- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I've an installation of Intel EMA 1.7.1.0 on Windows Server 2019 and SQL Server 2019.
I've almost 150 clients Windows 10 and Windows 11.
Recently (2 weeks ago) I've upgraded (thanks to your help :D) from 1.7.0.0 to 1.7.1.0
Since that moment, a lot of clients have a strange behaviour.
The clients lost their AMT profile and go in the status "Client Control Mode"
If I click on "Provision Intel AMT" there is a Pop-up with:
I have attached 2 screenshot that show better the issue.
In this state CIRA is not connected and I am not able to use the AMT Features.
The only way to unlock the PC is by CTRL+P at the boot process, enter in the MEBx BIOS and delete the exist AMT Profile.
At this point it's possible to provision AMT again from EMA Console.
Now I've 2 questions for you:
1. why I have a lot of clients entering in the situation I've just explained? is it related with the upgrade process of few weeks ago? (I've flagged the auto-update agent).
2. is there a way to unlock the AMT profile (a software or a tool) without physical intervention on the machine?
Thanks a lot.
Stefano
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello smolisso,
Welcome back the Intel community.
The fact that the clients are provisioned in Client Control Mode (CCM) is related to the original provisioning method used. If no PKI certificate was used then the clients provision in CCM. So this should not be related to the recent upgrade to v1.7.1
About unprovisioning methods there are the MEBx unprovisioning (requires physical access to the machine) and the old ACUconfigurator from the Intel® Setup and Configuration Software (Intel® SCS). It is contained in the download package and it is a CLI tool. For the syntax check here https://www.intel.com/content/dam/www/public/us/en/documents/guides/amt-configuration-utility-user-guide.pdf#page=99
Regards
Jose A.
Intel Customer Support Technician
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I've found a solution that works!
I've downloaded the Detection and Mitigation tool:
I install it from CLI with the following command (all is described in the PDF inside the downloaded ZIP):
msiexec.exe /i INTEL-SA-00075 Detection and Mitigation Tool.msi /qn
After I go in the dir:
C:\Program Files (x86)\Intel\Intel-SA-00075 Detection and Mitigation Tool\
And I launch the command: Intel-SA-00075-console.exe" -Unprovision "password"
After this, I have to launch the installation of the agent: c:\Emaagent\emaagent.exe -install
(I've made a .bat that made all the steps described above)
At this point the Client return in the normal situation and I can provision AMT again, or with the AMT Profile auto-provisioning the provisioning is automatically.
Thanks a lot
Stefano
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello smolisso,
I am glad to hear you found a successful way to un provision the systems. We will proceed to mark this thread as resolved. If you have further issues or questions just go ahead and submit a new topic.
Regards
Jose A.
Intel Customer Support Technician
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page