The other day, I’ve wrote about POWER8 ‘feature’ which requires from an administrator update of access keys in order to keep a server eligible for the firmware upgrade POWER8 – No hardware maintenance-no firmware upgrade . An administrator needs to enter these every few months, if a maintenance contract is re-signed every few months. This can be a headache, or something bigger if someone runs multiple servers. There is a secret HMC function, which can update the keys automatically.
I think this function has been introduced in the HMC FW 8.8.6 but I can’t find it documented in the ‘Read me’. Older releases have different window and the function is unavailable.
No idea why IBM made this so hidden. Anyway, in order to activate it, go to Service Management -> Transmit Service Information and select Update Access Key Information with some interval.
Below you can find a picture where to find it in the Classic and the Enhanced GUI.
IBMi.org - Bart's blog 
Any way to do this from the command line?
Definitelly, but I need to find it first.
But i’m thinking, why do you need a command? This is one time action, you can set it once and it should always work.
Thanks for this! I’ve been looking for this for a while without anyone offering the option up. Appreciate it!
Tracy Smith had a slide on that (and more) in his May 2017 presentation in Orlando – p014924 Managing firmware on your Power System.
Did she refer to my blog ?
Not sure 🙂
P.S. BTW, Tracy Smith is a he, and most likely you know him. He and Mark Olson are the stalwarts of iSeries/Power community. Sadly, they are both retiring – Mark Olson this year and Tracy Smith next.
P.P.S. Enjoyed your presentation at LUG earlier this month – nicely done!
2017… an old blog.. I post anyway hoping someone will see it.
How to diagnose when the UAK is not automatically updated? I have 4 Power8 (8408) for which the automated process stopped working.
There are multiple reasons which I’ve experienced.
1. The HMC can’t properly communicate with the IBM. Thus, it can’t ‘download’ the new key.
2. The Business partners did not refresh maintenance contract ahead of time, thus the HMC can’t download new keys from IBM (because according to IBM support the particular machine does not have the valid HW maintenance) .
Usually the reason why it is not working can be seen in the HMC log. I recommend to turn HMC notification via email (Service Management ->Manage Event Notification -> All serviceable events , and you should find the error in your email right after the process gets failed.
Out of luck! All this has been checked. All others Power linked to this HMC still updated their UAK automatically. Also, nothing is reported as problem in the event. Look like opening a ticket with IBM will be the only way. Thanks! By the way, lots of information on your blog. Thanks for this!
I put together a for loop that looks at all my HMCs and all my frames and runs:
ssh ${SSHOPTS} ${HMC} ” lslic -m ${FRAME} -F update_access_key_exp_date ”
Then the update is an easy chcod command:
ssh ${SSHOPTS} ${HMC} ” chcod -m ${FRAME} -o e -k ${ACCESS_KEY} “
hello, thank you for info about automate access keys update.
CLI command updlic for update access keys from CLI:
https://www.ibm.com/support/knowledgecenter/POWER7/p7edm/updlic.html