Community
cancel
Showing results for 
Search instead for 
Did you mean: 
idata
Community Manager
800 Views

'Detected' in SCCM refuses to go away.

Hi All,

At present I'm setting up an test lab environment with servers deployed on an ESXi server and several Dell Optiplex 755 (BIOS version A12, AMT 3.2.2) and 960 (BIOS version A02, AMT 5.0). I have set the environment up similar to as was described in the SCCMSP1 Quick start guide (/docs/DOC-1754 http://communities.intel.com/openport/docs/DOC-1754) and I utilised this document to help me setup the vPro network. The differences to this document is I am using Windows 2008 Standard for my ADS server, and Bind9 on Ubuntu to run our DNS and DHCP server. I have done so to better emulate our production environment. SCCMSP1 and the Certification Authority is running on a Windows 2003 Enterprise machine.

So far everything has gone to plan, or I have found suitable documentation on the net to get me to the current stage. However, I have reached a brick wall in this case, and have no idea how to proceed. My issue is with regard to getting the AMT machine (at present a Optiplex 960 with AMT 5.0) into an 'unprovisioned' state in SCCM. At present it reports back as 'detected'. I have triple checked the guide, reissued the certificate (I am using a self-signed certificate following the instructions found at http://technet.microsoft.com/en-us/library/cc161804.aspx http://technet.microsoft.com/en-us/library/cc161804.aspx), ensured that the SCCM and MEBx passwords are the same. However, am still stumped as the 'detected' state refuses to go away. Attached is my amtopmgr.log file, and the output displayed when a 'discover of management controllers' is performed. It would be greatly appreciated if somebody could give me an idea of where to proceed. Googling the errors hasn't come up with much (or from what I could find).

AMT Discovery Worker: Wakes up to process instruction files $$

 

AMT Discovery Worker: Reading Discovery Instruction C:\Program Files\Microsoft Configuration Manager\inboxes\amtopmgr.box\disc\{DDB612AC-B759-40CA-9BEB-D75BF8C0ED51}.RDC...~ $$

 

AMT Discovery Worker: Execute query exec AMT_GetThisSitesNetBiosNames 'SMS00001', NULL, 'KPN'~ $$

 

AMT Discovery Worker: Execute query exec AMT_GetAMTMachineProperties 2~ $$

 

AMT Discovery Worker: CSMSAMTDiscoveryWorker::RetrieveInfoFromCollection: Found machine SCCMSP1 - 192.168.33.3 from Collection SMS00001. $$

 

AMT Discovery Worker: Execute query exec AMT_GetAMTMachineProperties 3~ $$

 

AMT Discovery Worker: CSMSAMTDiscoveryWorker::RetrieveInfoFromCollection: Found machine NZVPROTEST - 192.168.33.11 from Collection SMS00001. $$

 

AMT Discovery Worker: Execute query exec AMT_GetProvAccounts~ $$

 

AMT Discovery Worker: Execute query exec AMT_GetProvAccounts~ $$

 

AMT Discovery Worker: Finish reading discovery instruction C:\Program Files\Microsoft Configuration Manager\inboxes\amtopmgr.box\disc\{DDB612AC-B759-40CA-9BEB-D75BF8C0ED51}.RDC~ $$

 

AMT Discovery Worker: Parsed 1 instruction files $$

 

AMT Discovery Worker: There are 2 tasks in pending list $$

 

AMT Discovery Worker: Send task to completion port $$

 

Auto-worker Thread Pool: Current size of the thread pool is 1 $$

 

AMT Discovery Worker: Send task to completion port $$

 

Auto-worker Thread Pool: Current size of the thread pool is 2 $$

 

AMT Discovery Worker: 2 task(s) are sent to the task pool successfully.~ $$

 

STATMSG: ID=7203 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_AMT_OPERATION_MANAGER" SYS=SCCMSP1 SITE=KPN PID=1932 TID=2636 GMTDATE=Thu Feb 19 22:55:30.291 2009 ISTR0="2" ISTR1="0" ISTR2="0" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 $$

 

AMT Discovery Worker: Wait 20 seconds... $$

 

AMT Discovery Worker: Wakes up to process instruction files $$

 

AMT Discovery Worker: Wait 20 seconds... $$

 

AMT Discovery Worker: Wakes up to process instruction files $$

 

AMT Discovery Worker: Wait 20 seconds... $$

 

Auto-worker Thread Pool: Work thread 3352 started $$

 

Auto-worker Thread Pool: Work thread 416 started $$

 

CAMTDiscoveryWSMan::DoConnectToAMTDevice: Failed to establish tcp session to 192.168.33.11:16992.~ $$

 

CAMTDiscoveryWSMan::DoConnectToAMTDevice: Failed to establish tcp session to 192.168.33.3:16992.~ $$

 

Error 0x80090325 returned by InitializeSecurityContext during follow up TLS handshaking with server.~ $$

 

**** Error 0x1cab970 returned by ApplyControlToken~ $$<SMS_AMT_OPERATION_MA...
0 Kudos
1 Reply
idata
Community Manager
29 Views

Gene,

Have you logged into the MEBx on this OptiPlex 960 before? Have you changed the password at all? It's possible that, if you changed the MEBx password, and didn't configure that password in your Out-of-Band Component Configuration on your ConfigMgr site server, that your site server can't make a connection to it, to provision it. I haven't specifically tested this scenario, but I would expect that it would show as "Detected" because the ConfigMgr client can "see" it because of the HECI driver's presence, but is otherwise unable to talk to the Management Engine (ME).

Hmmm, I just remembered that you said you had used an internally-issued certificate, which means you probably did enter the MEBx to add the certificate hash ... am I correct? If so, then make sure that whatever password you changed the MEBx to is configured on your OOB Component Configuration screen on the far right tab.

You can get a 1 year certificate from Godaddy for $80 I believe (the Deluxe SSL product), so I would really recommend going that route to avoid the hassle of manually entering certificate hashes.

Trevor Sullivan

Systems Engineer

OfficeMax Corporation

Reply