, the onboard SATA disks are in the frozen status,so OneCLI cannot perform the secure erase
on them. OneCLI will try to set the onboard SATA disks to the unfrozen status by changing the UEFI/XCC
settings when booting the server to Maintenance OS. If the onboard SATA disks are still in frozen status,
check if the UEFI version of the target server is the latest, and set the TPM jumper (physical presence
jumper) to the asserted status on the server board. For more information about the system board jumpers,
go to https://thinksystem.lenovofiles.com/help/index.jsp, select the target server model, and click Server
components ➙ System board jumpers.

serase command syntax

OneCli.exe misc serase <--bmc <userid:password@IP[:port]>> <--sftp user:password@IP[port][dir/]> <--dir <filePath>>

Table 137. serase command specific parameters

Parameter Required/Optional Notes

--bmc, -b Required Specify the access information of the target BMC.

The format is: user:password@host[:port].

--dir Optional Specify the path of the Maintenance OS boot file and the OneCLI
package file.

--sftp Required Specify the SFTP connection information.

The format is: user:password@IP[:port][/directory/].

The address is used to upload the maintenance OS boot file and the
OneCLI package file.

Example of the serase command

OneCli.exe serase –bmc USERID:[email protected] --sftp root:[email protected] --dir xxx

Note: Before running the serase command, users should run the following command to download
necessary files for secure erase. For more information about secure erase, refer to “Secure data deletion for
all data storage devices” on page 173.

140 Lenovo XClarity Essentials OneCLI User Guide

OneCli.exe update acquire --platform --dir xxx

servicedata command
Use the servicedata command to obtain service data information from BMC.

servicedata command syntax

OneCli.exe misc servicedata [--bmc|-b <arg>] [--type|-T <arg>] [--check-trust|-C] [--never-check-trust|-N]

[--bmc-username|-u <arg>] [--bmc-password|-w <arg>] [--bmc-rest-port|-p <int>] [--quiet|-q] [--cn <arg>]
[--sn <arg>] [--mt <arg>] [--upload <arg>] [--proxy|-P <arg>] [--proxy-cacert <arg>] [--cacert <arg>]
[--proxy-insecure] [--insecure] [--output|-o <arg>] [--nolog] [--config <arg>] [--help|-h]

Table 138. servicedata command specific parameters

Parameter Required/Optional Notes

--type, -T Required Specify the type of service data obtained from BMC.

osfailure: Last OS failure screen

healthreport: Health report

all: Last OS failure screen and health report

Example of the servicedata command

OneCli.exe misc servicedata –type all -b USERID:[email protected]

servicelog command
Use the servicelog command to obtain service data log from BMC.

servicelog command syntax

OneCli.exe [misc] servicelog [options]

Table 139. servicelog command specific parameters

Parameter Required/Optional Notes

--cacert Optional Specify the path of CACert.
--cn Optional Specify the case number to upload the files to Lenovo System CARE.
The case number should be composed of at least seven characters.

--insecure Optional Allow insecure server connections when using SSL.

--iobay Optional bay_number specifies the I/O module bay number. Valid values are 1,
2, 3, or 4.
--mt Optional Specify with --sn. Specify the machine of the target system when
uploading the files to System CARE.

Chapter 8. Miscellaneous 141

Table 139. servicelog command specific parameters (continued)

Parameter Required/Optional Notes

--proxy, -P Optional Specify proxy user credential and IP address used to connect to the
target server specified in the --upload parameter.

This parameter should be used with --upload.

The format is user: password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--proxy-cacert Optional Specify the path of proxy CACert.

--proxy-insecure Optional Connect to HTTPS proxy without verifying.

--sftp Optional SFTP connection information. Format: user: password@IP[port][dir/].

The address is used to save FFDC logs for VMWare ESXi.
--sn Optional Specify with --mt. Specify the serial number of the target system
when uploading the files to System CARE.

--tftp Optional TFTP server for SMM interface.

Format: IP[:port][/path].

--upload Optional This parameter can be specified with the following arguments: lenovo
and server address.

If specified with lenovo, the format is: --upload lenovo. The inventory
data is uploaded to Lenovo Upload Facility. Users should specify the
case number, or specify both machine type and serial number.

If specified with server address, the format is: --upload server

address. The inventory data is uploaded to the target server. The
supported protocols include: TFTP, FTP, and SFTP.

If not specified, no inventory data will be uploaded.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --config
• --check-trust, -C
• --output, -o
• --never-check-
trust, -N
• --node, -n
• --nolog,-n

Example of the servicelog command

OneCli.exe servicelog --bmc USERID:[email protected]

smartdata command
Use the smartdata command to get the SMART data of disk drive.

142 Lenovo XClarity Essentials OneCLI User Guide

smartdata command syntax

Onecli.exe [misc] smartdata [<options>]

Option

Usage
OneCli.exe [misc] smartdata [--bmc|-b <arg>] [--node|-n <int>]
[--check-trust|-C] [--never-check-trust|-N]
[--bmc-username|-u <arg>] [--bmc-password|-w <arg>]
[--bmc-rest-port|-p <int>] [--bmc-cim-port|-p <int>]
[--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>]
[--help|-h]

Table 140. smartdata command specific parameters

Parameter Required/Optional Note

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --config
• --check-trust, -C
• --help, -h
• --never-check-
trust, -N
• --node, -n
• --nolog, -n
• --output, -o
• --quiet

Example of the smartdata command

OneCli.exe misc smartdata -b USERID:[email protected]

smmlan commands
Use the smmlan commands to enable or disable SMM LAN.

smmlan command syntax

OneCli.exe [misc] smmlan <command> [options]

Table 141. smmlan commands and syntax examples

Command Syntax example Description

disable OneCli.exe misc smmlan disable Disable the SMM LAN by following the XCC connection
information about SMM.
enable OneCli.exe misc smmlan enable Enable the SMM LAN by following the XCC connection
information about SMM.
query OneCli.exe misc smmlan query Query the SMM LAN status by following the XCC
connection information about SMM.

Chapter 8. Miscellaneous 143

Note: Only one of the above commands should be specified in a command line.

Table 142. smmlan command specific parameters

Parameter Required/Optional Notes

--bmc Optional Specify the target BMC information.

--config Optional Refer to Table 3 “OneCLI global parameters” on page 2.

--method Optional Support the following values for the enable command: dhcp, static,
and DHCP-Failover.

Example of the smmlan command

OneCli.exe misc smmlan enable –bmc userid:password@host

switchcmm command
Use the switchcmm command to toggle active CMM.

switchcmm command syntax

OneCli.exe [misc] switchcmm [--cmm <userid:password@IP[:port]>

Table 143. switchcmm command specific parameters

Parameter Required/Optional Notes

--cmm Required Specify CMM IP and credential information.

Example of the switchcmm command

OneCli.exe misc switchcmm --cmm userid:password@host

sysguard command
Use the sysguard command to manage BMC system guard.

sysguard command syntax

OneCli.exe [misc] sysguard <command> [options...]

Table 144. sysguard command

Command Description

clearsnapshot Clear all snapshots data under BMC System Guard. For more information, refer to
“clearsnapshot command” on page 144.

Example of the sysguard command

OneCli.exe sysguard clearsnapshot -b USERID:[email protected]

clearsnapshot command
Use the clearsnapshot command to clear all snapshots data under BMC System Guard.

144 Lenovo XClarity Essentials OneCLI User Guide

clearsnapshot command syntax

OneCli.exe [misc] sysguard clearsnapshot [--bmc|-b <arg>] [--check-trust|-C]

[--never-check-trust|-N] [--bmc-username|-u <arg>] [--bmc-password|-w <arg>]
[--bmc-rest-port|-p <int>] [--quiet|-q] [--output|-o <arg>]
[--nolog] [--config <arg>] [--help|-h]

Table 145. clearsnapshot command specific parameters

Parameter Required/Optional Notes

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-password,
-w
• --bmc-rest-port
• --bmc-username,
-u
• --check-trust, -C
• --config
• --help, -h
• --never-check-
trust, -N
• --nolog
• --output, -o
• --quiet

Example of the clearsnapshot command

OneCli.exe sysguard clearsnapshot -b USERID:[email protected]

syshealth command
Use the syshealth command to query the system health status. Only the ThinkSystem servers support this
command.

syshealth command syntax

OneCli.exe [misc] syshealth <command>[options]

Chapter 8. Miscellaneous 145

Table 146. syshealth command specific parameters

Parameter Required/Optional Notes

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --config
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

--device Optional Specify the device to get the status.

The supported parameters used with --device: system, processor,

fan, dimm, power, and pci_adapter.

If not specified, the system health summary containing errors and

warning events will be displayed.

Example of the syshealth command

OneCli.exe syshealth
OneCli.exe misc syshealth --bmc userid:password@host
OneCli.exe misc syshealth --device power
OneCli.exe misc syshealth --device power --bmc userid:password@host

usblan command
Use the usblan commands to enable or disable USB LAN in host OS.

usblan command syntax

Onecli.exe [misc] usblan <cmds> [<options>]

146 Lenovo XClarity Essentials OneCLI User Guide

Table 147. usblan commands and examples

Com-
mand Syntax example Output example Description

disable onecli.exe usblan disable Succeed to disable BMC Lan over USB. Disable all of the LAN-over-USB
devices on the host OS side.
enable onecli.exe usblan enable Succeed to enable BMC Lan over USB. Enable all of the LAN-over-USB
devices on the host OS side.
query onecli.exe usblan query No /Device state /BMC IP Query all of the LAN-over-USB
/Host IP devices status on the host OS
0 /connected side.
/host Its output statuses include:
/host • disabled: LAN-over-USB
interface is off
• enabled:LAN-over-USB
interface is on, but BMC IP is
not reachable
• connected: BMC IP is
reachable

Note: Only one of the previous commands should be specified in a command line at the same time.

Table 148. usblan command specific parameters

Parameter Required/Optional Notes

• --bmc-cim-port, Optional Refer to Table 3 “OneCLI global parameters” on page 2.

-p
• --bmc-password,
-w
• --bmc-username,
-u
• --check-trust, -C
• --config
• --never-check-
trust, -N
• --nolog
• --output, -o

vm commands
Use the vm commands to list, mount, or unmount the virtual media.

vm command syntax

OneCli.exe [misc] vm <command> [options]

Table 149. vm commands and syntax examples

Command Syntax example Description

list OneCLI vm list --bmc <bmc connection info> List the virtual media status on
BMC.
mount OneCLI vm mount --id <virtual media id> --path Mount virutal media on BMC by
<httpfs or nfs url> --bmc <bmc connection info> using ID.
umount OneCLI vm umount --id <virtual media id> --bmc Unmount virutal media on BMC
<bmc connection info> by using ID.

Chapter 8. Miscellaneous 147

Table 150. vm command specific parameters

Parameter Required/Optional Notes

--id, -I Only required in the mount and Specify the virtual media ID, for example, RDOC1, EXT1,
umount commands. and Remote1.

For ThinkBMC, the virtual media ID is CD.

Note: ThinkBMC is the BMC for the ThinkServer systems

listed in Appendix C “OneCLI features supported on the
ThinkServer/WenTian servers” on page 213.

--path, -P Only required in the mount and Specify the URL of virtual media path, which supports
umount commands. NFS and HTTPFS.

Support NFS and CIFS in ThinkBMC.

NFS URL address form:

• ipaddress:/path/to/file
• domain-name:/path/to/file

NFS (ThinkBMC) form:

• nfs://host[:port]/path/to/file

CIFS(ThinkBMC) form:
• cifs://[username:password@]host[:port]/path/to/file

HTTPFS URL address form:

• https://ipaddress[:port]/path/to/file
• https://domain-name[:port]/path/to/file

The domain-name can be alphanumeric characters “.”,

“-”, or “_” and should be composed of at least two
domain items. The port number is optional.

Example of the vm command

OneCli.exe misc vm list -b USERID:[email protected]

148 Lenovo XClarity Essentials OneCLI User Guide

Chapter 9. Diagnostics
This section describes how to use the diagnostics command supported by Lenovo XClarity Essentials
OneCLI.

The following table lists the diagnostics command supported.

Table 151. Diagnostics(diags) command

Command Description
run Run the diagnostics program of the remote server.

For more information, refer to “run command” on page 149.

run command
Use the run command to run the diagnostics program of the remote server.

Notes:
• To enable or disable advanced memory test, refer to “Enabling/disabling advanced memory test” on page
171.
• Restart the remote server before running the diagnostics program. If the message “System reboot is
required, confirm to continue (yes/no)” is displayed, input yes/y to run the diagnostics program, or input
no/n to exit.
• For the ThinkServer/WenTian/KaiTian servers, only WR5220 G3 and WR5228 G3 support the diags
function, and it only supports the hdd, hdd_full, mem, and mem_full parameters.

run command syntax

OneCli.exe [misc] diags run [options] [connection options]

Table 152. run command specific parameters

Parameter Required/Optional Notes

--bmc, -b Required Refer to Table 3 “OneCLI global parameters” on page 2.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --config
• --help,-h
• --never-check-
trust, -N
• --nolog
• --output, -o

--item Optional The values include: hdd, hdd_full, mem, mem_full, and pmem. If not
specified, hdd, mem, and pmem are the default parameters. The
value is case insensitive.
Note: “pmem” stands for Intel Optane DC Persistent Memory
Module.
--force Optional If specified, it will run the diagnostics program without interaction.

Example of the run command

© Copyright Lenovo 2018, 2024 149

OneCli.exe diags run --bmc userid:password@IP --item mem_full,hdd,pmem

150 Lenovo XClarity Essentials OneCLI User Guide

Chapter 10. tui
Users can use the OneCLI tui application to launch OneCLI Interactive Menu. It supports users to update
firmware, update VPD, perform advanced system configuration, collect FFDC logs and inventory information,
and configure RAID in in-band mode.

Input tui syntax to enter into OneCLI Interactive Menu, and input the item number to start the program based
on the actual needs.

Figure 1. OneCLI Interactive Menu

Table 153. Submenus of OneCLI Interactive Menu

Submenus Description

[1] Update Firmware Input 1 to enter into the Update

Firmware interface, and then input one
of the following values:
• 1: Flash the server from local
directory. Input the directory storing
the updated packages and press
Enter to run the program. The flash
result will be displayed when the
program completes.
• 2: Flash the server from website
acquisition.
• 3: Return to the previous menu.
• Q: Quit program.

[2] Update VPD Input 2 to enter into the Update VPD

interface, and then input one of the
following values:
• 1: Change system information prod
name.
• 2: Change system information prod
identifier.
• 3: Change system information serial
number.
• P: Return to the previous menu.
• Q: Quit program.

© Copyright Lenovo 2018, 2024 151

Table 153. Submenus of OneCLI Interactive Menu (continued)

Submenus Description

[3] Advanced System Configuration Input 3 to enter into the Advanced

System Configuration interface, and
then input one of the following values:
• 1: View or save the system settings.
• 2: View the saved system settings.
• 3: Restore the system settings with
VPD.
• 4: Restore the system settings
without VPD.
• 5: Change asset tag number.
• 6: Change system board UUID
number.
• 7: Generate new random system
board UUID number.
• 8: Change BMC settings.
• 9: Reboot BMC.
• 10: Clear all BMC event logs.
• P: Return to the previous menu.
• Q: Quit program.

[4] Collect FFDC Logs and Inventory Information
Input 4 to collect FFDC logs and
inventory information. The path for
saving FFDC logs and inventory
information will be displayed when the
program completes.

[5] RAID Configuration Input 5 to enter into the RAID

Configuration interface, and then input
one of the following values:
• 1: View RAID configuration.
• 2: Add RAID configuration.
• 3: Delete RAID configuration.
• 4: Convert the JBOD drives to the
unconfigured good drives.
• 5: Convert the unconfigured good
drives to the JBOD drives.
• P: Return to the previous menu.
• Q: Quit program.

[Q] Quit Program Input Q to exit the program.

tui syntax

OneCli.exe tui

152 Lenovo XClarity Essentials OneCLI User Guide

Chapter 11. The FoD key
The topics in this section describe how to use the FoD key application commands of OneCLI.

For information about specific FoD key application commands, refer to the following:
• “Commands that generate and acquire the FoD key” on page 153
• “Commands that generate, get, replace, and upload FoD key information” on page 154
• “Commands that install, uninstall, and export the FoD key, and report the FoD key information” on page
158

Commands that generate and acquire the FoD key

The topics in this section provide detailed information about how to use the FoD key application and
commands to generate and acquire the FoD key.

Table 154. Commands that acquire FoD key information

Command Description
acquire Generate and acquire the FoD key from Lenovo Web site and install the key to the target key
repository.

For more information, refer to “acquire command” on page 153.

acquire command
Use the acquire command to generate and acquire the FoD key from Lenovo Web site and install the key to
the target key repository.

acquire command syntax

OneCli.exe [misc] fod acquire <--uid >> <--auth <auth_code>> <--kmsid <kms_id>> <--mt <mt>>
<--installin <mt_sn>> [--all] [--dir <dir_name>] [--proxy <proxy_info>] [<options>]

Table 155. acquire command specific parameters

Parameter Required/Optional Notes

--all Optional Get all the FoD keys for the specified system.

--auth Required Specify Lenovo authorization code.

--authproto Optional The parameter only for snmpv3, Protocol supported value: MD5/SHA,
default: No auth.

Format: --authproto MD5 or --authproto.

--community Optional Community for snmpv1v2. Supported value: public/private/ protect,

default: public

--dir Optional Specify the directory to save the downloaded key file. The default
value is the current directory.

--installin Optional System machine type and serial number of the target system.

--kcs Optional Force to use IPMI over KCS local interface.

--kmsid Required Specify Lenovo ID credential for Lenovo Web site interactive.

© Copyright Lenovo 2018, 2024 153

Table 155. acquire command specific parameters (continued)

Parameter Required/Optional Notes

--mt Optional Specify system machine type for system/option feature.

--node, -n Optional Node index for in-band case on a multi-node system.

--privproto Optional The parameter only for snmpv3. Privacy protocol supported value:
DES/AES, default: No privacy.Format: --privproto DES or --privproto.

--privpasswd Optional Privacy password.

--proxy Optional Use proxy to connect to Lenovo Web site.

The format is user: password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--sftp Optional Specify the SFTP server.

Format: user:password@IP:port
--switch Optional SWITCH connection information. Format: user:password@IP: port

--tftp Optional TFTP server for snmp interface. Format: user:password@host: port

--uid Optional Specify unique identifier information.

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-username,
-u
• --bmc-password,
-w
• --bmc-cim-port,
-p
• --cmm, -c
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the acquire command

OneCli.exe fod acquire --mt 2582 --uid xxx --auth xxx --kmsid userid:password
--bmc userid:password@host

Note: If the FoD key is already generated in KMS, the acquire command will report the failure in generating.
Acquire and install the FoD key through the steps in the following section.

Commands that generate, get, replace, and upload FoD key information
The topics in this section provide detailed information about how to use the FoD key application and
commands to generate, get, replace, and upload FoD key information.

154 Lenovo XClarity Essentials OneCLI User Guide

Table 156. Commands that generate, get, replace, and upload FoD key information

Command Description
generate generate the FoD key on Lenovo Web site.

For more information, refer to “generate command” on page 155.

get Get the generated FoD key from Lenovo Web site.

For more information, refer to “get command” on page 156.

replace Replace the FoD key for the specified system on Lenovo Web site.

For more information, refer to “replace command” on page 156.

uploadreport Upload the SDSi status report to Intel.

For more information, refer to “uploadreport command” on page 157.

generate command
Use the generate command to generate the FoD key on Lenovo Web site.

generate command syntax

OneCli.exe [misc] fod generate <--uid <uid>> <--auth <auth_code>> <--kmsid <kms_id>> <--mt <mt>> <--installin <mt_sn>>
[--proxy <proxy_info>] [<options>]

Table 157. generate command specific parameters

Parameter Required/Optional Notes

--auth Required Specify Lenovo authorization code.

--installin Required System machine type and serial number of the target system.

Install the FoD key.

--kmsid Required Specify Lenovo ID credential for Lenovo Web site interactive.
--mt Required Specify system machine type for system/option feature.

Specify device code for IOM switch.

--proxy Optional Use proxy to connect to Lenovo Web site.

The format is user: password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--uid Required Specify unique identifier information.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the generate command

OneCli.exe fod generate --uid xxx --auth xxx --kmsid userid:password

Chapter 11. The FoD key 155

--mt 7X02 --output purley --installin xxxxx--log 5

get command
Use the get command to get the generated FoD key from Lenovo Web site.

get command syntax

OneCli.exe [misc] fod get <--uid <uid>> <--kmsid <kms_id>> [--all] [--dir <dir_name>] [--proxy <proxy_info>]
[<options>]

Table 158. get command specific parameters

Parameter Required/Optional Notes

--all Optional Get all the FoD keys for the specified system.

--dir Optional Specify the directory to save the downloaded key file. The default
value is the current directory.

--kmsid Optional Specify Lenovo ID credential for Lenovo Web site interactive.
--proxy Optional Use proxy to connect to Lenovo Web site.

The format is user: password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--uid Required Specify unique identifier information.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the get command

OneCli.exe fod get --uid xxx [--kmsid userid:password] --output get

replace command
Use the replace command to replace the FoD key for the specified system on Lenovo Web site.

replace command syntax

OneCli.exe [misc] fod replace <--featurecode <feature_code>> <--uid <uid>> <--olduid <old_uid>> <--kmsid<kms_id>>
[--installin <install_in>] [--dir <dir_name>] [--proxy <proxy_info>] [<options>]

Table 159. replace command specific parameters

Parameter Required/Optional Notes

--dir Optional Specify the directory to save the downloaded key file. The default
value is the current directory.

--featurecode Required Specify the feature code of the FoD key to be replaced.

--installin Optional System machine type and serial number of the target system.

Install the FoD key.

156 Lenovo XClarity Essentials OneCLI User Guide

Table 159. replace command specific parameters (continued)

Parameter Required/Optional Notes

--kmsid Required Specify Lenovo ID credential for Lenovo Web site interactive.

--olduid Required Specify the previous unique identifier information.

--proxy Optional Use proxy to connect to Lenovo Web site.

The format is user: password@host[:port].

For IPv6 address, the format is socks5://user:password@[IPv6]:port.

--uid Required Specify unique identifier information.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the replace command

OneCli.exe fod replace --featurecode xxxx --uidxxx --olduid xxx --kmsid userid:password
--installin xxxxxx --output replace

uploadreport command
Use the uploadreport command to upload the SDSi state report to Intel.

uploadreport command syntax

OneCli.exe [misc] fod uploadreport <--kmsid <kms_id>> [--file <file_path>] [<options>]

Table 160. uploadreport command specific parameters

Parameters Required/Optional Notes

--kmsid Optional Specify Lenovo ID credential for Lenovo Web site

interactive.
--file Optional Specify the SDSi state report to be uploaded to Intel.
--proxy Optional Use proxy to connect to Lenovo Web site.

The format is user: password@host[:port].

For IPv6 address, the format is socks5://user:password@

[IPv6]:port.

• --check-trust, -C Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --never-check-trust, -N
• --nolog
• --output, -o

Example of the uploadreport command

OneCli.exe fod uploadreport -file D:\getsysinfo\getsysinfo [--kmsid userid:password]

Chapter 11. The FoD key 157

Commands that install, uninstall, and export the FoD key, and report the
FoD key information
The topics in this section provide detailed information about how to use the FoD key application and
commands to install, uninstall, and export the FoD key, and report the FoD key information.

Table 161. Commands that install, uninstall, and export the FoD key, and report the FoD key information

Command Description
export Export the FoD key from the target key repository.

For more information, refer to “export command” on page 158.

exportreport Export the Intel SDSi status report from the target key repository to the local.

For more information, refer to “exportreport command” on page 159.

install Install the target FoD key to the target key repository.

For more information, refer to “install command” on page 160.

report Report the FoD key information from the target key repository.

For more information, refer to “report command” on page 161.

showppin Get the processor index, PPIN, the machine type, and serial number of target server.

For more information, refer to “showppin command” on page 162.

uninstall Uninstall the FoD key from the target key repository.

For more information, refer to “uninstall command” on page 163.

export command
Use the export command to export the FoD key from the target key repository.

export command syntax

OneCli.exe [misc] fod export <--keyid <key_id>> [<options>]

Table 162. export command specific parameters

Parameter Required/Optional Notes

--authproto Optional The parameter only for snmpv3, Protocol supported value: MD5/SHA,
default: No auth. Format: --authproto MD5 or --authproto.

--community Optional Community for snmpv1v2. Supported value: public/private/ protect,

default: public

--kcs Optional Force to use IPMI over KCS local interface.

--keyid Required Specify the FoD key ID that can be acquired from command report. If
the key ID is specified to “all”, all the FoD keys in the target key
repository will be exported.

--node, -n Optional Node index for in-band case on a multi-node system.

--privproto Optional The parameter only for snmpv3. Privacy protocol supported value:
DES/AES, default: No privacy.Format: --privproto DES or --privproto.

158 Lenovo XClarity Essentials OneCLI User Guide

Table 162. export command specific parameters (continued)

Parameter Required/Optional Notes

--privpasswd Optional Privacy password.

--sftp Optional Specify the SFTP server.

Format: user:password@IP:port
--switch Optional SWITCH connection information. Format: user:password@IP: port

--tftp Optional TFTP server for snmp interface. Format: user:password@host: port

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --cmm, -c
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the export command

OneCli.exe fod export --keyid 8e347c0bd269cd57 --bmc userid:[email protected] --output reportkey

exportreport command
Use the exportreport command to export the Intel SDSi status report from the target key repository to the
local.

exportreport command syntax

OneCli.exe fod exportreport <--socketid <socket_id>> <connection options> [--output <folder>]

Table 163. exportreport command specific parameters

Parameter Required/Optional Notes

--authproto Optional The parameter only for snmpv3, Protocol supported value: MD5/SHA,
default: No auth. Format: --authproto MD5 or --authproto.

--community Optional Community for snmpv1v2. Supported value: public/private/ protect,

default: public

--kcs Optional Force to use IPMI over KCS local interface.

--node, -n Optional Node index for in-band case on a multi-node system.

--privproto Optional The parameter only for snmpv3. Privacy protocol supported value:
DES/AES, default: No privacy.Format: --privproto DES or --privproto.

--privpasswd Optional Privacy password.

--socketid Optional Specify the processor index. If the --socketid argument is not
specified, then all SDSi status reports will be exported.

Chapter 11. The FoD key 159

Table 163. exportreport command specific parameters (continued)

Parameter Required/Optional Notes

--sftp Optional Specify the SFTP server.

Format: user:password@IP:port
--switch Optional SWITCH connection information. Format: user:password@IP: port

--tftp Optional TFTP server for snmp interface. Format: user:password@host: port

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --cmm, -c
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the exportreport command

OneCli.exe fod exportreport --socketid 1 --bmc useraccount:[email protected]

install command
Use the install command to install the target the FoD key to the target key repository.

install command syntax

OneCli.exe [misc] fod install <--keyfile <key_file>> [<options>]

Table 164. install command specific parameters

Parameter Required/Optional Notes

--authproto Optional The parameter only for snmpv3, Protocol supported value: MD5/SHA,
default: No auth.

Format: --authproto MD5 or --authproto.

--community Optional Community for snmpv1v2. Supported value: public/private/ protect,

default: public.

--kcs Optional Force to use IPMI over KCS local interface.

--keyfile Required Specify the path or file name of the FoD key file on local system.

Example: --keyfile ./test/, --keyfile key.

--node, -n Optional Node index for in-band case on a multi-node system.

--privproto Optional The parameter only for snmpv3. Privacy protocol supported value:
DES/AES, default: No privacy.

Format: --privproto DES or --privproto

160 Lenovo XClarity Essentials OneCLI User Guide

Table 164. install command specific parameters (continued)

Parameter Required/Optional Notes

--privpasswd Optional Privacy password.

--sftp Optional Specify the SFTP server.

Format: user:password@IP:port
--switch Optional SWITCH connection information. Format: user:password@IP: port

--tftp Optional TFTP server for snmp interface. Format: user:password@host: port

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --cmm, -c
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the install command

OneCli.exe fod install --keyfile OneCli-222232-20170620-102814\7.key --switch userid:password@host

--tftp host:xxxx --community private --authproto MD5 --privproto DES

report command
Use the report command to report the FoD key information from the target key repository.

report command syntax

OneCli.exe [misc] fod report [<options>]

Table 165. report command specific parameters

Parameter Required/Optional Notes

--authproto Optional The parameter only for snmpv3, Protocol supported value: MD5/SHA,
default: No auth. Format: --authproto MD5 or --authproto.

--community Optional Community for snmpv1v2. Supported value: public/private/ protect,

default: public

--kcs Optional Force to use IPMI over KCS local interface.

--node, -n Optional Node index for in-band case on a multi-node system.

--privproto Optional The parameter only for snmpv3. Privacy protocol supported value:
DES/AES, default: No privacy.Format: --privproto DES or --privproto.

--privpasswd Optional Privacy password.

--sftp Optional Specify the SFTP server.

Format: user:password@IP:port

Chapter 11. The FoD key 161

Table 165. report command specific parameters (continued)

Parameter Required/Optional Notes

--switch Optional SWITCH connection information. Format: user:password@IP: port

--tftp Optional TFTP server for snmp interface. Format: user:password@host: port

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --cmm, -c
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the report command

OneCli.exe fod report --switch host --tftp host --community private

showppin command
Use the showppin command to get the processor index, PPIN, the machine type, and serial number of target
server.

showppin command syntax

OneCli.exe fod showppin <connection options> [--output <folder>]

Table 166. showppin command specific parameters

Parameter Required/Optional Notes

--authproto Optional The parameter only for snmpv3, Protocol supported value: MD5/SHA,
default: No auth. Format: --authproto MD5 or --authproto.

--community Optional Community for snmpv1v2. Supported value: public/private/ protect,

default: public

--kcs Optional Force to use IPMI over KCS local interface.

--node, -n Optional Node index for in-band case on a multi-node system.

--privproto Optional The parameter only for snmpv3. Privacy protocol supported value:
DES/AES, default: No privacy.Format: --privproto DES or --privproto.

--privpasswd Optional Privacy password.

--sftp Optional Specify the SFTP server.

Format: user:password@IP:port
--switch Optional SWITCH connection information. Format: user:password@IP: port

162 Lenovo XClarity Essentials OneCLI User Guide

Table 166. showppin command specific parameters (continued)

Parameter Required/Optional Notes

--tftp Optional TFTP server for snmp interface. Format: user:password@host: port

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --cmm, -c
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the showppin command

OneCli.exe fod showppin --bmc useraccount:[email protected]

uninstall command
Use the uninstall command to uninstall the FoD key from the target key repository.

uninstall command syntax

OneCli.exe [misc] fod uninstall <--keyid <key_id>> [<options>]

Table 167. uninstall command specific parameters

Parameter Required/Optional Notes

--authproto Optional The parameter only for snmpv3, Protocol supported value: MD5/SHA,
default: No auth. Format: --authproto MD5 or --authproto.

--community Optional Community for snmpv1v2. Supported value: public/private/ protect,

default: public.

--kcs Optional Force to use IPMI over KCS local interface.

--keyid Required Specify the FoD key ID that can be acquired from command report. If
the key ID is specified to “all”, all the FoD keys in the target key
repository will be uninstalled.

--node, -n Optional Node index for in-band case on a multi-node system.

--privproto Optional The parameter only for snmpv3. Privacy protocol supported value:
DES/AES, default: No privacy.Format: --privproto DES or --privproto.

--privpasswd Optional Privacy password.

--sftp Optional Specify the SFTP server.

Format: user:password@IP:port
--switch Optional SWITCH connection information. Format: user:password@IP: port

Chapter 11. The FoD key 163

Table 167. uninstall command specific parameters (continued)

Parameter Required/Optional Notes

--tftp Optional TFTP server for snmp interface. Format: user:password@host: port

• --bmc, -b Optional Refer to Table 3 “OneCLI global parameters” on page 2.

• --bmc-cim-port,
-p
• --bmc-password,
-w
• --bmc-username,
-u
• --cmm
• --check-trust, -C
• --never-check-
trust, -N
• --nolog
• --output, -o

Example of the uninstall command

OneCli.exe fod uninstall --keyid xxxxxx --output uninstall --bmc userid:password@host

multifod commands
The topics in this section provide detailed information about how to use multifod application and commands
to generate and acquire multiple FoD keys by using the specified arguments from KMS, and install the
existing multiple FoD keys to the specified system.

Table 168. multifod commands

Command Description
acquire Generate and acquire multiple FoD keys from Lenovo website and install these keys to the
target key repository.

For more information, refer to “acquire command” on page 164.

install Install the existing multiple FoD keys to the specified system.

For more information, refer to “install command” on page 165.

acquire command
Use the acquire command to generate and acquire multiple FoD keys from Lenovo website and install these
keys to the target key repository.

acquire command syntax

OneCli.exe multifod acquire <--auth <auth_code>> <--kmsid <kms_id>> <--configfile <connection_arg>>

[--insecure] [--output <folder>]

164 Lenovo XClarity Essentials OneCLI User Guide

Table 169. acquire command specific parameters

Parameter Required/Optional Notes

--auth Required Specify Lenovo authorization code.

--configfile Required Specify the config file for multi task command. For the format, refer to
Sample/multi_task_config.json

--insecure Optional Allow insecure server connections when using SSL

--kmsid Required Specify Lenovo ID credential for Lenovo Web site interactive.

Example of the acquire command

OneCli.exe multifod acquire --auth xxx --kmsid userid:password

--insecure --configfile multi_task_config.json --log 5

install command
Use the install command to install the existing multiple FoD keys to the specified system.

install command syntax

OneCli.exe multifod install <--keyfile <key_file>> <--configfile <connection_file>> [--output <folder>]

Table 170. install command specific parameters

Parameter Required/Optional Notes

--configfile Required Specify the configuration file for the multi task command.

For the format, refer to Sample/multi_task_config.json.

--keyfile Required Specify the path and file name of the FoD key file on local system.

Example: --keyfile ./test/, --keyfile key.

Example of the install command

OneCli.exe multifod install --keyfile dir --configfile multi_task_config.json --log 5

Chapter 11. The FoD key 165

166 Lenovo XClarity Essentials OneCLI User Guide
Chapter 12. RDCLI commands
The topics in this section describe the remote disk CLI (RDCLI) for remote media mount tasks. This
command only supports pre-ThinkSystem servers. For remote media mount against ThinkSystem, check
sample commands explained in remote_media_mount_for_thinksystem.sh under folder Sample in OneCLI
binary (zip for Windows and tgz for Linux)

The following tables lists supported RDCLI commands.

Table 171. RDCLI commands

Command Description

rdmount Mount CD/DVD drives, ISO image files, or USB key on a remote BMC-based.

For more information, refer to “rdmount” on page 167.

rdumount Unmount CD/DVD drives, ISO image files, or USB key mounted using rdmount.

For more information, refer to “rdumount” on page 168.

rdmount
Use rdmount to mount CD/DVD drives, ISO image files, or USB key on a remote BMC-based system. The
application authenticates with the BMC and functions as a file server to access the virtual disk. It can also
query and return a list of drives that are already mounted. Virtual disks are unmounted using the rdumount
command.

Note: After V2.4.0, the rdmount command and the rdumount command can be used in the ThinkSystem
servers with the matching XCC level.

rdmount syntax

rdmount.exe <-s <ipaddress>> <-d <path>> <-l <user>> <-p <password>>

Options

-h
Displays help information.
-q
Queries the existing mounts and returns a list of ‘tokens’ that can be used by rdumount to unmount a
virtual disk.
-v
Requests verbose output.

Table 172. rdmount parameters

Parameter Required/Optional Notes

-s Required Where <ipaddress> is the IP address or hostname of the remote
BMC.
-d Required Where <path> is the image or optical drive directory path.

© Copyright Lenovo 2018, 2024 167

Table 172. rdmount parameters (continued)

Parameter Required/Optional Notes

-l Optional Where <user> is an authorized user ID for the BMC.
-p Optional Where <password> is the authorized user’s password for the BMC.

rdumount
Use rdumount to unmount CD/DVD drives, ISO image files, or USB key mounted using rdmount.

rdumount syntax

rdumount.exe <token>

Options

-h
Displays help information.

A <token> that identifies the drive to unmount must be specified.

Users can run rdmount.exe -q to display a list of mounted drives and their tokens.

168 Lenovo XClarity Essentials OneCLI User Guide

Chapter 13. OneCLI scenarios
This topic provides information about useful OneCLI scenarios. To view more solutions and tips, go to Data
Center Support website and search “OneCLI”.

Auto-completion function
From V3.4.0, OneCLI supports the auto-completion function on Linux and Windows.

Users can run the script to install the auto-completion function, restart the shell to make the function take
effect, and use the tab button to auto-complete the application name, command name, option name, and
option value.

Following are the scrips and shells of the specific operating systems:

Table 173. Scrip and shell

Operating system Scrip Shell

Linux install_completion.sh bash

Windows install_completion.ps1 powershell

Acquiring update packages for a target server

Pre-requisite: Refer to Network requirement of the acquire command.

Before applying updates to a target server, users should get the latest update packages for that specific
server. OneCLI provides the function to acquire the package.

Typically, users can run a single OneCLI command to acquire the latest UXSP (recommended update stack)
from Lenovo site for the target server according to the specific machine type and operating systems.

To acquire the latest UXSP to c:\pkgs\, which can then be updated/installed inside an RHEL7 installed on
server xxxx, see the following sample command:

OneCli.exe update acquire --mt xxxx --ostype rhel7 --dir c:\pkgs

Note: Users can acquire updates for an OS different from the one where OneCLI runs. For example, run
OneCLI on Windows to acquire a UXSP for RHEL7

Changing or recovering UEFI administrator password

OneCLI supports users to change or recover the UEFI administrator password.

Note: Only users with the supervisor user authority can perform the following steps.
• To change the UEFI administrator password, run the following command:
OneCLi config set IMM.UefiAdminPassword "xxx" --bmc userid:password@bmc_ip

where,
xxx means the new UEFI administrator password.
• To recover the UEFI administrator password, run the following command:
OneCLi config set IMM.UefiAdminPassword "" --bmc userid:password@bmc_ip

© Copyright Lenovo 2018, 2024 169

Changing password of BMC account in security mode
From V2.9.0, OneCLI supports to change the password of BMC account in the security mode without
specifying it in the command line. In the security mode, OneCLI encrypts the password of BMC account and
saves it in the file specified in OneCLI config file.

Steps
1. Run the encrypt command to encrypt the file with plain text setting values.

Notes:
• Sample command:
OneCli encrypt --configfile config_plaintext.json --unattended
• The template file is available in Sample/setting.json.
2. Remove the plain text file.
3. Run the bmcpassword command to change the password of BMC account in the plain text file based on
the plain text password information.

Notes:
• Sample command:
OneCli bmcpassword
• It is not recommended to specify the “--newpwd” parameter to change the password of BMC
account when running the bmcpassword command.

JSON configuration file sample

The following is the JSON configuration file sample for the bmcpassword command:

{
//list settings name and value.
"sensitive_settings":{
"IMM.Password.1":"1qazP232wsx3edc",
"IMM.Password.2":"1qP2wsxwer@!$@%",
"IMM.Password.3":"1qP2wsxwerbled",
"newpwd":"1q2w3e4r5t"
}
}

Changing setting values in security mode

From V2.6.0, OneCLI supports users to change the setting values in the security mode without specifying
them in the command line. In the security mode, OneCLI encrypts the setting values and saves them in the
file specified by users in OneCLI config file.

Note: Only the config set command supports this function.

Steps
1. Run the encrypt command to encrypt the file with plain text setting values.

Note: The template file is available in Sample/setting.json.

Sample command:
OneCli encrypt --configfile setting.json --unattended
2. Remove the file.
3. Run the OneCLI config set command to change the setting name of the file with plain text setting values
information.

Notes:
• It is unnecessary for the user to specify the setting values when running the set command.
• Sample command:

170 Lenovo XClarity Essentials OneCLI User Guide

 OneCli config set IMM.Password.1

Collecting system inventory data remotely through BMC

To collect the system inventory data (including BMC FFDC) for troubleshooting, a single OneCLI command is
required.

To generate HTML report of full inventory data of a server from a Windows OS remotely, see the following
sample command:

OneCli.exe inventory getinfor --ffdc --htmlreport --bmc userid:password@host

Enabling/disabling advanced memory test

To enable or disable advanced memory test, do the following:

Note: To view the result of advanced memory test, check the XCC/BMC system event logs.

Enabling advanced memory test

For systems installed with the Intel processors, do the following:
1. Enable the memory test:
OneCli.exe config show Memory.MemoryTest --override --bmc
xcc_user_id:xcc_password@xcc_external_ip
# If the output is Enabled, skip the following command.
OneCli.exe config set Memory.MemoryTest Enable --override --bmc
xcc_ip:xcc_password@xcc_ip
OneCli.exe config set IMM.UEFIMemoryTest Repair --override --bmc
xcc_user_id:xcc_password@xcc_external_ip
OneCli.exe config set IMM.UEFIMemoryTestPolicy XXXX --override --bmc
xcc_user_id:xcc_password@xcc_external_ip

Wherein, the values of XXXX include:

• Once: Run memory test for once only.
• Always: Run the memory test each time the system is powered on or restarted.
2. Restart the system and wait until the memory test completes.

For SR645/SR665 installed with AMD EPYC 7003, do the following:

1. Configure settings if all or part of the system DIMMs are from SK Hynix, below settings have no impact
on the non-SK Hynix DIMMs:
OneCli.exe config show Memory.SpecificVendorTestOption1 --override --imm
xcc_user_id:xcc_password@xcc_external_ip
# If the output is 0x8000, skip the following command.
OneCli.exe config set Memory.SpecificVendorTestOption1 0x8000 --override --imm
xcc_user_id:xcc_password@xcc_external_ip
OneCli.exe config show Memory.SpecificVendorTestOption2 --override --imm
xcc_user_id:xcc_password@xcc_external_ip
# If the output is 0, skip the following command.
OneCli.exe config set Memory.SpecificVendorTestOption2 0 --override --imm
xcc_user_id:xcc_password@xcc_external_ip
2. Configure the memory test:
• If the system firmware version is earlier than d8e130f-2.60, run the following command:
OneCli.exe config set IMM.UEFIMemoryTestOptions XXXX --override --bmc
xcc_user_id:xcc_password@xcc_external_ip

Wherein, the values of XXXX include:

– 0x0407: Run memory test for once only.
– 0x1407: Run the memory test each time the system is powered on or restarted.

Chapter 13. OneCLI scenarios 171

 • If the system firmware version is d8e130f-2.60 or later version, run the following commands:
OneCli.exe config set IMM.UEFIMemoryTest Repair --override --bmc
xcc_user_id:xcc_password@xcc_external_ip
OneCli.exe config set IMM.UEFIMemoryTestPolicy XXXX --override --bmc
xcc_user_id:xcc_password@xcc_external_ip

Wherein, the values of XXXX include:

– Once: Run memory test for once only.
– Always: Run the memory test each time the system is powered on or restarted.
3. Restart the system and wait until the memory test completes.

Disabling advanced memory test

For systems installed with the Intel processors, do the following:
1. Disable the memory test:
OneCli.exe config set Memory.MemoryTest Disable --bmc xcc_user_id:xcc_password@xcc_external_ip
OneCli.exe config set IMM.UEFIMemoryTest Disabled --override --bmc
xcc_user_id:xcc_password@xcc_external_ip
2. Restart the system to make the changes take effect.

For SR645/SR665 installed with AMD EPYC 7003, Do the following:

1. Disable the memory test:
• If the system firmware version is earlier than d8e130f-2.60, run the following command:
OneCli.exe config set IMM.UEFIMemoryTestOptions 0 --override --bmc
xcc_user_id:xcc_password@xcc_external_ip
• If the system firmware version is d8e130f-2.60 or later version, run the following command:
OneCli.exe config set IMM.UEFIMemoryTest Disabled --override --bmc
xcc_user_id:xcc_password@xcc_external_ip
2. Restart the system and wait until the memory test completes.

Remotely updating firmware for multiple BMC

From v2.5.0, OneCLI supports to remotely upgrade multiple BMC by running the multiflash command.
Users can specify the BMC information and the configuration parameters by using a JSON configuration file.

Steps:
1. Acquire all necessary files for the multiple BMC by running the following command:
OneCli.exe update acquire --ostype platform --mt xxxx,xxxx,xxxx --dir C:\pkg
2. Input the information of multiple BMC and the configuration parameters to a JSON configuration file.

Note: For the JSON configuration file sample, refer to Sample/multi_task_config.json in OneCLI binary
or “JSON configuration file sample” on page 172.
3. Input the target server BMC password and the SFTP password to the following multiflash command
in the interactive mode.
OneCLI update multiflash --configfile multi_task_config.json [--sftp user:pass@ip/xx]
4. Reflash the multiple server firmware in batch by running the multiflash command.

JSON configuration file sample

The following is the JSON configuration file sample for the multiflash command:

{
//Set the concurrency number, the max value is 50, if more than 50, use 50 as default
"parallel_number": 50,
//Set start task order by order or by random, 0 is for random; none zero is for order by order.
"parallel_order": 1,
// List of credentials to log in to the servers BMC
"bmc_credential":

172 Lenovo XClarity Essentials OneCLI User Guide

{
// Use an alias to designate a user account, then specify that alias in the "target_bmc" section.
// Such as: "[email protected]",
// "[email protected]",
// "[email protected]",
// If no alias precedes the BMC address then the "default_alias" is assumed by default.
"default_alias": "USERID",
"alias_user1": "USERID",
"alias_websrv1": "ADMIN"
},
"target_bmc": [
//By default use "default_user" from bmc_credential or will use the user specified which defined in bmc_credential
"192.168.1.99",
"[email protected]",
"[2002:97b:c2bb:830:42f2:1001:1001:[10ee-10ef]]"
// Target bmc address using format:
// "127.0.0.1:5989"
// "127.0.0.[1-5]"
// "127.0.[2-3].[1-2]"
// "127.0.0.1", "127.0.0.2:5989"
// "[2002:97b:c2bb:830:42f2:1001:1001:ab30]"
// "[2002:97b:c2bb:830:42f2:1001:1001:ab30]:5989"
// "[2002:97b:c2bb:830:42f2:[1001-1002]:1001:[1fe0-1fe1]]"
// "[email protected]"
// "www.host.name:5988"
],
"sftp_crendetial": "root",
"sftp_host":"192.168.1.121"
}

Secure data deletion for all data storage devices

From V2.8.0, OneCLI supports securely erasing data for all data storage devices on Lenovo ThinkSystem
servers. The secure erase is defined in the following ways: the effective erasure of all traces of existing data
from a data storage device, overwriting the data completely in such a way that access to the original data, or
parts of them, becomes infeasible for a given level of effort. OneCLI supports the secure erase command by
leverage BMU solution.

Do the following to perform secure data deletion:

Step 1. Prepare the BMU environment by inputting the following OneCLI command:
./OneCli update acquire --platform --dir xxx

Note: The package will be uploaded to sftp server if specified option ‘--sftp’ is added.
Step 2. Run OneCLI secure erase command to launch the BMU solution.
./OneCli serase --bmc userid:password@ipaddress [--sftp userid:password@ipaddress:6990] --dir xxx

Note: Set the sftp port as 6990. The default port 22 cannot work.
OneCLI will boot the remote target server to Maintenance OS.
Step 3. Check the OneCLI scan results and select the disk to perform secure erase operation after the
Maintenance OS booting.
a. OneCLI will scan all the available disk(s) on the target server and show the disk(s) table.

Chapter 13. OneCLI scenarios 173

 b. Follow the OneCLI hints to select the target disk and erase method.

c. After all the erase operations completion, OneCLI will report the results. Make sure that the
OneCLI commands remain active during the entire execution time, otherwise the task might be
interrupted by error.

Staging firmware to remote server in out-of-band mode on ThinkSystem

V3
The bundle update function is introduced in the ThinkSystem V3 servers. OneCLI supports to remotely stage
all firmware to the ThinkSystem V3 servers in the specified applytime on XCC2. Users can also set the apply
time, check, cancel, or start the staged update task based on the actual needs.

Steps
1. Send the firmware package (the ZIP file) to XCC2 and set the applytime for applying the firmware.

Note: The applytime values includes Immediate, OnReset, and OnStartUpdateRequest.

Sample command:
OneCli.exe update flash --bmc userid:password@bmcip --dir C:\pkg --bundle --applytime onreset
2. Check, cancel, or start the staged update task:
• Check the staged update task:
Sample command:
OneCli.exe update checktask --bmc userid:password@bmcip [--taskid "314e2aa0-5192-4bf1-8d62-23ba990df67d"]

174 Lenovo XClarity Essentials OneCLI User Guide

 • Cancel the staged update task:
Sample command:
OneCli.exe update canceltask --bmc userid:password@bmcip [--taskid "314e2aa0-5192-4bf1-8d62-23ba990df67d"]
• Start the staged update task whose applytime is set as OnStartUpdateRequest:
Sample command:
OneCli.exe update startstaged --bmc userid:password@bmcip [--taskid "314e2aa0-5192-4bf1-8d62-23ba990df67d"]

Note: If XCC2 firmware is staged and the apply time is OnReset or OnStartUpdateRequest, the XCC2
firmware will not be restarted automatically. To restart XCC firmware, users should manually restart
XCC2 on web page or use the rebootbmc command.

Staging firmware to local server within host OS on ThinkSystem V3

Some I/O components can only be updated on Lenovo Customized Bare Metal Environment, and OneCLI
can not apply the firmware of them immediately on the host OS of ThinkSystem V3. In this case, OneCLI
package all these firmware components in to a ZIP file and stage this file to XCC2. By default, XCC2 will
apply these firmware after the system is reset.

Sample command:

OneCli.exe update flash --bundle --dir C:\pk

Notes:
• The default apply time is OnReset.
• If XCC2 firmware is staged and the apply time is OnReset or OnStartUpdateRequest, the XCC2 firmware
will not be restarted automatically. To restart XCC firmware, users should manually restart XCC2 on web
page or use the rebootbmc command.

Setting One Time Boot

From V3.5.0, OneCLI supports to communicate with BMC through Redfish API by using the –redfish
parameter. Users can also set One Time Boot under the Boot group.

Settings supported in Boot group

• BootSourceOverrideEnabled
• BootSourceOverrideMode
• BootSourceOverrideTarget
• UefiTargetBootSourceOverride

Example of setting One Time Boot to Mounted ISO

OneCli config batch --file onetimeboot.txt --redfish

File “onetimeboot.txt”:
set Boot.BootSourceOverrideEnabled Once
set Boot.BootSourceOverrideMode UEFI
set Boot.BootSourceOverrideTarget Cd

Setting CPU power capping on ThinkSystem V3

OneCLI supports to set the status, reason, and value of CPU power capping by using the -redfish parameter
on the ThinkSystem V3 servers.

Supported settings
• CPUPowerCapping.CPU{N}_PowerLimitedValue

Chapter 13. OneCLI scenarios 175

• CPUPowerCapping.CPUDomainPowerLimitCause
• CPUPowerCapping.CPUPowerLimited

Note: Wherein, {N} stands for the socket number of CPU.

Example

OneCli config show CPUPowerCapping --redfish -b xxxx:xxxx@xxxx

CPUPowerCapping.CPU1_PowerLimitedValue=255
CPUPowerCapping.CPU2_PowerLimitedValue=255
CPUPowerCapping.CPUDomainPowerLimitCause=PSUFailSafe
CPUPowerCapping.CPUPowerLimited=true

Setting security for ThinkEdge servers

OneCLI supports to set the security by using the -redfish parameter on the ThinkEdge servers.

Example of supported values

OneCli config showvalues Security --redfish

Security.ChassisIntrusionEnabled=true=false
Security.EncryptionEnabled=true=false
Security.HostShutdown=true=false
Security.MotionDetection=true=false
Security.SED_AK=*generate=backup=restore
Security.StepCounter=0
Security.ThresholdLevel=4_Steps=10_Steps=20_Steps=50_Steps=100_Steps=500_Steps

Example of SED Authentication Key (AK) Management

• To generate SED AK with the random method:
OneCli.exe config generate Security.SED_AK --bmc USERID:[email protected] --redfish
• To generate SED AK with the passphrase method:
OneCli.exe config generate Security.SED_AK --passphrase xxxxxx --bmc USERID:
[email protected] --redfish
• To backup SED_AK to a file and restore with the file:
OneCli.exe config backup Security.SED_AK --passphrase xxxxxx --file backup.txt
--bmc USERID:[email protected] --redfish
OneCli.exe config restore Security.SED_AK --passphrase xxxxxx --file backup.txt
--bmc USERID:[email protected] --redfish

Setting XCC cache SED key from remote key management server
OneCLI supports to set XCC cache SED key by using the -redfish parameter from remote key management
server.

Example of supported values

OneCli config show BMC --redfish

BMC.EKMSCacheExpirationIntervalHours=1
BMC.EKMSLastPollingTime=
BMC.EKMSLocalCachedKeyEnabled=false
BMC.EKMSLocalCachedKeyStatus=NoCached
BMC.EKMSPollIntervalMinutes=60
BMC.EKMSPollingEnabled=false
BMC.EKMSPollingStatus=Failed

Example of result of the showvalues command

BMC.EKMSCacheExpirationIntervalHours=LowerBound=1 UpperBound=336 ScalarIncrement=1

176 Lenovo XClarity Essentials OneCLI User Guide

BMC.EKMSLocalCachedKeyEnabled=true=false
BMC.EKMSPollIntervalMinutes=LowerBound=5 UpperBound=1440 ScalarIncrement=1
BMC.EKMSPollingEnabled=true=false

Setting XCC extended audit log

OneCLI supports to set XCC extended audit log by using the -redfish parameter.

Example

OneCli config set BMC.AuditLogCapabilities Enabled --redfish

Setting XCC protective power capping

OneCLI supports to set XCC protective power capping by using the -redfish parameter.

Example of supported values

OneCli config show BMC --redfish

BMC.FailsafePowerLimit_AllowableMax=750
BMC.FailsafePowerLimit_Capped=false
BMC.FailsafePowerLimit_SetPoint=0
BMC.FailsafePowerLimit_State=Disabled

Example of XCC protective power capping

OneCli config showvalues BMC.FailsafePowerLimit_SetPoint --redfish

BMC.FailsafePowerLimit_SetPoint=LowerBound=1 ScalarIncrement=1 [0 means that disable failsafe power limit]

Setting XCC MPFA function

OneCLI supports to set XCC Memory Predict Failure Analysis (MPFA) function by using the -redfish
parameter.

Example

OneCli config set BMC.MPFAHealthStatusEnabled true --redfish

Updating a local server within host OS

When users have candidate update packages available inside the host OS of a server, only a single OneCLI
command shall apply the applicable updates within the host OS for that server.

To apply the UXSP (available at /tmp/pkgs/) to a server installed with a SLES12 from within that SLES12, see
the following sample command:

./OneCli update flash --dir /tmp/pkgs/

For the ThinkSystem V3 servers, the service pack is named as Update Bundles. For some IO components
(for example, Broadcom NX1 Adapter and some Intel NIC/HDD/SSD), the agentless or execuatable firmware
binaries are not available in the host OS. In this case, these IO components would be staged to XCC2 with
delay update on system reset.

Chapter 13. OneCLI scenarios 177

Updating legacy drive firmware on ThinkSystem V3 servers (in-band
mode)
This section describes how to update legacy drive firmware on ThinkSystem V3 servers without restarting the
host in in-band mode.
1. Acquire all necessary files for a specific host OS, for example, rhel8.
Sample command:
OneCli update acquire --ostype rhel8 --mt xxxx --dir ./xxxx-pkg

Note: The BIN and EXE executable firmware packages of the legacy HDD/SSD can only be downloaded
along with Update Bundles by using OneCLI.
2. Do one of the following:
• On Linux, find out lnvgy_fw_drives_all-xxxx_linux_x86-64.bin under the directory ./xxxx-pkg.
• On Windows, find out lnvgy_fw_drives_all_xxxx_windows_x86-64.exe under the directory .\xxxx-pkg.
3. Flash the hard drive packages in the host OS or run the binary file, do one of the following:
• On Linux, do one of the following:
– Flash the hard drive packages in the host OS.
Sample command:
OneCli update flash --scope individual --includeid lnvgy_fw_drives_all-xxxx_linux_x86-64 --dir ./xxxx-pkg
– Run the binary file:
lnvgy_fw_drives_all-xxxx_linux_x86-64.bin -s
• On Windows, do one of the following:
– Flash the hard drive packages in the host OS.
Sample command:
OneCli update flash --scope individual --includeid lnvgy_fw_drives_all_xxxx_windows_x86-64 --dir .\xxxx-pkg
– Run the binary file:
lnvgy_fw_drives_all_xxxx_windows_x86-64.exe -s

Updating a remote server

Steps:
1. Acquire all necessary files for platform update against the target server.
Sample command：
OneCli.exe update acquire --ostype platform --mt xxxx --dir C:\pkg
2. Flash the update packages in out-of-band mode to the target server.
Sample command:
OneCli.exe update flash --bmc userid:password@bmcip --dir C:\pkg --uselocalimg --platform

Notes:
• OneCLI restarts the server automatically after some components are updated, for example, Hard
Drive and Broadcom NX1 Network adapters. Use the following command to skip these updates and
avoid restarting the server.
OneCli.exe update flash --bmc userid:password@bmcip --dir C:\pkg --uselocalimg
• The --fileserver parameter is mandatory for SystemX and optional for ThinkSystem. When using
this parameter on the ThinkSystem servers, port 6990 must be enabled.
Sample command:
--fileserver sftp://user:password@host/tmp/

178 Lenovo XClarity Essentials OneCLI User Guide

Viewing and changing the setting value of a remote server through BMC
To view the current value of setting IMM.SSH_Enable, see the following sample command:

OneCli.exe config show IMM.SSH_Enable --bmc userid:password@host

To change the value of setting IMM.SSH_Enable to Enabled, see the following sample command:

OneCli.exe config set IMM.SSH_Enable Enabled --bmc userid:password@host

Chapter 13. OneCLI scenarios 179

180 Lenovo XClarity Essentials OneCLI User Guide
Chapter 14. ASU, DSA, and UXSPi proxy tools
Lenovo XClarity Essentials OneCLI provides three proxy tools serving as the command line translator, which
accepts ASU/DSA/UXSPi commands and then invokes corresponding OneCLI commands. The proxy tools
are distributed together with OneCLI binary. They are asu.exe, dsa.exe, and uxspi.exe.

The topics in this section provide detailed information about how proxy tools maps ASU, DSA, and UXSPi
command to XClarity Essentials OneCLI command.

ASU proxy tool

The ASU proxy tool is an executable binary that accepts ASU command syntax and invokes the
corresponding OneCLI command.

ASU proxy tool syntax

asu.exe [command] [-parameter]

For more information about ASU, refer to:

https://datacentersupport.lenovo.com/us/en/solutions/lnvo-asu

The following table lists commands and parameters used by the ASU proxy tool and the corresponding
XClarity Essentials OneCLI commands and parameters.

Table 174. Matrix of ASU and OneCLI commands and parameters

ASU OneCLI
Com- Com-
mand Parameter mand Parameter
-n node
--host --user --password --bmc user:pwd@host
show --group show
The mapped result for asu show --group BMC is OneCli
show BMC. The --group parameter is removed in the
OneCLIcommand string.
-n --node
--host --user --password --bmc user:pwd@host
showval- showval-
ues --group ues The mapped result for asu show --group BMC is OneCli
show BMC. The --group parameter is removed in the
OneCLI command string.
-n --node
--host --user --password --bmc user:pwd@host
showde- showde-
fault --group fault The mapped result for asu show --group BMC is OneCli
show BMC. The --group parameter is removed in the
OneCLI command string.

compar- -n compar- --node

edefault --host --user --password edefault --bmc user:pwd@host

show- -n show- --node

groups groups

© Copyright Lenovo 2018, 2024 181

Table 174. Matrix of ASU and OneCLI commands and parameters (continued)

ASU OneCLI
Com- Com-
mand Parameter mand Parameter
--host --user --password --bmc user:pwd@host
-n --node
set set
--host --user --password --bmc user:pwd@host
-n --node
loadde- loadde-
fault --host --user --password fault --bmc user:pwd@host

creatuuid --host --user --password creatuuid --bmc user:pwd@host

-n --node
delete delete
--host --user --password --bmc user:pwd@host

The --file parameter is added by default.

-n --node

save --host --user --password save --bmc user:pwd@host

--group The mapped result for asu show --group BMC is OneCli
show BMC. The --group parameter is removed in the
OneCLI command string.

The --file parameter is added by default.

replicate replicate
--host --user --password --bmc user:pwd@host

The --file parameter is added by default.

restore -n restore --node

--host --user --password --bmc user:pwd@host

The --file parameter is added by default.

batch -n batch --node

--host --user --password --bmc user:pwd@host

The --file parameter is added by default.

generate -n generate --node
--host --user --password --bmc user:pwd@host

The --file parameter is added by default.

export -n export --node
--host --user --password --bmc user:pwd@host

The --file parameter is added by default.

import -n import --node
--host --user --password --bmc user:pwd@host
-n --node
delete- delete-
cert --host --user --password cert --bmc user:pwd@host

nodes --host --user --password nodes --bmc user:pwd@host

182 Lenovo XClarity Essentials OneCLI User Guide

Table 174. Matrix of ASU and OneCLI commands and parameters (continued)

ASU OneCLI
Com- Com-
mand Parameter mand Parameter
-n --node
help showdes
--host --user --password --bmc user:pwd@host

Example of an ASU script using the --group parameter

asu.exe show --group GROUP1

Example of an ASU script using the --host parameter

asu.exe help all --host host --user userid --password password

In this example, the asu.exe --host parameter maps to:

OneCli.exe config showdes --bmc userid:password@host

DSA proxy tool

The DSA proxy tool is an executable binary that accepts DSA command syntax and invokes the
corresponding OneCLI command.

DSA proxy tool syntax

dsa.exe [-parameter] [file]

For more information about DSA, refer to:

https://datacentersupport.lenovo.com/us/en/solutions/lnvo-dsa

The DSA parameters table lists DSA parameters used by the DSA proxy tool and the corresponding XClarity
Essentials OneCLI commands and parameters.

Table 175. Matrix of DSA and OneCLI commands and parameters parameters and

DSA parameter OneCLI command OneCLI parameter

i formatlog srcdata

d output

diags diags

disable-bmc-lan disable-bmc-lan
no-bmc-lan no-bmc-lan
h, ?, help getinfor help

ipmi-lan bmc
t upload

upload upload
v htmlreport

Chapter 14. ASU, DSA, and UXSPi proxy tools 183

Table 175. Matrix of DSA and OneCLI commands and parameters parameters and (continued)

DSA parameter OneCLI command OneCLI parameter

text Not supported

vmware-esxi esxi
ffdc ffdc
hldec hldec
html output

[--proxy-address=addr] --proxy user:pwd@addr:port

[--proxy-port=port]

[--proxy-user=user]

[--proxy-password=pwd]

Notes about the dsa command parameters

• The DSA i parameter maps to the XClarity Essentials OneCLI formatlog command.
• All other DSA parameters map to the XClarity Essentials OneCLI getinfor command.

The DSA script examples table provides examples of DSA scripts and the XClarity Essentials OneCLI
commands and parameters they map to.

Table 176. DSA script examples

DSA script XClarity Essentials OneCLI command and parameters

dsa.exe -i test_file -d C:\onecli\ OneCli inventory formatlog --srcdata test_file --output

C:\onecli\
dsa.exe -upload --proxy-address=addr OneCli inventory getinfor --output C:\Lenovo_Support\ --proxy user:
--proxy-port=port --proxy-user=user pwd@addr:port --upload multitool
-proxy-password=pwd

dsa.exe -v --ffdc OneCli inventory getinfor --ffdc --htmlreport --output

C:\Lenovo_Support\

Example of a DSA script using the -upload parameter

dsa.exe -upload --proxy-address=addr --proxy-port=port --proxy-user=user

- proxy-password=pwd

This is the output generated from this example:

Lenovo Dynamic System Analysis<C> Copyright Lenovo Corp. 2004-2015.

<c> Copyright IBM Corp. 2004-2015. All Rights Reserved.
Call command: OneCli inventory getinfor --output
C:\Lenovo_Support\ --proxy user:pwd@addr:port --upload multitool

UXSPi proxy tool

The UXSPI proxy tool is an executable binary that accepts UXSPi command syntax and invokes the
corresponding OneCLI command.

UXSPi proxy tool syntax

184 Lenovo XClarity Essentials OneCLI User Guide

uxspi.exe [command] [-parameter]

For more information about UXSPI, refer to:

https://datacentersupport.lenovo.com/us/en/solutions/lnvo-xpress

The following table lists commands and parameters used by the UXSPI proxy tool and the corresponding
XClarity Essentials OneCLI commands and parameters.

Table 177. Matrix of UXSPi and OneCLI commands and parameters

UXSPi OneCLI
Com- Com-
mand Parameter mand Parameter
--check -update Not supported.

-l UXSP-path, --local=UXSP-path --dir UXSP-path

m type, --machine-type=type --mt type

--meta-only --metaonly

-o operating-system, --os=operating-system --ostype operating-system

-L, --latest --scope latest

-i update-id, --id=update-id --includeid update-id

Note: Must be used with --scope individual.
-r, --report --report

--proxy-address=address --proxy url

--proxy-port=port
acquire acquire
--proxy-user=user

--proxy-password= password

--proxy-password-secure= secure-password Not supported.

--no-proxy Empty

--preview-user=user Not supported.

--preview-password= password Not supported.

--preview-password-secure= secure- Not supported.

password

--xml --xml
--vmware-esxi-update= 4.1/5.0 Not supported.

--include-software Not supported.

-F, --firmware --type fw

-D, --drivers --type dd

--include-software Not supported.

compare compare
-f update-ids, --force=update-ids --forceid update-ids

-s update-ids, --select= update-ids/all/ Not supported.

undetected
-l UXSP, --local=UXSP -- dir UXSP

Chapter 14. ASU, DSA, and UXSPi proxy tools 185

Table 177. Matrix of UXSPi and OneCLI commands and parameters (continued)

UXSPi OneCLI
Com- Com-
mand Parameter mand Parameter
-n, --new Not supported.

-e update-ids, --exclude=update-ids --excludeid update-ids

-i update-ids, --include=update-ids --Includeid update-ids

--ignore-undetected= update-ids Not supported.

-L, --latest -- scope latest

--remote= remote_address Not supported.

--remote-user=user Not supported.

--remote-password=password Not supported.

--remote-password-secure= secure- Not supported.

password New

--remote-dir=directory Not supported.

--noinventory Not supported.

-o, --linuxoverride= update-ids --forceid update-ids

Note: B the -f and -o parameters in UXSPi
map to --forceid.
--nouxsp Not supported.
-r, --report Not supported.

--tui Not supported.

--timeout=time Not supported.

--xml Not supported.

--disable-imm-lan Not supported.

--vmware-esxi=url --esxi url

--host= IMM_IP_Address --bmc url
--update-args="IMM: --user=userid
--password=pwd,UEFI:--backup"

--esxi-updatefile Not supported.

-m type, --machine-type=type --mt type

--ignore-mtos-check Not supported.

-F, --firmware --type fw

-D, --drivers --type dd

--include-software Not supported.

update update
-f update-ids, --force=update-ids --forceid update-ids

-s update-ids, --select=update-ids/all/ Not supported.

undetected
-l UXSP, --local=UXSP -- dir UXSP

186 Lenovo XClarity Essentials OneCLI User Guide

Table 177. Matrix of UXSPi and OneCLI commands and parameters (continued)

UXSPi OneCLI
Com- Com-
mand Parameter mand Parameter
-n, --new Not supported.

-e update-ids, --exclude=update-ids --excludeid update-ids

-i update-ids, --include=update-ids --Includeid update-ids

--ignore-undetected=update-ids Not supported.

-L, --latest -- scope latest

--remote=remote_address Not supported.

--remote-user=user Not supported.

--remote-password=password Not supported.

--remote-password-secure= secure- Not supported.

password New

--remote-dir=directory Not supported.

--noinventory Not supported.

-o, --linuxoverride=update-ids --forceid update-ids

Note: B the -f and -o parameters in UXSPi
map to --forceid.
--nouxsp Not supported.
-r, --report Not supported.

--tui Not supported.

--timeout=time Not supported.

--xml Not supported.

--disable-imm-lan Not supported.

--vmware-esxi=url --esxi url

--host=IMM_IP_Address --bmc url
--update-args="IMM: --user=userid
--password=pwd,UEFI:--backup"

--esxi-updatefile Not supported.

--ignore-req --noreq

--ignore-hwcheck Not supported.

-m type, --machine-type=type --mt type

--ignore-mtos-check Not supported.

-s, --scan scan

bc --mm-address=address bc --cmm url

(Scan --mm-user=user (Scan
com- com-
mands) --mm-password=password mands)
--mm-password-secure=secure-password Not supported.

Chapter 14. ASU, DSA, and UXSPi proxy tools 187

Table 177. Matrix of UXSPi and OneCLI commands and parameters (continued)

UXSPi OneCLI
Com- Com-
mand Parameter mand Parameter
-m --mm Not supported. UXSPi needs input update file
--mm-address=address names, while OneCLI needs input package
IDs. The IDs and files names cannot match,
--mm-user=user so the proxy tool will not transfer these
bc bc
(CMM --mm-password=password (CMM commands.
update update
com- --mm-password-secure=secure-password com-
mands) --mm-file=file1 mands)

--mm-file2=file2
--mm-force
-i, --io Not supported. UXSPi needs input update file
names, while OneCLI needs input package
--mm-address=address IDs. The IDs and files names cannot match,
--mm-user=user so the proxy tool will not transfer these
commands.
--mm-password=password
bc bc
(I/O- --mm-password-secure=secure-password (I/O-
module module
--io-bay=bayID
update update
com- --io-user=user com-
mands) mands)
--io-password=password

--io-password-secure=secure-password

--io-file=file1
--io-file2=file2

Example of an UXSPi proxy

/uxspi up -u -l ./ -i elx-lnvgy_fw_fc_16a-lp16-11.0.270.24-1_linux_32-64 -L -e all

Where the translated command is:

/OneCli update flash --dir ./ --scope individual --includeid elx-lnvgy_fw_fc_16a-lp16-11.0.270.24-1_linux_32-64

188 Lenovo XClarity Essentials OneCLI User Guide

Chapter 15. Troubleshooting and support
Use this section to troubleshoot and resolve problems with Lenovo XClarity Essentials OneCLI.

General limitations
XClarity Essentials OneCLI has the following known general limitations.

OneCLI cannot connect to the SFTP server that only supports the deprecated algorithms ssh-rsa and
ssh-dss.

After upgrading the SSH client, OneCLI supports algorithms ssh-ed25519, ecdsa-sha2-nistp521, ecdsa-
sha2-nistp384, ecdsa-sha2-nistp256, [email protected], sk-ecdsa-sha2-
[email protected], rsa-sha2-512, and rsa-sha2-256. The SFTP server that only supports the
deprecated algorithms ssh-rsa and ssh-dss cannot be connected to OneCLI.
OneCLI does not support to mount/unmount virtual media under in-band mode.
OneCLI retrieves a temporary account from BMC when running in-band scenarios, but the temporary
account does not have the privilege to mount/unmount virtual media.
OneCLI does not support inventory and raid configuration on Virtual Raid on CPU (VRoC).
The glibc.i686 and glibc-locale libraries are required to load shared libraries.
If the glibc.i686 and glibc_locale libraries are not installed, users might receive the following error when
attempting to load a shared library:OneCli error while load shared libraries: libstdc++.so.6: cannot open
shared object: no such file or directory.
OneCLI uses BMC Lan over USB which uses "169.254.95. xx" network by default.
The default setting for BMC Lan-over-USB is "169.254.95.xx". If the "169.254.95.xx" network is used for
another application, such as Oracle RAC, running OneCli will change the network route table, which can
cause the other application to behave unexpectedly. In this case, set the IP address in the "BMC
Ethernet over USB IP Settings" section of the BMC Web page to a non-conflict IP address so that
OneCli will use this IP address to connect to BMC.
OneCLI might print warning message when Broadcom CIM provider v17.0.5 or older installed on a
customized the VMware ESXI system.
If users have a Broadcom CIM provider v17.0.5 or older installed on a customized the VMware ESXI
system, the following warning message will be displayed in the log file: You have a Broadcom CIM provider
v17.0.5 or older installed in the target system. Broadcom CIM Provider versions older than 17.0.5 is not
recommended to use for Firmware Update. If you want to update Firmware, install the latest ESXi patch."

Config limitations
The limitations listed in this section are specific to the config application.

OneCLI may fail to restore settings in backup file for SR645 V3.
Users run the backup command to save the settings in the encrypted way for SR645 V3. However, the
settings might not be restored in the backup file and the passphrase.
The state of LAN-over-USB is saved as “enabled” when using the config command “backup” to save
the configuration with an encrypted way in in-band mode.
When users use the config command backup to save the configuration with an encrypted way in in-band
mode, LAN-over-USB will be enabled and its state will be saved as enabled. When users perform the
config command restore to recover from the saved configuration file, the LAN-over-USB state might
still be displayed as enabled no matter what the initial state it is.

© Copyright Lenovo 2018, 2024 189

When using the config set command to modify the properties of the active account connecting to
BMC, even the command succeeds, OneCLI still returns the failure result.
When running the config set command to modify the active account properties. For example,
• Account name: OneCli.exe config set imm.loginid.3 test2 --bmc test1:PASSW0RD@host
• Account password: OneCli.exe config set imm.password.3 Passw0rd --bmc test2:PASSW0RD@host
Even the command is executed successfully, OneCLI still returns the error message:
Failed to get update status due to BMC internal error.
BIOS settings are not saved in OS on SR635/SR655.

When running the OneCLI config command Onecli.exe config save --group BIOS --file save.txt in
the OS on SR635/SR655, the command might return success, but no BIOS settings can be found in the
save.txt file.
Add IPMI/SNMP interface for an existing account(without IPMI or SNMP) in batch mode.

It is required to provide the password for the specified account when adding IPMI or SNMP interface in
IMM.Accessible_Interfaces.*. It is recommended to run the batch file containing both IMM.Accessible_
Interfaces.* and IMM.Password.* in batch mode; otherwise, OneCLI will fail with error code 93(0x5D).
A BMC local user account is required in OneCLI out-of-band configuration.
It is recommended not to use OneCli config on configuration with LSI adapters
It is recommended not to use OneCli config on configuration with LSI adapters because it is difficult to
do settings on LSI adapters and it may impact the RAID controller.
OneCLI shows failure to set BMC to shared mode but actually it succeeds
Using OneCLI config command to set "BMC.SharedNicMode" to "SharedOption_1" results in the error
message "The SET command execute failure;" however, the configuration change is successful and the
network interface of the BMC is changed to shared mode.
Not valid configuration settings are not saved
Some initial values for settings are not valid as defined in the XML and are not saved.
Restarting the BMC for config values to take effect
For some settings to take effect, users might have to restart the BMC. Users might also need to restart
the BMC for any values that are set through the OneCLI config application and displayed in the BMC
Web interface.
Some Flex System settings cannot be set with null string
For some Flex Systems, the IMM.IMMInfo_Contact, IMM.IMMInfo_Location, and IMMInfo_RoomId
settings cannot be set with the value of null string.
Some settings might not match their default values
When using the comparedefault command, some settings might not match their default values, even
though the loaddefault command was run before the comparedefault command.
OneCLI config might fail to get the set result
After the OneCLI config application sets some BMC network settings, it could cause a BMC connection
section reset or an IP address change, resulting in the config application failing to get the set result.
OneCLI config does not restore/replicate some settings from the saved file
When running command restore and replicate of OneCLI config, users could meet the following actions:
• Filter some settings to restore because the value is empty.
• Skip some settings for this type of command. For example, VPD settings for command restore.
• Ignore some settings which can’t be found on the target system.
OneCLI does not translate 1/0 to True/False for suppress-if sentence in the output of command
showvalues

190 Lenovo XClarity Essentials OneCLI User Guide

A DC cycle is mandatory for any setting change (except those related to BMC/IMM) to take effect after
user run OneCLI to change that setting.

Inventory limitations
The limitations listed in this section are specific to the inventory application.

Users with LDAP authentication (for example, LXCA account) could not collect IPMI logs (for example,
IPMI event logs and system settings).
Users could use XCC local account to collect IPMI logs.
No Mellanox adapters raw data in inventory result since OneCLI V2.9.0
Users can download the Mellanox utility to generate raw data from: https://www.mellanox.com/
downloads/MFT/WinMFT_x64_4_14_0_105.exe.
The value of DIMM serial number shown by OneCLI is inconsistent with the serial number shown by
the BMC Web application (Retain tip 95884)
The DIMM serial number shown by OneCLI is not in the same byte order as the serial number shown by
the BMC. For example, the DIMM serial number displays as 441B13BD on the BMC Web page, which
corresponds to the 4 byte sequence 44 1B 13 BD, while in OneCLI the DIMM serial number is displayed
as BD131B44, with a byte sequence of BD 13 1B 44.
OneCLI shows the volumes' layout and status unknown on windows 2012 series OS
OneCLI shows the volume layout and status as unknown for Windows 2012 series operating systems
when the partition type is static. This is because logical disk management (LDM) is deprecated in favor
of Storage Spaces for Windows 8 and Windows 2012. When OneCLI attempts to read LDM data from
the Windows operating system for these properties, OneCLI shows an unknown status for these two
properties of a static disk.
Cache Enable information might be inaccurate
Information about Level 1, 2, 3 Cache Enable might be inaccurate
Common tables with instances from multiple data sources may have blank fields
If there is no data for a particular field, the field is blank. This situation is most often encountered in
common tables containing instances from multiple data sources.
Dates fall outside the valid date range for XClarity Essentials OneCLI
When XClarity Essentials OneCLI collects dates and times that are before January 1, 1970, 00:00:00, or
after January 19, 2038, 03:14:07, XClarity Essentials OneCLI reports these dates and times as January
1, 1970, 00:00:00. These dates fall outside the valid date range for XClarity Essentials OneCLI.
Extended collection times
If users encounter extended collection times, it might be helpful to disconnect external devices
temporarily. For example, unplug fiber cables or additional USB devices where information about these
devices is not essential to the data collection.
Intel Ethernet controller is displayed as Not Available
The description about the Intel Ethernet controller is displayed as Not Available on the Network Settings
page under RHEL6.
Memory speed reported as Unknown in the Memory section of the Hardware Information report
XClarity Essentials OneCLI might report the memory speed as Unknown in the Memory section of the
Hardware Information report, which is caused by the issues with SMBIOS support on some systems.
OneCLI is displayed as Unknown in the item PartitionSubType
OneCLI is displayed as Unknown in the item PartitionSubType in the Disk Information table on the
Hardware Inventory page when the HDD is in the GUID Partition Table (GPT) format on UEFI systems.
QLogic utility limitation

Chapter 15. Troubleshooting and support 191

 Due to a QLogic utility limitation for QLogic 8 Gb FC Dual-port HBA, Option 42D0510, the QLogic
information about the Hardware Inventory page is not collected on Red Hat Enterprise Linux 6 Update 2
(RHEL 6.2).
XClarity Essentials OneCLI displays the manufacturer of a SATA hard disk as ATA in the Physical Drive
Information table
When an LSI RAID controller connects with a SATA hard disk, XClarity Essentials OneCLI displays the
manufacturer of the hard disk as ATA in the Physical Drive Information table.
XClarity Essentials OneCLI shows incorrect core numbers for System x3850 X5 dual node
configuration
On System x3850 X5 dual node configuration, XClarity Essentials OneCLI shows incorrect core numbers
(always show one core) for processors on the second node (CPU5-8).
Upload through a proxy server on Windows shall meet some specific system configuration
requirements
On a Windows operating system when trying to run the upload command or getinfor command with
the --upload option through a proxy server by specifying --proxy option, turn off check for server
certificate revocation (requires restart) from the Tools ➙ Internet Options ➙ Advanced ➙ Security
menu.
OneCLI does not show slot number for some PCI devices sometimes on Linux Operating systems
Route information in network settings, and video controllers and video heads in hardware inventory
are absent on SLES 15.
The Init Configuration item is blank in inventory logs on SLES 12 and SLES 15.
OneCLI shows Xorg core dump when running inventory on some Red Hat 7 operating systems.
When OneCLI collects the graphics information, the core dump of some earlier versions of Xorg might
be displayed. Users can fix this problem by upgrading Xorg.
The “VMware Privilege Logs” item is gray in HTML log on VMWare ESXi 6.7.
The “VMware_Privilege” item has been removed from the “root/cimv2” namespace of VMware, so there
is no information on VMware privilege logs.
The "Other Devices" item is not displayed on OneCLI on Red Hat 6/7/8.
OneCLI displays the information on other devices through the file /etc/sysconfig/hwconf. This file has
been removed from Red Hat 6, so the “Other Device” item is not displayed on OneCLI on Red Hat 6/7/8.
Some items are unreadable in Chassis Event Log on OneCLI inventory report
The CIM client used by OneCLI for collecting the data does not support UTF-8. Therefore, the message
on the Chassis Event Log page may be unreadable.

Update limitations
The limitations listed in this section are specific to the update application.

Notes:
• For update limitations relating to the Lenovo UpdateXpress System Pack Installer, see limitations listed in
the UXSPi documentation at:
https://datacentersupport.lenovo.com/docs/LNVO-XPRSUG
• To download packages from IBM Web site through proxy, ensure that the proxy server can access
domain www.ibm.com and www-03.ibm.com for Windows operating systems and IP address
207.25.252.197 and 129.42.160.51 for Linux operating systems.

The installed driver version is displayed as "Undetected" in the update compare results.
For some network adapters, RAID adapters, and chipsets, if the installed driver name does not match
any out-of-box driver in the server update packages, the installed driver version will be displayed as

192 Lenovo XClarity Essentials OneCLI User Guide

 Undetected in the update compare results. In this case, OneCLI could not select the correct driver for
update.

Workaround: Users should use OneCLI with the --force parameter or manually install the out-of-box
driver to override the in-box driver.
The installed driver version is displayed as "N/A" in the update compare results.
For some network adapters, RAID adapters, and chipsets, if the installed driver version is non-sequential
compared with the out-of-box driver in server update packages, the installed driver version will be
displayed as N/A in the update compare results. By default, OneCLI will recognize the installed driver as
in-box driver and install the corresponding out-of-box driver.
Specific command needed to install ESXi6.0u2, ESXi6.0U3, ESXi6.5
The ESXi6.0u2 software bundle must be installed using the following command:
esxcli software vib install --maintenance-mode -d file:///<dir>/<zip_file_name>

Where:
• <dir> is the directory where the CIM zip file is stored (for example, /var/tmp/)
• <zip_file_name> is the name of the zip file, using the form lenovo_extension_lnv-xxx-offline_bundle.
zip

Note: After the installation is complete, restart ESXi when prompted.

User should enable Ethernet Over USB and CIM Over HTTPS on XCC web UI before remotely updating
firmware using OneCLI under ESXi.
The firmware to be updated could be sent to XCC succssfully after these two options are enabled.
After installing ESXi, system requires 15 minutes to initialize.
To prevent OneCLI errors when first restarting a system after ESXi has been installed, wait
approximately 15 minutes for the system to initialize before performing any operations.
All OneCLI paths must use standard English-language alphanumeric characters.
All OneCLI paths specified for the --dir or --output parameters must use standard English-language
alphanumeric characters: and must not include spaces, special characters, or non-English-language
characters.
64-bit Linux requires 32-bit compatible libraries to update firmware
To update firmware with the XClarity Essentials OneCLI on 64-bit Linux operating systems, the 32-bit
compatibility library (compat-libstdc++) must be installed. Use the following command to see if this
library is installed:
rpm -qa grep compat-libstdc++-296
The XClarity Essentials OneCLI update function does not support tape drives
The update function does not support the tape device driver firmware scan, compare, or flash functions.
XClarity Essentials OneCLI does not support firmware updates for LAN-over-USB bridged network
ports

The XClarity Essentials OneCLI does not support firmware updates for systems where LAN-over-USB
ports are bridged by bridge network ports.

For example, on a SLES11 XEN system, there might be network ports, such as the br0 (bridge) port, eth0
(Ethernet controller) port, and usb0 (LAN-over-USB) port. If the usb0 port is bridged by the br0 port, the
XClarity Essentials OneCLI is unable to flash any firmware on the system due because it is unable to
establish a CIM connection when the usb0 port is bridged by the br0 port. To solve this problem, the
usb0 port must be manually removed from the bridged devices list of br0. To edit the bridged devices
List of br0 on SLES systems, run the yast2 command at a command prompt to display the Network
Card Setup GUI window; then, select Network Bridge br0 and click Edit. In the next configuration

Chapter 15. Troubleshooting and support 193

 window, uncheck the usb0 selection and save the configuration; then, restart the system to use the
XClarity Essentials OneCLI to update the system firmware.
Some SND switches restart after firmware update
For SND switches that have multi-image updates, such as the CN4093 or EN2092 switches, the switch
firmware shall be active after firmware update, causing the switch to restart automatically. The XClarity
Essentials OneCLI “--noreboot” parameter will not prevent these switches from restarting after firmware
upgrade.
User must verify presence of configuration file
The XClarity Essentials OneCLI uses a third-party library to parse the configuration file. Users must verify
that the configuration file (global.config or IBM_systems_list.txt) is in the OneCLI binary file, that is in
UTF-8 encoded format.
XClarity Essentials OneCLI does not restore USB LAN IP configuration
The XClarity Essentials OneCLI will not restore the USB LAN IP configuration (usb0 or usb1) after
firmware update. The update process changes the USB LAN Device IP address to one that will connect
to BMC, making the origin USB LAN IP address not valid.
XClarity Essentials OneCLI does not support the VMware ESXI 5.1.
XClarity Essentials OneCLI openssl command is not compatible with ESXi opensslo command.
OneCLI OOB can only flash OOB enabled packages that now is indicated by pldmSupport or
oobSupport tag in package xml for OOB enabled Adapters.
OneCLI cannot flash the system firmware in a host OS when the ipmi service of the host is not
available.
If “IMM.LanOverUsb” is set to “Disabled”, OneCLI will flash the system firmware through USB LAN
device. In this case, OneCLI cannot update IB system firmware.
OneCLI cannot compare matrox video driver.
ESXI 6.5: IMM is unresponsive after updating firmware by using OneCLI.
OneCLI cannot update the core firmware in host when the IP address in network conflicts with the
local USB LAN IP (default IP: 169.254.95.118).
OneCLI cannot compare Intel Driver Pack versions for the non-ThinkSystem servers.
Intel Driver Pack only releases the package for the ThinkSystem servers after 2017. Therefore, from
V2.1.0, OneCLI only supports to compare the Intel Driver Pack versions for the ThinkSystem servers.
However, Intel Driver Pack releases a build for the non-ThinkSystem servers in 2018.
If the server XCC firmware is not the latest version, OneCLI might fail to update the M.2 & NVMe
Adapter firmware in host.
OneCLI cannot update the M.2 & NVMe Adapter firmware in host when there are conflicts between the
network IP and the local USB LAN IP (default IP: 169.254.95.118).
Even the “mtrox-lnvgy_dd_video_4.11.0_rhel7_x86-64” driver package only supports RHEL7.3, this
driver package will be displayed in RHEL7.4/RHEL7.5 of OneCLI.
The latest version of the “mtrox-lnvgy_dd_video_4.11.0_rhel7_x86-6” driver package is in the in-box
driver of OS. However, users might still see this driver package in RHEL7.4/RHEL7.5. When users flash
this driver package in RHEL7.4/RHEL7.5, a message will be displayed, showing that this driver package
is in the latest version.
When HDD/SSD is not connected to the RAID controller in the OOB mode, OneCLI does not support to
scan or compare the HDD/SSD firmware.
OneCLI might delay displaying the firmware update progress.
If OneCLI frequently checks the firmware update progress, BMC will be busy. Now OneCLI supports to
check the firmware update progress every 10 seconds. Therefore, the firmware update progress might
not be displayed in real time. For example, when OneCLI shows that the progress of updating UEFI is
43%, the actual update progress might be 100%, and the system can be powered off.

194 Lenovo XClarity Essentials OneCLI User Guide

OneCLI will fail to acquire the update packages with a certificate interception proxy
When users use OneCLI to acquire an update package with a proxy from Lenovo Technical Support or
IBM Support, and the proxy has a certificate interception configuration, the certificate issuer name will be
changed to the proxy name. In this case, OneCLI cannot verify the certificate or acquire the update
package. To solve this problem, users can add the proxy certificate to esupport.pem (for Lenovo
Technical Support) or TrustList.pem (for IBM Support) in OneCLI binary.

Miscellaneous limitations
The limitations listed in this section are specific to the miscellaneous application.

OneCli may report failure when booting to setup a server if the target server's host OS is RHEL or
SLES.

When the OS of the target system host is RHEL or SLES, the following message might be displayed after
running OneCli ospower boottosetup --bmc USERID:[email protected]:

Failed to enter BIOS setup, waiting OS system status timeout.

In this case, do the following:

• For Red Hat® Enterprise Linux (RHEL) v7 and later versions:
1. Manually configure the operating system to change the power status to power off. For
instructions, see the Changing Behavior when Pressing the Power Button in Graphical Target Mode
2. Run the command OneCli ospower boottosetup --bmc USERID:[email protected] again.
• For SUSE Linux Enterprise Server (SLES):
1. Manually power off the server through the local SLES interface, enter the root password on the
SLES session, select Remember authentication, or check the security policy to confirm
whether the mandatory authentication can be disabled.
2. Run the command OneCli ospower boottosetup --bmc USERID:[email protected] again.
OneCLI could not run the raid clear command for the ThinkServer systems.
When running the raid clear command in the ThinkServer systems and error message “The request
failed due to an internal service error. The service is still operational.” is displayed, do one of the
following:
• If the target volume is not deleted, run the raid clear command again to delete the target volume.
• If the target volume is deleted, ignore this error message.
Long time might be consumed in physical drive secure erase (speed: about 0.38GB/min) for the
ThinkSystem servers installed with 4350/5350/9350 HBA/RAID adapters.
OneCLI could not perform secure erase on SATA SSD connected to Marvell RAID controllers.

There is an internal time-out of 9 seconds in the Marvell RAID firmware, and the SSD might not respond
to the command in time. Then, the Marvell RAID firmware will reset the SSD, the secure erase will fail,
the SSD will be locked and could not work. In this case, run the following command to unlock SSD:
hdparm --user-master u --security-unlock user123 %diskName%

It is also recommended to do the following:

• For 7mm SATA SSDs, connect to Broadcom RAID controllers to perform secure erase.
• For M.2 SATA SSDs, connect to Enablement Kit without Marvell RAID firmware (for example,
ThinkSystem M.2 SATA/NVMe 2-Bay Enablement Kit) to perform secure erase.

ASU/DSA/UXSPi proxy tool limitations

The limitations listed in this section are specific to the ASU, DSA, and UXSPi proxy tools.

Chapter 15. Troubleshooting and support 195

OneCLI only supports calling ASU, DSA, and UXSPi proxy tool from the directory in which executable
binary file exists
Calling OneCLI using the ASU, DSA, or UXSPi proxy tool only functions when called from the directory
containing the executable binary file. For example, if the OneCLI and ASU executables are both in the
folder /software/onecli/tmp, the command will run when calling the proxy tool from the folder
/software/onecli/tmp # ./asu show --host host--user userid --password password; however, the
command will fail when calling it from another folder, such as /software/onecli# ./tmp/asu show --host
host --user userid --password password.

Return codes
XClarity Essentials OneCLI issues a return code to indicate either successful execution of a command or to
indicate that an error occurred while the program was running. A return code of zero indicates that the
operation was successful, and a nonzero return code indicates an error.

To determine whether any errors occurred and when based on the associated timestamp, refer to one of the
following log files:
• For Windows, review the C:\Lenovo_Support\onecli.log file.
• For Linux, review the /var/log/Lenovo_Support/onecli.log file.

Return codes Table

Common return codes Table 178 “OneCLI common return codes” on page 196

config-related return codes Table 179 “OneCLI config-related return codes” on page
198
update-related return codes Table 180 “OneCLI update-related return codes” on page
199
FFDC-related return codes Table 181 “OneCLI FFDC-related return codes” on page
200
raid-related return codes Table 182 “OneCLI raid-related return codes” on page
201
diags-related return codes Table 183 “OneCLI diags-related return codes” on page
201
FoD-related return codes Table 184 “OneCLI FoD-related return codes” on page
201

Table 178. OneCLI common return codes

Return code Decimal base Description

0x00 0 Success.
0x01 1 Generic failure.
0x03 3 Invalid application.

0x04 4 Invalid command.

0x05 5 Invalid parameter.

0x06 6 Local file does not exist.

0x07 7 Invalid file.
0x08 8 Failed to create directory.

0x09 9 Failed to open file.

0x0A 10 Failed to read file.

196 Lenovo XClarity Essentials OneCLI User Guide

Table 178. OneCLI common return codes (continued)

Return code Decimal base Description

0x0B 11 Failed to write file.

0x0C 12 Authentication failed.
0x0D 13 Connection failed.
0x0E 14 Ping failed.

0x0F 15 Upload failed.

0x10 16 Download failed.

0x11 17 Internal error.
0x12 18 Time-out.
0x13 19 Failed to get XCC account through KCS.

0x14 20 Users are running on an IBM system. Do not use proxy tool in onecli extract path
when set the executable binary of legacy ToolsCenter path in global.config.

0x15 21 LAN-over-USB device is disabled on BMC side. Enable it manually.

0x16 22 The BMC default internal IP conflicts with external machine. Correct the problem,
and try again.

0x17 23 Failed to restart host system.

0x18 24 Failed to restart BMC.

0x19 25 Platform error.
0x1a 26 • For windows servers, LAN-over-USB device is not detected..
• For linux servers, some tools are not installed, including lsusb,lsmod,and
modprobe.

0x1b 27 Failed to get driver information

0x1c 28 Failed to get machine type.

0x1e 30 Internal error of BMC.

0x1f 31 Failed to find applicable hardware component.

0x20 32 Failed to load LAN-over-USB device driver.

0x21 33 For windows servers: Failed to run commands without root permission. Switch to
root user and try again.

For linux servers: Failed to run commands without administrator permission.

Switch to administrator user and try again.

0x22 34 Failed to update due to ESXI internal error.

0x23 35 CMM internal error.

0x24 36 Failed to verify the certificate/fingerprint for the connection(s) specified.

0x25 37 Manually quit OneCLI.

0x26 38 Invalid file folder.

0x27 39 Failed to encrypt/decrypt.

0x28 40 Fail to find the matching credential.

0x29 41 Fail to find the matching tool package for remote machine.

Chapter 15. Troubleshooting and support 197

Table 178. OneCLI common return codes (continued)

Return code Decimal base Description

0x2a 42 Remote operation not support this remote machine.

0x2b 43 Could not find credential file.

0x2c 44 The path behind the option remoteos does not exist.

0x2d 45 Attended or unattended mode conflict.

0x2e 46 Passphrase error.

0x2f 47 Interrupted by user.

0x30 48 Encrypted file is not exist.

0x31 49 Encrypted file is invalid.

0x32 50 Failed to connect KCS. Check IPMI over KCS status.

0x33 51 Unable to access IPMI service with a password over 20 characters according to
IPMI standard.
0x34 52 There is no RESTful service for the target server.

0x35 53 Check the format of input for connection parameter. For credential encrypt user,
can't find crypt.json.

0x36 54 The password provided for this account must be changed before access is
granted.

0x37 55 BMC CIM Over HTTPS is disabled.

0x38 56 Invalid BMC/CMM/SMM Address.
0x39 57 Check BMU requirement failed.

0x3a 58 One or more tasks failed.

0x3b 59 One or more tasks skipped.

0x3c 60 Fail to get data from Rest interface of BMC.

Table 179. OneCLI config-related return codes

Return code Decimal base Description

0x5C 92 Invalid data field.

0x5D 93 Failed to change the settings. It is recommended to change the settings in batch
mode by using the provided password.

0x5E 94 The required FoD key has not been installed.

0x5F 95 The setting has invalid current value.

0x60 96 Operation unavailable. Users should wait a moment and retry later.

0x61 97 Certificate does not exist.

0x62 98 The default value is empty.

0x63 99 Invalid e-maill address of destination.

0x64 100 The current version of firmware does not support this function. To resolve this
issue, update the target firmware to the latest version.

198 Lenovo XClarity Essentials OneCLI User Guide

Table 179. OneCLI config-related return codes (continued)

Return code Decimal base Description

0x65 101 Redfish internal error.

0x66 102 Failed to parse BMC data.

0x67 103 BMC data error.

0x68 104 The command is not supported on current system.

0x69 105 Query BMC error.

0x6A 106 Invalid certificates.

0x6B 107 Failed restoration.
0x6C 108 Failed replication.

0x6D 109 The password can only be changed in low security level.

0x6E 110 Previous passwords are not allowed. Try another passwords.

0x6F 111 The password does not meet password policy requirements.

0x70 112 User already exists.

0x71 113 Failed to run commands when executing batch command.

0x72 114 BMC internal error: No priviledge to complete this operation.

0x73 115 Invalid setting value.

0x74 116 Failed to display the instance setting. Create the instance first.

0x75 117 Invalid commands in the batch file.

0x76 118 Failed to reconnect to BMC after the command is executed successfully. To
check the result, try another method.

0x77 119 Failed to generate, export, import, or delete certificates.

0x78 120 Failed to set the setting items.

0x79 121 Failed to get information.

0x7A 122 Create the record key of instance first.

0x7B 123 Unable to find setting.

0x7C 124 BMC internal error.

0x7D 125 Failed to run command.

Table 180. OneCLI update-related return codes

Return code Decimal base Description

0x7d 125 Skip updating this package.

0x7c 124 Update does not take effect after successful flash.

0x7b 123 Current BMC version does not support this package. Upgrade BMC to the latest
version and try again.

0x7a 122 Failed to update because this package does not support current method.

0x79 121 Failed to update because this device does not support current method.

0x78 120 The candidate update is older than the allowed minimum version.

Chapter 15. Troubleshooting and support 199

Table 180. OneCLI update-related return codes (continued)

Return code Decimal base Description

0x77 119 Current BMC setting disallows downgrade.

0x76 118 Device error.

0x75 117 Another update in progress.

0x74 116 Failed to prepare update environment.

0x73 115 BMC RDOC space not enough. Remove other mounted device from BMC RDOC.

0x72 114 Failed to set up BMU environment.

0x71 113 Failed to boot into Maintenance Mode OS.

0x70 112 Failed to acquire.

0x6f 111 Unsupported OS.

0x6e 110 Failed to get OS type by using the scan command.

0x6d 109 No package needs update.

0x6c 108 UXSPI does not support the current command run in the IBM system.

0x6b 107 Update blue not supported.

0x6a 106 Failed to run UXSPI. For more information about the error, see UXSPI logs.

0x69 105 Failed to update flash because the error backup does not support the update.

0x68 104 Invalid or unsupported machine type.

0x67 103 Update error: Flash finished running, however multiple packages failed to be
flashed. Check flash status xml for further information.
0x66 102 Users are running on an IBM system. Ensure that UXSPI_PATH is set to the
executable binary of UXSPI in global.config.

0x65 101 Update error: Failed to generate common_result.xml.

0x64 100 Update not found.

0x63 99 No applicable update available in the Repository for the specified machine type or
OS.
0x62 98 Failed to connect to the Repository.

0x61 97 Unrevoverable error.

0x60 96 Failed to download some update packages.

Table 181. OneCLI FFDC-related return codes

Return code Decimal base Description

0x7D 125 Download SMM FFDC error: setup environment failed.

0x7C 124 Download SMM FFDC error: start dump failed.

0x7B 123 Download SMM FFDC error: query failed.

0x7A 122 Download SMM FFDC error: tar ffdc files failed.
0x79 121 Download SMM FFDC error: tftp server is not found.

200 Lenovo XClarity Essentials OneCLI User Guide

Table 181. OneCLI FFDC-related return codes (continued)

Return code Decimal base Description

0x78 120 FFDC log is uploaded to the specified FTP/TFTP server, but fails to download
FFDC log from FTP/TFTP server.

0x77 119 Failed to get FFDC log.

Table 182. OneCLI raid-related return codes

Return code Decimal base Description

0x7D 125 Ensure that the command of RAID configuration runs on the ThinkSystem server
with the latest XCC firmware version.
0x7C 124 The target device does not exist.

0x7B 123 RAID config has no config to save.

0x7A 122 RAID config ini file error.

0x79 121 RAID config fails to operate.

0x78 120 There are no volumes. Add volumes at first.

0x77 119 The operation fails on some targets.

0x76 118 There are no controllers.

0x75 117 The operation fails on all targets.

0x74 116 RAID config does not support this command on M.2 SSD.

0x73 115 There are no disks of the target device.

0x72 114 Disk state error.

0x71 113 Current system does not support Intel RSTe software RAID.

0x70 112 There are no containers.

Table 183. OneCLI diags-related return codes

Return code Decimal base Description

0x34 52 Failed to trigger diagnostic.

0x35 53 Failed to get status of diagnostic.

0x36 54 Failed to get result of diagnostic.

Table 184. OneCLI FoD-related return codes

Return code Decimal base Description

0x7D 125 FoD key file is not valid.

0x7C 124 Specified machine type or serial number is not valid.

0x7B 123 FoD key file is not found.

0x7A 122 FoD key is not found from target key repository.

0x79 121 FoD key ID is not valid.

0x78 120 Active key exists in KMS Web site.

Chapter 15. Troubleshooting and support 201

Table 184. OneCLI FoD-related return codes (continued)

Return code Decimal base Description

0x77 119 Authentication code does not exist.

0x76 118 Unique identifier is not valid.

0x75 117 Failed to Install the FoD key.

0x74 116 Failed to uninstall the FoD key.

0x73 115 Failed to export the FoD key.

0x72 114 Failed to report the FoD key.

0x71 113 Failed to get current tier.

0x70 112 Failed to execute command.

0x6F 111 The command is not supported on current system.

0x6E 110 Unable to find the processor specified by 'socketid' on current system.

0x6D 109 Failed to export the status report.

0x6C 108 The FoD SDSi is not supported on current system.

0x6B 107 Failed to get PPIN.

0x6A 106 The FoD SDSi is only supported with redfish interface.

0x69 105 The FoD SDSi dose not exist on current system.

0x68 104 The FoD SDSi specified by the socketid command does not exist on current
system.

0x67 103 The FoD installed is not supported when specifying directory of parameter keyfile.

0x66 102 Could not find the match key from specified folder.

0x65 101 Failed to export part of keys from target system.

0x64 100 The key does not support the uninstall and the export commands.

0x63 99 The KMS website reports failure.

0x62 98 Failed to operate file.

0x61 97 Failed to generate the FoD key from KMS website.

0x60 96 The specified FoD key does not exist in the current system.

Table 185. Mapping table of return codes between OneCLI V2.3.0 and OneCLI V2.4.0

V2.3.0 V2.4.0
Return code/ Description Return code/ Description

decimal base decimal base

0x00/0 Success. 0x00/0 Success.
0x01/1 Invalid command. 0x04/4 Invalid command.
0x02/2 Generic failure. 0x01/1 Generic failure.
0x03/3 XML file is missing. 0x06/6 Local file does not exist.

0x04/4 Restart OS Failure. 0x17/23 Failed to restart host system.

202 Lenovo XClarity Essentials OneCLI User Guide

Table 185. Mapping table of return codes between OneCLI V2.3.0 and OneCLI V2.4.0 (continued)

V2.3.0 V2.4.0
Return code/ Description Return code/ Description

decimal base decimal base

0x05/5 Failed to connect. 0x0D/13 Failed to connect.
0x06/6 Platform error. 0x19/25 Function not supported on target
system.

0x07/7 Input xml file format error. 0x07/7 The file is not valid.

0x08/8 OPEN DLL FAILURE. 0x11/17 Internal error.

0x09/9 GET NULL POINTER. 0x11/17 Internal error.
0x0A/10 NO INTERFACE FOUND. 0x11/17 Internal error.
0x0B/11 RETURN INVALID RESULT. 0x11/17 Internal error.
0x0C/12 Unknown exception. 0x01/1 Generic failure.

0x0D/13 Invalid parameter. 0x05/5 Invalid parameter.

0x0E/14 Local file does not exist. 0x06/6 Local file does not exist.
0x0F/15 Failed to create directory. 0x08/8 Failed to create directory.

0x10/16 Failed to read or write file. 0x09/9 Failed to open file.

0x11/17 Ping BMC failed. 0x0E/14 Ping failed.

0x12/18 Fail to get XCC account through KCS. 0x13/19 Fail to get XCC account through KCS.

0x13/19 • BMC Lan Over USB device driver is
not detected (for windows).
• Miss some tools, such as: lsusb,
lsmod, and modprobe (for linux).
0x1A/26 • LAN-over-USB device is not
detected. Make sure that RNDIS is
correctly installed (for windows).
• LAN-over-USB device is not
detected. Make sure that following
tools are installed: lsusb, lsmod, and
modprobe (for linux).

0x14/20 No package needs update. 0x6E/110 No package needs update.

0x15/21 Users are running on a blue system. Do 0x14/20 Users are running on a blue system. Do
not use proxy uxspi in onecli extract not use proxy uxspi in onecli extract
path when set the executable binary of path when set the executable binary of
UXSPI path in global.config. UXSPI path in global.config.

0x16/22 Authentication with BMC failed. 0x0C/12 Authentication failed.

0x17/23 Authentication failed by FTP server. 0x0C/12 Authentication failed.

0x18/24 Fail to create directory or put file in FTP 0x0F/15 Upload failed.
server: No such file or directory, or
permission denied for the specified
user name.
0x19/25 LXCE has no enable permission. Enable 0x15/21 LAN-over-USB device is disabled on
BMC Lan Over USB device manually. BMC side. Enable it manually.

0x1A/26 Fail to upload data to specified FTP 0x0F/15 Upload failed.

server.
0x1B/27 Fail to connect through IPMI. 0x0D/13 Failed to connect.

0x1C/28 Ping CMM failed. 0x0E/14 Ping failed.

Chapter 15. Troubleshooting and support 203

Table 185. Mapping table of return codes between OneCLI V2.3.0 and OneCLI V2.4.0 (continued)

V2.3.0 V2.4.0
Return code/ Description Return code/ Description

decimal base decimal base

0x1D/29 Fail to get driver information. 0x01/1 Generic failure.

0x1E/30 Fail to get machine type. 0x01/1 Generic failure.

0x1F/31 Fail to get firmware information. 0x01/1 Generic failure.

0x20/32 Fail to read inventory XML. 0x0A/10 Failed to read file.

0x21/33 Fail to write inventory XML. 0x0B/11 Failed to write file.

0x22/34 Fail to write inventory HTML. 0x0B/11 Failed to write file.

0x23/35 UXSP xml do not exist. Check the 0x06/6 Local file does not exist.
UXSP package.

0x24/36 Time-out. 0x12/18 Time-out.

0x60/96 Failed to run the command. 0x01/1 Generic failure.
0x61/97 Failed to get information. 0x7D/125 Failed to get information.

0x62/98 Failed to set the setting items. 0x7C/124 Failed to set the setting items.

0x63/99 Failed to open the file. 0x09/9 Failed to open file.

0x64/100 Failed to read the file. 0x0A/10 Failed to read file.

0x65/101 Failed to write the file. 0x0B/11 Failed to write file.
0x66/102 Failed to generate/export/import/delete 0x7B/123 Failed to generate/export/import/delete
certification. certification.
0x67/103 Failed to reconnect to BMC after the 0x7A/122 Failed to reconnect to BMC after the
command is executed successfully. command is executed successfully.
Users could try another method to Users could try another method to
check the result. check the result.
0x68/104 One or more commands are not valid in 0x79/121 One or more commands are not valid in
the batch file. the batch file.
0x69/105 Failed to show the instance setting. The 0x78/120 Failed to show the instance setting. The
instance should be created at first. instance should be created at first.
0x6A/106 Invalid value for set command. 0x77/119 Invalid value for set command.
0x40/64 Update error: Acquire command failed. 0x01/1 Generic failure.

0x41/65 Update error: Scan command failed. 0x01/1 Generic failure.

0x42/66 Update error: Query command failed. 0x01/1 Generic failure.

0x43/67 Update error: Compare command 0x01/1 Generic failure.

failed.
0x44/68 Update error: Flash command failed. 0x01/1 Generic failure.

0x45/69 Update error: File related error 0x0B/11 Failed to write file.
occurred, see log/xml for more
information.
0x46/70 Update error: CIM service fails. See log/ 0x01/1 Generic failure.
xml for more information.

204 Lenovo XClarity Essentials OneCLI User Guide

Table 185. Mapping table of return codes between OneCLI V2.3.0 and OneCLI V2.4.0 (continued)

V2.3.0 V2.4.0
Return code/ Description Return code/ Description

decimal base decimal base

0x47/71 Update error: There is something wrong 0x78/120 Update error: There is something wrong
with the device. See log/xml for more with the device. See log/xml for more
information. information.
0x48/72 Update error: Failed to generate 0x0B/11 Failed to write file.
common_result.xml.
0x49/73 Could not get OS type using scan 0x6F/111 Failed to get OS type.
command.
0x4A/74 Invalid/unsupported machine type. 0x68/104 No applicable update available on the
repository for specified machine-type/
OS.
0x4B/75 Invalid/unsupported OS. 0x70/112 Current Operating System is not
supported.

0x4C/76 Authentication failed, unable to validate 0x0C/12 Authentication failed.

userid/password.

0x4D/77 Update error: Flash finished running,
however multiple packages failed to be
flashed. Check flash status xml for
more information.
0x4E/78 Users are running on an IBM system.
Make sure that UXSPI_PATH is set
correctly to the executable binary of
UXSPI in global.config.
0x0B/11 Failed to write file.
0x72/114 Users are running on an IBM system.
Make sure that UXSPI_PATH is set
correctly to the executable binary of
UXSPI in global.config.

0x4F/79 Users are running on an IBM system. 0x6D/109 Users are running against an IBM
But the current command is not system, but the current command is
supported in UXSPI. not supported.

0x50/80 Update blue not supported. 0x6D/109 Users are running against an IBM
system, but the current command is
not supported.

0x51/81 UXSPI does not run successfully, to 0x11/17 Internal error.

trace error, see log relate to UXSPI.

0x52/82 Update module was not able to write to 0x0B/11 Failed to write file.
XML file.
0x53/83 Update flash module failure: failed to 0x01/1 Generic failure.
run flash with ESXi. See log/xml for
more detail information.
0x54/84 Update flash module failure: failed to 0x01/1 Generic failure.
run flash with IOSwitch. See log/xml for
more detail information.
0x55/85 Update flash module failure: failed to 0x01/1 Generic failure.
run flash with CMM Update. See log/
xml for more detail information.
0x56/86 Update flash module failure: failed to 0x01/1 Generic failure.
run flash with OOB. See log/xml for
more detail information.

Chapter 15. Troubleshooting and support 205

Table 185. Mapping table of return codes between OneCLI V2.3.0 and OneCLI V2.4.0 (continued)

V2.3.0 V2.4.0
Return code/ Description Return code/ Description

decimal base decimal base

0x57/87 Update flash module failure: Error 0x01/1 Generic failure.
occurred when running xFirmware for
in-band flash.
0x58/88 Update flash module failure: Error 0x01/1 Generic failure.
occurred when running Option Update
for in-band flash.
0x5A/90 Update flash failure: Error payload file 0x07/7 Local file does not exist. (dynamic
does not exist. message)

0x5B/91 Update flash failure: Error backup does 0x6C/108 Backup bank does not exist.
not support.

0x5C/92 The BMC default internal IP conflicts 0x16/22 The BMC default internal IP conflicts
with external machine. Correct the with external machine. Correct the
problem, and try again. problem, and try again.

0x5E/94 Update flash failure: current BMC does 0x7B/123 Current BMC version does not support
not support internal SFTP for this case. this package. Upgrade BMC to the
latest version, and try again.

0x5F/95 Update application fails to run. 0x01/1 Generic failure.

0xD0/208 Download SMM FFDC error: setup 0x7D/125 Download SMM FFDC error: setup
environment failed. environment failed.
0xD1/209 Download SMM FFDC error: start 0x7C/124 Download SMM FFDC error: start
dump failed. dump failed.

0xD2/210 Download SMM FFDC error: query 0x7B/123 Download SMM FFDC error: query
failed. failed.
0xD3/211 Download SMM FFDC error: tar ffdc 0x7A/1222 Download SMM FFDC error: tar ffdc
files failed. files failed.
0xD4/212 Download SMM FFDC error: upload 0x0F/15 Upload failed.
path does not exist.

0xD5/213 Download SMM FFDC error: upload 0x0F/15 Upload failed.

failed.
0xD6/214 Download SMM FFDC error: tftp server 0x79/121 Download SMM FFDC error: tftp server
is not found. is not found.
0xD7/215 Download SMM FFDC error: time-out. 0x12/18 Time-out.
0xD8/216 Download SMM FFDC error: unknown 0x01/1 Generic failure.
error.
0xD9/217 FFDC log is uploaded to the specified 0x78/120 FFDC log is uploaded to the specified
FTP/TFTP server, but fails to download FTP/TFTP server, but fails to download
FFDC log from FTP/TFTP server. FFDC log from FTP/TFTP server.

0xDA/218 Failed to get FFDC log. 0x77/119 Failed to get FFDC log.

0xB0/176 Raid config fails to operate. 0x7D/125 Raid config fails to operate.

0xB1/177 Raid config ini file error. 0x7C/124 Raid config ini file error.

0xB2/178 Raid config has no config to operate. 0x7B/123 Raid config has no config to operate.

206 Lenovo XClarity Essentials OneCLI User Guide

Table 185. Mapping table of return codes between OneCLI V2.3.0 and OneCLI V2.4.0 (continued)

V2.3.0 V2.4.0
Return code/ Description Return code/ Description

decimal base decimal base

0xB3/179 Raid config does not need make good. 0x7A/122 Raid config does not need make good.

0xB4/180 Raid config does not need make jbod. 0x79/121 Raid config does not need make jbod.

0x34/52 Fail to trigger diags. 0x7D/18 Fail to trigger diags.

0x35/53 Fail to get status of diags. 0x7C/124 Fail to get status of diags.

0x36/54 Fail to get result file. 0x7B/123 Fail to get result file.

0x37/55 Diagnostics time-out. 0x12/18 Time-out.

0x80/128 Failed to run the command. 0x01/1 Generic failure.

0x81/129 The FoD key file is not valid. 0x7D/125 The FoD key file is not valid.

0x82/130 Specified machine type or serial 0x7C/124 Specified machine type or serial
number is not valid. number is not valid.
0x83/131 The FoD key file is not found. 0x7B/123 The FoD key file is not found.

0x84/132 Authentication failed. 0x0C/12 Authentication failed.

0x85/133 The FoD key is not found from target 0x7A/122 The FoD key is not found from target
key repository. key repository.

0x86/134 The FoD key ID is not valid. 0x79/121 The FoD key ID is not valid.

0x87/135 Active key exists in KMS Web site. 0x78/120 Active key exists in KMS Web site.

0x88/136 Authentication code does not exist. 0x77/119 Authentication code does not exist.
0x89/137 Unique identifier is not valid. 0x76/118 Unique identifier is not valid.

0x8A/138 Failed to install the FoD key. 0x75/117 Failed to Install the FoD key.

0x8B/139 Failed to uninstall the FoD key. 0x74/116 Failed to export the FoD key.

0x8C/140 Failed to export the FoD key. 0x73/115 Fail to export the FoD key.

0x8D/141 Failed to report the FoD key. 0x72/114 Failed to report the FoD key.

0x8E/142 Failed to get current tier. 0x71/113 Failed to get current tier.

0xA0/160 MODULEMANAGER_ERROR Deprecated

0xA1/161 MODULEMANAGER_NO_NEWER_ Deprecated

UPDATE
0xA2/162 MODULEMANAGER_XML_PARSE_ Deprecated
ERROR
0xA3/163 MODULEMANAGER_DOWNLOAD_ Deprecated
ERROR
0xA4/164 MODULEMANAGER_INCOMPATIBLE_ Deprecated
ERROR
0xA5/165 MODULEMANAGER_COPY_ERROR Deprecated

0xDD/221 Switch does not support EHCM or the 0x76/118 Switch does not support EHCM or the
CMM build is not supported to check CMM build is not supported to check
EHCM. EHCM.

Chapter 15. Troubleshooting and support 207

Table 185. Mapping table of return codes between OneCLI V2.3.0 and OneCLI V2.4.0 (continued)

V2.3.0 V2.4.0
Return code/ Description Return code/ Description

decimal base decimal base

0xDE/222 Check EHCM time-out because the 0x12/18 Time-out.
EHCMState is busy or setting up.

0xDF/223 Reseat failed. 0x01/1 Generic failure.

208 Lenovo XClarity Essentials OneCLI User Guide

Appendix A. Accessibility features for OneCLI
Accessibility features help users who have a disability, such as restricted mobility or limited vision, to use
information technology products.

Lenovo and accessibility

See the Lenovo Accessibility Web site for more information about the commitment that Lenovo has to
accessibility.

Accessibility
The following list includes the major accessibility features in Lenovo XClarity Essentials OneCLI:
• Can be operated using only the keyboard
• Communicates all information independent of color
• Supports the attachment of alternate output devices
• Provides online documentation in an accessible format

Keyboard navigation
This product uses standard Microsoft Windows navigation keys.

The command line interface (CLI) is controlled by the keyboard.

Linux Windows Action

Ctrl+C Ctrl+C Stop the running OneCLI.

© Copyright Lenovo 2018, 2024 209

210 Lenovo XClarity Essentials OneCLI User Guide
Appendix B. Examples of OneCLI commands on SR635/SR655
This section provides the general format and examples of OneCLI commands on SR635/SR655.

General format of the inventory command (in-band mode)

OneCLI inventory getinfor --htmlreport

General format of the ffdc command (out-of-band mode)

OneCLI ffdc --bmc USERID:PASSW0RD@bmchost

General format of the update command

OneCLI update flash --bmc USERID:PASSW0RD@bmchost
OneCLI update flash

General format of the batch update command (out-of-band mode)

OneCLI update multiflash --configfile multi_task.json

Note: When running OneCLI on Windows OS in in-band mode, the AMI RNDIS device driver should be
installed manually.

Commands and examples for BIOS (UEFI) and BMC settings

• Commands:
– BIOS (UEFI) settings: show, showvalues, showdefault, showdes, set, save, batch, restore, replicate
– BMC settings: show, set, save, batch
• Examples:
– BIOS (UEFI) settings:
OneCLI config show Bios
OneCLI config show “Bios.Q00001 Boot Mode” --bmc USERID:PASSW0RD@bmchost
OneCLI config set “Bios.Q00001 Boot Mode” “UEFI only” --bmc USERID:PASSW0RD@bmchost
OneCLI config save --file sr635_bios.txt
– BMC settings:
OneCLI config show BMC --bmc USERID:PASSW0RD@bmchost
OneCLI config set BMC.Network1 true
OneCLI config batch --file batch.txt
The content of the batch.txt file includes:
set BMC.DHCP1 false
set BMC. HostIPAddress1 “xx.xx.xx.xx”
set BMC.HostIPSubnet1 “xx.xx.xx.xx”
set BMC.GatewayIPAddress1 “xx.xx.xx.xx”

© Copyright Lenovo 2018, 2024 211

212 Lenovo XClarity Essentials OneCLI User Guide
Appendix C. OneCLI features supported on the ThinkServer/
WenTian servers
This section provides the supported OneCLI features and specific limitations for the ThinkServer/WenTian
servers.

Supported features
In-band and out-of-band features:

Features Reference
Collect FFDC. “ffdc command” on page 90

Collect inventory. Chapter 6 “Inventory” on page 57

Collect service data from BMC. “servicedata command” on page 141

Collect system health status. “syshealth command” on page 145

Configure BIOS/BMC settings. Chapter 4 “Configuration” on page 17

Configure RAID. “raid command” on page 117

Encrypt data. “encrypt command” on page 89

Manage BMC password. “bmcpassword command” on page 87

Manage BMC reboot. “rebootbmc command” on page 134

Manage the LED status of hard disk drive. “hddlocate command” on page 93.

Manage OS power. “ospower command” on page 113

Manage system logs. “logmgr commands” on page 95

Manage virtual media. “vm commands” on page 147

Perform diagnostics. Chapter 9 “Diagnostics” on page 149

Update the firmware. Chapter 7 “Update” on page 63

Use TUI mode for OneCLI command. Chapter 10 “tui” on page 151

In-band features:

Features Reference
Manage USB LAN. “usblan command” on page 146

Multiple systems management features:

Features Reference
Collect FFDC logs from multiple BMC. “multiffdc command” on page 97

List, mount, or umount virtual media on multiple BMC. “multivm commands” on page 112

Manage firmware update on multiple BMC. “multiflash command” on page 80

Manage password on multiple BMC. “multibmcpassword command” on page 97.

© Copyright Lenovo 2018, 2024 213

 Features Reference
Manage power on multiple servers. “multiospower commands” on page 108

Manage service data on multiple BMC. “multiservicedata command” on page 110.

Obtain the BMC FFDC logs from multiple servers. “multiffdc command” on page 97

Obtain service data information from multiple BMC. “multiservicedata command” on page 110

Remotely change password of BMC accounts for multiple systems in “multibmcpassword command” on page 97
the first login or the password expiration scenarios.

Remotely collect system health information for multiple systems. “multisyshealth command” on page 111

Remotely create, clear, and save the RAID configuration for multiple “multiraid command” on page 101
systems.

Remotely show or change the system configuration for multiple Chapter 5 “Multiple configuration” on page 51
servers.
Remotely upgrade the firmware of multiple servers. “multiflash command” on page 80

Turn on, turn off and restart the server, and obtain the server power “multiospower commands” on page 108
state.

Limitations
The hddlocate command is not supported in the DN8848 V2 server.
When running OneCLI raid commands in out-of-band mode (for example, add or delete a RAID array),
it is recommended to wait 30-60s until BMC update the data in the back end. Then OneCLI will retrieve
the latest results by using OneCLI raid show command.
For the multiple virtual media instances (for example, CD1, CD2) that can be enabled on the
ThinkServer servers, OneCLI will mount the image to the first available virtual media in ascending
order of the index.
When running OneCLI on Windows OS in in-band mode, the AMI RNDIS device driver should be
installed manually. This driver is supported in the ThinkServer/WenTian servers. For more information,
refer to https://datacentersupport.lenovo.com/cn/zc/products/servers/thinkserver/sr590v2-china-only/
7d53/downloads/driver-list/.
For the ThinkServer/WenTian servers, OneCLI doesn’t support the following:
• ESXi related functions
• BMC firmware level downgrade
OneCLI preserves the configuration settings when updating the BMC firmware level on the
ThinkServer SR590 V2/SR660 V2/DN8848 V2 servers. Users can upgrade the BMC firmware in BMC
web without preserving configuration settings.
OneCLI preserves the configuration settings when upgrading the BMC firmware level. However, this
feature is not supported in the following BMC versions:
• ThinkServer SR590 V2: BMC version is 5.34 and earlier.
• ThinkServer SR660 V2: BMC version is 5.49 and earlier.
• ThinkServer DN8848 V2: BMC version is 5.14 and earlier.
In this case, users should upgrade the BMC firmware on BMC web interface without preserving
configuration settings.
If the HTTPS server is used for the firmware update, OneCLI only supports the self-signed certificate,
and both read and write permissions are required. If the FTP server is used for storing the payload
files for the firmware update, the read, write, and delete permissions are required.

214 Lenovo XClarity Essentials OneCLI User Guide

OneCLI (in-band mode) connects to BMC when USB LAN is enabled, but USB LAN will be disabled
when the remote console is turned off. Therefore, if user turns on/off the remote console when
running OneCLI, OneCLI in-band commands might not work properly.

Appendix C. OneCLI features supported on the ThinkServer/WenTian servers 215

216 Lenovo XClarity Essentials OneCLI User Guide
Appendix D. OneCLI global configuration file
The configuration items of OneCLI are listed in the global.config file in INI format. For more information, refer
to the global.config file in OneCLI binary.

Note: When using global.config in the executable version of OneCLI, the --config parameter should be used
for specifying the absolute path.

The configuration items varied depending on OneCLI versions. Following is the example:

# XClarity Essentials OneCLI consolidates ToolsCenter 1.x tools, i.e. UXSPI for update, DSA for inventory,
# ASU for configuration
# To point XClarity Essentials OneCLI to old ToolsCenter 1.x version to help manage old MTM using proxy tools
# that come with XClarity Essentials OneCLI
# Users can change the following three config items
# Example for Windows:
# To set UXSPI path, users can change the value of "UXSPI_PATH" from "NONE" to the absolute path to where
#users put the UXSPI executable file prepared separately
# Do not set the path to the proxy tool "uxspi.exe" inside XClarity Essentials OneCLI
# UXSPI_PATH=C:\lnvgy_utl_uxspi_10.1_winsrvr_32-64.exe
UXSPI_PATH=NONE
# To set DSA path, users can change the value of "DSA_PATH" from "NONE" to the absolute path to where users
# put the DSA executable file prepared separately
# Do not set the path to the proxy tool "dsa.exe" inside XClarity Essentials OneCLI
# DSA_PATH=C:\lnvgy_utl_dsa_dsala5q-10.1_portable_windows_x86-64.exe
DSA_PATH=NONE
# To set ASU path, users should first extract "asu.exe" out of the official ASU executable wrapper
# (e.g, lnvgy_utl_asu_asut90e-10.1_windows_x86-64.exe), then, change the value of "ASU_PATH" from "NONE"
# to the absolute path to where users put "asu.exe" extracted above
# Do not set the path to the proxy tool inside XClarity Essentials OneCLI
# default value is "NONE"
# ASU_PATH=C:\asu\asu64.exe
ASU_PATH=NONE
# Set the number of Windows log entries OneCLI inventory collect. It could be an integer, or "All".
ONECLI_EVENTLOG_MAX=4096

© Copyright Lenovo 2018, 2024 217

218 Lenovo XClarity Essentials OneCLI User Guide
Appendix E. Notices
Lenovo may not offer the products, services, or features discussed in this document in all countries. Consult
your local Lenovo representative for information about the products and services currently available in your
area.

Any reference to a Lenovo product, program, or service is not intended to state or imply that only that
Lenovo product, program, or service may be used. Any functionally equivalent product, program, or service
that does not infringe any Lenovo intellectual property right may be used instead. However, it is the
responsibility of user to evaluate and verify the operation of any other product, program, or service.

Lenovo may have patents or pending patent applications covering subject matter described in this
document. The furnishing of this document does not give you any license to these patents. You can send
license inquiries, in writing, to:
Lenovo (United States), Inc.
8001 Development Drive
Morrisville, NC 27560
U.S.A.
Attention: Lenovo Director of Licensing

LENOVO PROVIDES THIS PUBLICATION “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT,
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow
disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to
you.

This information could include technical inaccuracies or typographical errors. Changes are periodically made
to the information; these changes will be incorporated in new editions of the publication. Lenovo may
improve or change the products and the programs described in this publication at any time without notice.

The products described in this document are not intended for use in implantation or other life support
applications where malfunction may result in injury or death to persons. The information contained in this
document does not affect or change Lenovo product specifications or warranties. Nothing in this document
shall operate as an express or implied license or indemnity under the intellectual property rights of Lenovo or
third parties. All information contained in this document was obtained in specific environments and is
presented as an illustration. The result obtained in other operating environments may vary.

Lenovo may use or distribute any of the information you supply in any way it believes appropriate without
incurring any obligation to you.

Any references in this publication to non-Lenovo Web sites are provided for convenience only and do not in
any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the
materials for this Lenovo product, and use of those Web sites is at your own risk.

Any performance data contained are determined in a controlled environment. Therefore, the result obtained
in other operating environments may vary significantly. Some measurements may have been made on
development-level systems and there is no guarantee that these measurements will be the same on generally
available systems. Furthermore, some measurements may have been estimated through extrapolation.
Actual results may vary. Users of this document should verify the applicable data for their specific
environment.

© Copyright Lenovo 2018, 2024 219

Trademarks
LENOVO, FLEX SYSTEM, SYSTEM X, and NEXTSCALE SYSTEM are trademarks of Lenovo. Intel and Intel
Xeon are trademarks of Intel Corporation in the United States, other countries, or both. Internet Explorer,
Microsoft, and Windows are trademarks of the Microsoft group of companies. Linux is a registered
trademark of Linus Torvalds. All other trademarks are the property of their respective owners.© 2023 Lenovo.

Important notes
Processor speed indicates the internal clock speed of the microprocessor; other factors also affect
application performance.

When referring to processor storage, real and virtual storage, or channel volume, KB stands for 1 024 bytes,
MB stands for 1 048 576 bytes, and GB stands for 1 073 741 824 bytes.

When referring to hard disk drive capacity or communications volume, MB stands for 1 000 000 bytes, and
GB stands for 1 000 000 000 bytes. Total user-accessible capacity can vary depending on operating
environments.

Lenovo makes no representations or warranties with respect to non-Lenovo products. Support (if any) for the
non-Lenovo products is provided by the third party, not Lenovo.

Some software might differ from its retail version (if available) and might not include user manuals or all
program functionality.

220 Lenovo XClarity Essentials OneCLI User Guide

Index
A E
accessibility export 158
features 209 export command 44, 158
keyboard 209 exportreport 159
acquire command 64, 153, 164 exportreport command 159
advanced memory test 171
all 115
assert 138
ASU proxy tool 181 F
auto-completion 169
firmware, multiple BMC 172
flash command 73
formatlog command 57
B fpusb commands, set, view 92

batch command 37, 51

boottosetup 108
G
generate 155
C generate command 45, 155
generate, acquire, install 153, 164
certificate management 41 get 156
cim 115 get command 156
clear command 95 get, save 157
clear password 169 getdevices command 58
clearsnapshot command 144 getinfor command 59, 99
compare command 22, 68
comparedefault command 23
comparepending command 24
config, batch 37 H
config, compare 22
Hardware and software requirements 5
config, comparedefault 23
hostinterface command 94
config, comparepending 24
config, createuuid 31
config, delete 32
config, deletecert 44
config, export 44
I
config, generate 45 import command 49
config, import 49 important notes 220
config, loaddefault 33 install 160, 165
config, nodes 30 install command 160, 165
config, replicate 38 interactive mode 21
config, restore 39 inventory 57
config, save 40 inventory, formatlog 57
config, set 34 inventory, getdevices 58
config, show 24 inventory, getinfor 59
config, showdefault 27 inventory, upload 60
config, showdes 25 ipmikcs 116
config, showgroups 28 ipmilan 116
config, showvalues 29
config, template.xml file 46
Configuration 17
configuration file 217 K
configuration setting 17 known limitations 189
configuration settings, displaying 19
create, clear, save, check 117
createuuid command 31
L
loaddefault command 33
D logmgr command 95
deassert 139
delete command 32
deletecert command 44
diagnostics, run command 149
M
diags command, run, diagnosticsprogram 149 misc 85
disability 209 misc, logmgr 95
DSA proxy tool 183 misc, ospower 113

© Copyright Lenovo 2018, 2024 221

misc, usblan 146
multicompare, compare, BMC
multiconfig 51
multiconfig, batch 51
multiconfig, replicate 52
multiconfig, restore 52
multiconfig, set 53
multiconfig, show 54
multiinventory command 99
multiospower 108
multiscan, scan, BMC 81
N status command 93
nodes command 30
notes, important 220
notices 219
O system configuration, change or set 31
operating systems, supported
ospower command 113
overview, technical 1
P the FoD key 153
portctrl command 114
problem solving 189
R
rdmount 167
rdmount command 167
rdumount 167
rdumount command 168
reboot 109
rebootbmc command for BMC 134
rebootcmm command for CMM 135
rebootiom command for IOM 135
replace 156
replace command 156
replicate command 38, 52
report 161
report command 161
requirements
software 7
reseatblade command 136
reseatcmm command 137
restore command 39, 52
restorebmu command 137
return codes 196
rpp 138
S virtual disk mount 167
save command 40
scan command 82
Secure data deletion 173
serase command 140
server options 7
servicedata 141
servicelog 141
set command 34, 53, 92
222 Lenovo XClarity Essentials OneCLI User Guide
show command 24, 54
79 showdefault command 27
showdes command 25
showgroups command 28
showppin 162
showppin command 162
showvalues command 29
smartdata command 142
smmlan command 143
software
requirements 7
solving problems 189
state 109
status 139
supported hardware 5
supported operating systems 7
supported server models 5
switchcmm command 144
sysguard command 144
syshealth command 145
system configuration, save, replicate, and restore 35
7
T
template.xml file 46
trademarks 220
troubleshooting 189
turnoff 110
turnon 110
U
uninstall 163
uninstall command 163
update 63
update, acquire 64
update, compare 68
update, flash 73
update, rebootbmc command for BMC 134
update, rebootcmm command for CMM 135
update, rebootiom command for IOM 135
update, scan 82
upgrade, specify, BMC 77
upgrade, specify, BMC/SMM 80
upload command 60
uploadreport command 157
usblan command 146
using OneCLI for Linux 12
using OneCLI for Windows 11
UXSPi proxy tool 184
V
virtual disk unmount 168
vm command 147
W
Web resources xi