After learning of the provisioning methods for the Intel AMT device (Manual, USB one-touch, OEM pre-load, RCFG with certificates), I was disappointed that there is not an easier solution option available.
If our computers/network are behind a corporate firewall, and security is not a concern, shouldn't there be an easier way to authenticate the Intel AMT device using software only, i.e. a scripted solution between the client and the server?
Are there any other options that I am not aware of to complete the provision process using software only, i.e. software utilities between the AMT devices and the server?
I have read about the RCT, aka Activator.exe utility, and tried to provision a computer but it didn't work. Will the Activator utility work with out having put any pre-shared keys into the Intel AMT device? Or does it require the keys in order to work? Thanks.
Hi Art, Yes! Activator is the correct tool for starting provisioning. there are some consideration you need to consider. What version of AMT FW (older AMT 2.x may have different script requirements). Was any previous provisioning been attempted? if a system had previous provisioning attempts it may have specific data that needs to be cleared. The key usage is for AMT to be in its default state (available but not provisioned) Activator will start sending hello packets out to the provision server. I recommend you review the read me for proper command line /script usage. I previously mentioned AMT 2.x, if you are using SCCM I also want to have you review a recent article on Ring Seed Generation requirements. Basically i need more information to narrow down the exact usage for Activator