- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, I'm trying to create a PowerShell script to automatically create a digest user account and password in AMT and be able to add the account even if the workstation is powered down.
I've been testing the New-Item AMT:\Config\ACL\Digest\"Username" option as described in the following URL: /community/openportit/vproexpert/microsoft-vpro/blog/2011/03/30/powershell-module-for-intel-vpro-technology-version-30-amtsystem-powershell-drive-provider http://communities.intel.com/community/openportit/vproexpert/microsoft-vpro/blog/2011/03/30/powershell-module-for-intel-vpro-technology-version-30-amtsystem-powershell-drive-provider - however, I get prompted to manually enter a password which I'm need to avoid.
The objective of what I'm trying to achieve is the following:
1. The workstation is vPro enabled using SCS and the default digest admin account and the password is set using the Digest Master Password feature in the SCS. (I cannot use TLS/Kerberos and cannot set a digest account in the profile either).
2. PROBLEM: As you cannot establish a SOL session using the default admin account and DMP (as the DMP is 44 characters in lengths and currently SOL only accepts a maximum password length of 32 character), I want to write a script in PowerShell to connect to the vPro enabled workstation and create a digest account and password automatically. – For additional information on this please refer to: /message/152489 http://communities.intel.com/message/152489
3. I'll then Invoke-AMTForceBoot to establish a SOL session, and once complete, automatically delete the account again.
Below is a copy of the script I'm working on and it works fine when I manually enter the password for the created digest user when prompted (Currently in the script I'm prompting for the hostname and default admin account and DMP, however I'll be passing these through from the extended script automatically)
# Begin flow template
Import-Module 'IntelvPro'
$hostname = read-Host ("Workstation Name")
$Cred_DMP = Get-Credential # DMP Credentials
# Add Digest User Account for SOL connection
New-PSDrive -Name AMT -PSProvider amtsystem -Root "/" -ComputerName $hostname -Credential $Cred_DMP
New-Item AMT:\Config\ACL\Digest\TestUser # Digest Username is hard coded
At this section part I get prompted to enter a password for the digest user account 'TestUser'
Set-ItemProperty AMT:\Config\ACL\Digest\TestUser -Name Privileges -Value RC,REDIR,EVTLOG
# Connect to workstation with SOL
Invoke-AMTForceBoot -ComputerName $hostname -Port 16992 -Operation reset -Device BIOSSetup -Console SOL -SOLTerminalPath "telnet" -SOLTerminalArgList "-t ANSI 127.0.0.1 %Port" -Username TestUser -Password P@ssw0rd
Currently the username and password is both hard coded, but aiming to be able to pass this through as –Credential $SOL_CRED
# Remove Digest User Account for SOL
Start-Sleep -Seconds 40
Remove-Item AMT:\Config\ACL\Digest\TestUser
Remove-Module 'IntelvPro'
# End flow template
As mentioned before, when I run the script and manually enter the password for the created digest user 'TestUser' the script works as it should.
It would be create if I could get a script to create the necessary digest account and password automatically.
Regards,
Pierre
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good catch. I found the issue in the code and we are working on fixing it. The next build of the module is due in a late june/early july, I will post when it goes live.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page