Managing HPE BIOS resources
NOTE
It is possible that some properties or resources described in this section are not implemented in iLO 4 and iLO 5.
This section presents the HPE specific Bios resources (attributes and OEM resources) implemented in HPE iLO based servers. Refer to the BIOS data model section for a generic overview of the standard Redfish Bios data model.
The HPE Bios subsystem contains two families of elements:
-
A set of
attributes
located under the
/redfish/v1/Systems/{item}/Bios
standard URI, and described in the Bios registry section. -
Sets of
OEM Bios resources
described in proprietary schemas
(i.e.
HpeTlsConfig
)
The URIs of the HPE OEM Bios resources can be retrieved from
/redfish/v1/Systems/{item}/Bios/Oem/Hpe
as shown in the next
example.
NOTE
HPE OEM Bios resource links have been moved from /redfish/v1/Systems/1/Bios
in Gen10 servers to /redfish/v1/Systems/1/Oem/Hpe
in Gen10 Plus and
Gen11 servers.
Refer to the following example for a generic method to retrieve them,
regardless the server generation.
GET /redfish/v1/systems/1/bios/?$select=Oem/Hpe/Links
# The following request retrieves Bios related URIs
# using a recursive jq request, ignoring errors
# and 'null' responses
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest rawget --silent \
'/redfish/v1/systems/1/bios/?$select=Oem/Hpe/Links' | \
jq -r '..|."@odata.id"?' | grep -v null
ilorest logout
# The following request retrieves Bios related URIs
# using a recursive jq request, ignoring errors
# and 'null' responses
curl --silent --insecure -u <ilo-user>:password \
'https://<ilo-ip>/redfish/v1/systems/1/bios/?$select=Oem/Hpe/Links' | \
jq -r '..|."@odata.id"?' \
| grep -v null
/redfish/v1/systems/1/bios/
/redfish/v1/systems/1/bios/baseconfigs/
/redfish/v1/systems/1/bios/boot/
/redfish/v1/systems/1/bios/kmsconfig/
/redfish/v1/systems/1/bios/mappings/
/redfish/v1/systems/1/bios/serverconfiglock/
/redfish/v1/systems/1/bios/tlsconfig/
/redfish/v1/systems/1/bios/iscsi/
/redfish/v1/systems/1/bios/
/redfish/v1/systems/1/bios/oem/hpe/baseconfigs/
/redfish/v1/systems/1/bios/oem/hpe/boot/
/redfish/v1/systems/1/bios/oem/hpe/kmsconfig/
/redfish/v1/systems/1/bios/oem/hpe/mappings/
/redfish/v1/systems/1/bios/oem/hpe/serverconfiglock/
/redfish/v1/systems/1/bios/oem/hpe/tlsconfig/
/redfish/v1/systems/1/bios/oem/hpe/iscsi/
NOTE
The HPE service Bios extension is dedicated to HPE field service employees, and should not be accessed programmatically by Redfish clients.
The HPE service Bios extension URI is not mentioned
explicitly under the Bios Oem/Hpe
extension on purpose.
However, like other HPE Bios extensions,
it is located at /redfish/v1/Systems/1/Bios/Oem/Hpe/Service
in Gen10 Plus and Gen11 servers and at /redfish/v1/Systems/1/Bios/Service
in
Gen10 servers.
RESTful API BIOS Schemas/Registries
As explained in the
Bios attribute registry overview
paragraph, the Bios registry file URI of a live system can be easily located
under /redfish/v1/Registries
. This file is specific to the platform model
and the Bios/ROM version loaded in the server. For example, if you follow the
BiosAttributeRegistryA55.v1_1_62
URI, you will find
the Bios attributes and registries for a DL365 Gen11 (A55) with ROM version 1.1.62.
If you want to know precisely the property and attribute differences between two Bios/ROM versions of a specific platform, you can download the corresponding Schemas/Registries from the HPE Support Center. Then, you will have to unzip the downloaded files and compare them manually using your favorite JSON editor.
HPE provides RESTful API BIOS Schemas/Registries via the HPE Support Center. These are static files and meant as references. They are not meant to be "installed". After downloading, you will need to unzip the file. The resulting files are useful for:
- Comparing BIOS attribute differences between two BIOS/ROM versions of a platform.
- Analyzing BIOS attributes for their factory default values on a platform.
- Helping to create a Redfish mockup like the one the DMTF provides .
NOTE
HPE RESTful API BIOS Schemas/Registries are not intended to be installed anywhere in servers, iLOs or iLOrest configuration file.They are NOT ROM Flash Universal Firmware Packages.
ROM Flash Universal Firmware Packages should be installed from Software Support Packs
(SPP)
or downloaded as .fwpkg
files from the HPE Support Center.
Reinitializing secure boot databases
After upgrading or downgrading HPE iLO, first reboot the server. After reboot, the BIOS rebuilds the secure boot databases. If you do not reboot the server for certain conditions, BIOS and HPE iLO secure boot databases do not synchronize.
Reboot the server only under the following conditions:
- HPE iLO upgrade: The source version is HPE iLO 6 1.61 or earlier, and the target version is HPE iLO 6 1.62 or later.
- HPE iLO downgrade: The source version is HPE iLO 6 1.62 or later, and the target version is HPE iLO 6 1.61 or earlier.
The length of the certificate string is 3072 bytes. The BIOS can delete certificates and signatures from the default secure boot databases stored in HPE iLO.
NOTE
The maximum length of certificates is 3 KiB.
Synchronize data with HPE iLO and BIOS
The BIOS or UEFI variable stores the secure boot databases. The OS, ROM-Based Setup Utility setting (RBSU), or Redfish API can modify the databases. To maintain consistency, the BIOS synchronizes the data with HPE iLO. The BIOS can identify the certificate or signature that must synchronize with HPE iLO. When a certificate or signature is not added to Redfish API or deleted from Redfish API, BIOS provides a POST or DELETE method to add or remove a certificate or signature from HPE iLO.
The following table lists the maximum number of certificates and signatures allowed for each of the secure boot database types:
Database Name | Number of certificates | Number of signatures |
---|---|---|
Platform Key (PK) | 1 | N/A |
PKDefault | 1 | N/A |
Key Exchange Key (KEK) | 16 | 10 |
KEKDefault | 10 | 10 |
db/dbx/dbt/dbr | 16 | N/A |
dbDefault/dbxDefault /dbtDefault /dbrDefault | 10 | 10 |
For more information about secure boot databases, refer Secure Databases paragraph.
Bios defaults
Bios attributes and OEM Bios resources present factory and user defined default values. This paragraph explains how to get and set them. The next paragraph explains how to reset them to factory and user defaults.
Default Bios attributes
The current configuration Bios attributes
URI
contains a link to a
BaseConfigs[]
array
that holds the factory attributes, and eventually, custom user defined
attributes. Default OEM Bios resources (i.e. Bios TLS) are described
in the next paragraph.
The Bios attribute list depends on the server architectures (Intel, AMD, Ampere). It may depend, as well, on the ROM version installed in the system. For these reasons, it is not possible to publish their factory default values with a long term validity. Instead, you will find below methods to retrieve them from live systems or from registries available online.
Retrieving factory Bios attributes from a live system
Factory Bios attributes and their values are located in the default
member
of the
BaseConfigs[]
array.
Bios custom user defined attributes are part of
the default.user
member of this array.
The following example retrieves factory Bios attributes from a live system using a generic GET request or iLOrest.
NOTE
The BaseConfig[]
URI is different in Gen10, Gen10 Plus and Gen11 servers.
Refer to the following example for detail.
Gen 10
GET /redfish/v1/Systems/1/Bios/BaseConfigs | jq '.BaseConfigs[] | .default'
Gen10 Plus and Gen11
GET /redfish/v1/Systems/1/Bios/Oem/Hpe/BaseConfigs | jq '.BaseConfigs[] | .default'
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest get BaseConfigs/default --json --selector=HpeBaseConfigs
ilorest logout
Saving and retrieving user defined Bios attributes
The following example sets various Bios attributes (Gen10, Gen10 Plus or Gen11)
and requests the saving in the BaseConfigs[]
array.
This modification requires a reboot of the server to be visible
in the default.user
array member.
NOTE
A PATCH request to the Bios settings URI with a body containing
"SaveUserDefaults": "Yes"
saves Bios attributes
and Service Bios attributes in the default.user
member
of their respective BaseConfigs[]
array.
Look for string "Service Bios" in this documentation section for more info concerning this HPE Bios extension.
PATCH /redfish/v1/Systems/1/Bios/Settings/
{
"Attributes": {
"AdminName": "Toto Content",
"AdminEmail": "toto.content@koulapic.com",
"AdminPhone": "+3306789012340",
"WorkloadProfile": "TransactionalApplicationProcessing",
"SaveUserDefaults": "Yes"
}
}
curl --insecure --silent --location -u <ilo-user>:passsword \
--header 'Content-Type: application/json' \
--request PATCH \
'https://<ilo-ip>/redfish/v1/Systems/1/Bios/Settings/' \
--data '{"Attributes": {
"AdminName": "Toto Content",
"AdminEmail": "toto.content@koulapic.com",
"AdminPhone": "+3306789012340",
"WorkloadProfile": "TransactionalApplicationProcessing",
"SaveUserDefaults": "Yes"
}
}'
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest select Bios.
ilorest set "AdminName=Toto Content" \
AdminEmail="toto.content@koulapic.com" \
AdminPhone="+3306789012340" \
WorkloadProfile="TransactionalApplicationProcessing" \
SaveUserDefaults=Yes
ilorest commit
ilorest reboot ForceRestart
ilorest logout
{
"error": {
"code": "iLO.0.10.ExtendedInfo",
"message": "See @Message.ExtendedInfo for more information.",
"@Message.ExtendedInfo": [
{
"MessageId": "iLO.2.25.SystemResetRequired"
}
]
}
}
The following example reads the Bios attributes BaseConfigs[]
array members from Gen10, Gen10 Plus or Gen11 systems,
that has been modified with the payload of the previous example.
It contains two members: default
and default.user
.
Refer to the Bios resets paragraph below to apply user defined attributes.
# Gen10
GET /redfish/v1/Systems/{item}/Bios/BasConfigs
# Gen 10 Plus and Gen11
GET /redfish/v1/Systems/{item}/Bios/Oem/Hpe/BaseConfigs
# Gen10
curl --include --insecure -u username:password --location \
https://{iLO6-ip}/redfish/v1/systems/1/bios/BaseConfigs/
# Gen10 Plus and Gen11
curl --include --insecure -u username:password --location \
https://{iLO-ip}/redfish/v1/systems/1/bios/Oem/Hpe/BaseConfigs/
# Gen10
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest rawget --silent /redfish/v1/systems/1/bios/BaseConfigs/
ilorest logout
# Gen10 Plus and Gen10
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest rawget --silent /redfish/v1/systems/1/bios/Oem/Hpe/BaseConfigs/
ilorest logout
{
"@odata.context": "/redfish/v1/$metadata#HpeBaseConfigs.HpeBaseConfigs",
"@odata.etag": "W/\"D3544D1E7B21CACACAB99143115A5971\"",
"@odata.id": "/redfish/v1/systems/1/bios/oem/hpe/baseconfigs/",
"@odata.type": "#HpeBaseConfigs.v2_0_0.HpeBaseConfigs",
"BaseConfigs": [
{
"default": {
"AMDPerformanceWorkloadProfile": "Disabled",
"AccessControlService": "Enabled",
"AcpiHpet": "Enabled",
"AcpiRootBridgePxm": "Enabled",
"AcpiSlit": "Enabled",
"AdminEmail": "",
"AdminName": "",
"AdminOtherInfo": "",
"AdminPhone": "",
"AdvCrashDumpMode": "Disabled",
...
...
"VlanControl": "Disabled",
"VlanId": 0,
"VlanPriority": 0,
"WakeOnLan": "Enabled",
"WorkloadProfile": "GeneralPowerEfficientCompute",
"XGMIForceLinkWidth": "Auto",
"XGMIMaxLinkWidth": "Auto",
"iSCSISoftwareInitiator": "Enabled"
}
},
{
"default.user": {
"AMDPerformanceWorkloadProfile": "Disabled",
"AccessControlService": "Enabled",
"AcpiHpet": "Enabled",
"AcpiRootBridgePxm": "Enabled",
"AcpiSlit": "Enabled",
"AdminEmail": "toto.content@koulapic.com",
"AdminName": "Toto Content",
"AdminOtherInfo": "Toto est Content",
"AdminPhone": "+3306789012340",
"AdvCrashDumpMode": "Disabled",
...
"SaveUserDefaults": "No",
...
"VlanId": 0,
"VlanPriority": 0,
"WakeOnLan": "Enabled",
"WorkloadProfile": "TransactionalApplicationProcessing",
"XGMIForceLinkWidth": "Auto",
"XGMIMaxLinkWidth": "Auto",
"iSCSISoftwareInitiator": "Enabled"
}
}
],
"Capabilities": {
"BaseConfig": true,
"BaseConfigs": false
},
"Id": "baseconfigs",
"Name": "BIOS Default Settings"
}
Retrieving default Bios attributes from a registry file
NOTE
The method described in this paragraph for retrieving factory default Bios attribute values is only valid for Gen10 Plus and Gen11 servers.
Bios attribute registries can be downloaded from the
HPE Support Center.
Depending the server you are focusing on,
enter a string similar to this one in the search box of
the HPE Support Center: RESTful API BIOS Schemas/Registries dl365
.
Download the Schemas/Registry .zip
file that suites your needs and extract
its content.
Drill down to the RegistryStore/en
subdirectory and retrieve
the DefaultValue
property for each Bios attribute.
The following example retrieves the Bios default values (and other properties) from a DL385 Gen11 server (A55) Bios registry file downloaded from the HPE Support site.
jq '.RegistryEntries.Attributes[] | {AttributeName, ReadOnly, Type, MenuPath, DefaultValue}'\
BiosAttributeRegistryA55.v1_1_60_en.json
{
"AttributeName": "WorkloadProfile",
"DefaultValue": "GeneralPowerEfficientCompute",
"MenuPath": "./",
"ReadOnly": false,
"Type": "Enumeration"
}
{
"AttributeName": "DynamicPowerCapping",
"DefaultValue": "Disabled",
"MenuPath": "./SystemOptions/BootTime",
"ReadOnly": false,
"Type": "Enumeration"
}
{
"AttributeName": "ExtendedMemTest",
"DefaultValue": "Disabled",
"MenuPath": "./SystemOptions/BootTime",
"ReadOnly": false,
"Type": "Enumeration"
}
....
{
"AttributeName": "EraseUserDefaults",
"DefaultValue": "No",
"MenuPath": "./SysDefaultOptions/UserDefaultOptions",
"ReadOnly": false,
"Type": "Enumeration"
}
{
"AttributeName": "UserDefaultsState",
"DefaultValue": "Disabled",
"MenuPath": "./SysDefaultOptions/UserDefaultOptions",
"ReadOnly": true,
"Type": "Enumeration"
}
{
"AttributeName": "UtilityLang",
"DefaultValue": "English",
"MenuPath": "./LangSettings",
"ReadOnly": false,
"Type": "Enumeration"
}
Default HPE Bios resources
In addition to the HPE Bios attributes and their defaults described in the previous paragraph, other Bios related resources can be managed and reset to their factory defaults. Depending on the iLO generation, they may have a different location. Hence, you will have to use a generic script to locate and retrieve them.
Refer to the following sections for additional information concerning some of those resources:
The following script retrieves the location and data type of Bios configuration attributes and resources, except HPE Service Bios attributes for the reason mentioned earlier in this section.
# The following script retrieves HPE Bios configuration links, prints them as well
# as their respective data type.
# Login remote iLO
ilorest login <ilo-ip> -u <ilo-user> -p password
# Retrieve HPE Bios configuration links
BiosLinksURI='/redfish/v1/systems/1/bios/?$select=Oem/Hpe/Links'
BiosConfigLinks=$(ilorest rawget --silent $BiosLinksURI | \
jq '.Oem.Hpe.Links')
# Exract HPE Bios configuration URIs
URIs=$(echo $BiosConfigLinks | jq -r '..|."@odata.id"?' | grep -v null)
# Print HPE Bios URIs and their data type
for uri in $URIs ; do
echo -n -e "Resource type of ${uri}:\t\t"
ilorest rawget --silent "${uri}" | \
jq '."@odata.type"' | \
awk -F. '{print $NF}' | \
tr -d "\""
done
# logout
ilorest logout
Resource type of /redfish/v1/systems/1/bios/baseconfigs/: HpeBaseConfigs
Resource type of /redfish/v1/systems/1/bios/boot/: HpeServerBootSettings
Resource type of /redfish/v1/systems/1/bios/kmsconfig/: HpeKmsConfig
Resource type of /redfish/v1/systems/1/bios/mappings/: HpeBiosMapping
Resource type of /redfish/v1/systems/1/bios/serverconfiglock/: HpeServerConfigLock
Resource type of /redfish/v1/systems/1/bios/tlsconfig/: HpeTlsConfig
Resource type of /redfish/v1/systems/1/bios/iscsi/: HpeiSCSISoftwareInitiator
Resource type of /redfish/v1/systems/1/bios/oem/hpe/baseconfigs/: HpeBaseConfigs
Resource type of /redfish/v1/systems/1/bios/oem/hpe/boot/: HpeServerBootSettings
Resource type of /redfish/v1/systems/1/bios/oem/hpe/kmsconfig/: HpeKmsConfig
Resource type of /redfish/v1/systems/1/bios/oem/hpe/mappings/: HpeBiosMapping
Resource type of /redfish/v1/systems/1/bios/oem/hpe/serverconfiglock/: HpeServerConfigLock
Resource type of /redfish/v1/systems/1/bios/oem/hpe/tlsconfig/: HpeTlsConfig
Resource type of /redfish/v1/systems/1/bios/oem/hpe/iscsi/: HpeiSCSISoftwareInitiator
HPE OEM Bios resources
(except HpeMappings
, but including the Service Bios extension)
contain a link to a BaseConfigs
URI. This URI contains the factory
default configuration of the related resource. This configuration is
in the default
member of a BaseConfigs[]
array.
The following example retrieves the HPE Bios TLS default configuration URI from an iLO 6.
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest select HpeTlsConfig.
ilorest list Oem/Hpe/Links/BaseConfigs --json | \
jq -r '..|."@odata.id"?' | grep -v null
# Or
ilorest rawget --silent "/redfish/v1/Systems/1/bios/oem/hpe/tlsconfig" | \
jq '.Oem.Hpe.Links.BaseConfigs'
ilorest logout
curl --silent --insecure -u <ilo-user>:password \
'https://<ilo-ip>/redfish/v1/systems/1/bios/oem/hpe/tlsconfig' | \
jq '.Oem.Hpe.Links.BaseConfigs'
{
"@odata.id": "/redfish/v1/systems/1/bios/oem/hpe/tlsconfig/baseconfigs/"
}
BIOS resets
This paragraph explains how to reset Bios attributes and OEM Bios related resources to factory defaults and user defaults.
TIP
The iLOrest user guide contains a dedicated section to Bios related commands.
Reset Bios attributes to factory defaults
The generic
concepts/BIOS data model
section contains an example to reset the Bios attributes to their factory
default values, using the Bios.ResetBios
standard Redfish
action against an HPE iLO 6
based server. After performing this action and a reboot of the server,
the Bios attributes are reset to the values contained in the default
member of the BaseConfigs[]
array mentioned in
the Default Bios attributes paragraph.
The following example resets Bios attributes to factory defaults
using the Bios.ResetBios
action and cURL against an iLO 6 based server.
Refer to the
iLOrest user guide
for performing the same action with iLOrest.
POST /redfish/v1/Systems/1/Bios/Actions/Bios.ResetBios
Payload:
{}
curl --insecure --silent --location -u <ilo-user>:password \
'<ilo-ip>/redfish/v1/systems/1/bios/Actions/Bios.ResetBios/' \
--request POST \
--header 'Content-Type: application/json' \
--data '{}'
The following example resets Bios attributes to factory defaults
using the Bios.ResetBios
action and cURL against an HPE iLO 5
based server. Refer to the
iLOrest user guide
for performing the same action with iLOrest.
POST /redfish/v1/Systems/1/Bios/Settings/Actions/Bios.ResetBios
Payload:
{
"Action": "Bios.ResetBios"
}
curl --insecure --silent --location -u <ilo-user>:password \
'https://<ilo-ip>/redfish/v1/Systems/1/Bios/Settings/Actions/Bios.ResetBios' \
--request POST \
--header 'Content-Type: application/json' \
--data '{
"Action": "Bios.ResetBios"
}'
NOTE
A Python example using the Bios.ResetBios
action and
the
HPE Python Library
is available on
GitHub.
The following example resets Bios attributes to factory defaults using a PUT request against the Bios attributes settings location. This example is valid for both HPE iLO 5 and iLO 6 based servers.
PUT /redfish/v1/Systems/1/Bios/Settings
Payload:
{
"Attributes": {
"BaseConfig": "default"
}
}
curl --insecure --silent -u <ilo-user>:password --location \
--request PUT '<ilo-ip>/redfish/v1/systems/1/bios/settings' \
--header 'Content-Type: application/json' \
--data '{
"Attributes": {
"BaseConfig": "default"
}
}'
TIP
You can easily view the attribute values that will be restored with
iLOrest and its pending
command
before restarting the server.
NOTE
The BaseConfig
Bios attribute might not be visible
in the current BIOS or BIOS settings resources.
Reset Bios attributes to user defaults
HPE allows the saving of custom Bios attributes of iLO based systems.
As mentioned
earlier,
these user defined Bios attributes are stored in
the default.user
member of the BaseConfigs[]
array.
NOTE
The HPE Service Bios HPE extension also contains a default.user
object
under the /redfish/v1/Sytems/1/Bios/Oem/Hpe/Baseconfigs
URI that can be
customized as mentioned earlier in this documentation section.
The following example retrieves the default user defined Bios attributes from an HPE iLO 6.
GET /redfish/v1/systems/1/bios/Oem/Hpe/BaseConfigs/
curl --insecure --silent --location -u <ilo-user>:password \
'https://<ilo-ip>/redfish/v1/systems/1/bios/Oem/Hpe/BaseConfigs' | \
jq '.BaseConfigs[] | ."default.user"'
ilorest login
ilorest rawget --silent /redfish/v1/systems/1/bios/Oem/Hpe/BaseConfigs | \
jq '.BaseConfigs[] | ."default.user"'
ilorest logout
null
{
"AMDPerformanceWorkloadProfile": "Disabled",
"AccessControlService": "Enabled",
"AcpiHpet": "Enabled",
"AcpiRootBridgePxm": "Enabled",
"AcpiSlit": "Enabled",
"AdminEmail": "titi.content@koulapic.com",
"AdminName": "Titi Content",
"AdminOtherInfo": "Toto est Content",
"AdminPhone": "+3306789012340",
...
...
"WakeOnLan": "Enabled",
"WorkloadProfile": "TransactionalApplicationProcessing",
"XGMIForceLinkWidth": "Auto",
"XGMIMaxLinkWidth": "Auto",
"iSCSISoftwareInitiator": "Enabled"
}
The following example resets the Bios attributes to the user default settings. This PUT request is valid against iLO 5 and iLO 6 based servers.
PUT /redfish/v1/systems/1/bios/settings
Payload:
{
"Attributes": {
"BaseConfig": "default.user"
}
}
curl --insecure --silent --location -u <ilo-user>:password \
--header "Content-Type: application/json" \
--request PUT --data {"Attributes":{"BaseConfig": "default.user"}} \
https://<ilo-ip>/redfish/v1/Systems/1/bios/settings/
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest biosdefaults --userdefaults
ilorest reboot ForceRestart
ilorest logout
NOTE
To reset the Service Bios extension attributes to the default.user
values,
send a PUT request
with same workload as in the previous example
to the corresponding settings area
(/redfish/v1/systems/1/Bios/Oem/Hpe/Service/Settings
)
Reset Bios attributes and HPE Bios resources
HPE iLO offers the possibility to reset both Bios attributes and Bios
related properties in a single operation to their factory defaults using
the OEM HPE property RestoreManufacturingDefaults
:
From the BiosSettingsUri
end point, you only need to PATCH
the RestoreManufacturingDefaults
property in the request body with the Yes
value and then reset the server.
The following example resets Bios attributes and Bios related properties to their factory defaults using cURL and iLOrest.
TIP
As shown in the following example, you can use
the ilorest biosdefaults --manufacturingdefaults
command
to perform this operation, and then reboot the server.
PATCH /redfish/v1/Systems/1/Bios/Settings/
Payload:
{
"Attributes":{
"RestoreManufacturingDefaults":"Yes"
}
}
curl --insecure --silent --location -u <ilo-user>:password \
--header "Content-Type: application/json" \
--request PATCH --data {"Attributes":{"RestoreManufacturingDefaults":"Yes"}} \
https://<ilo-ip>/redfish/v1/Systems/1/bios/settings/
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest biosdefaults --manufacturingdefaults
ilorest reboot ForceRestart
ilorest logout
If you just need to reset a single Bios resource set,
send a PUT request to its settings URI and then restart the server.
The following example resets the TlsConfig
Bios resources using cURL
and iLOrest against an HPE iLO 6 based system.
PUT /redfish/v1/systems/1/bios/oem/hpe/tlsconfig/settings
Workload:
{
"BaseConfig": "default"
}
curl --insecure --silent --location \
--request PUT '<ilo-ip>/redfish/v1/systems/1/bios/oem/hpe/tlsconfig/settings' \
--header 'Content-Type: application/json' \
--header 'X-Auth-Token: a9fb364e8fc6eb9f33dfb7c7910bed1c' \
--data '{
"BaseConfig": "default"
}'
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest rawput TlsDefault.json
ilorest pending
ilorest reboot ForceRestart
ilorest logout
cat TlsDefault.json
{
"/redfish/v1/systems/1/bios/oem/hpe/tlsconfig/settings": {
"BaseConfig": "default"
}
}
TIP
The reset to the default BaseConfig
configuration can be
combined with other property values changes.
This allows to first reset everything to
default and then apply some specific settings with
only one system reboot.
The following example resets to defaults the
Bios TLS configuration and configures
the VerifyMode
to a specific value (different from the default),
on an HPE iLO 5 based system.
PUT /redfish/v1/systems/1/bios/tlsconfig/settings
Workload:
{
"BaseConfig": "default",
"VerifyMode": "NONE"
}
curl --insecure --silent --location -u username:password \
--header "Content-Type: application/json" \
-X PUT --data '{"BaseConfig": "default", "VerifyMode": "NONE"}' \
https://{iLO}/redfish/v1/systems/1/bios/tlsconfig/settings
ilorest login <ilo-ip> -u <ilo-user> -p password
ilorest PUT TLSdata.json
ilorest reboot ColdBoot
ilorest logout
cat TLSdata.json
{
"/redfish/v1/systems/1/bios/tlsconfig/settings": {
"BaseConfig": "default",
"VerifyMode": "NONE"
}
}
TIP
Use the Action specified in the Service Bios extension URI to reset these attributes to their factory defaults.