- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
When scs is deployed with db on w10, I can deploy successfully setting but with a warning that remote access won't work.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2 ,
Thank you for joining the community
Can you tell what software application are you not able to install in Win16? Take into consideration that the Configurator is not supported in Win16 but it is in Win10. On the other side RCS and Console are no supported in Win10 but are supported in Win16. You can check this in the Release Notes following the link
Hope if helps
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jose, thanks for your answer.
I try to install the SCS with db for mass deployment and centralized management. On w16, when I try to install SCS using network service it's fail when with w10 it's work. So yesterday, I found a way to install with no error the SCS on w16 using a user account having correct permission and to connect to database using sql account not AD in my home lab, but it should be better for securtiy reason to be able to use network service.
So I will try today to install it on my work environment.
Now there is another point where I get stuck. I want to manage for certificate part my CA root server without having to use 1 of the listed certificate provider like go daddy as we already have a wildcard certificate provided by tbs. I have read on different how to that it was possible to use such certificate but it's look like or there is missing part on how to set such certificate or it's not possible.
We choose to change all our PC (Laptop from HP and Fix from Dell) and having VPRO cpu to allow us to be able to take control on all pc same if there is no os boot.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2 ,
I will wait for your updates from your work environment
About using a different CA other than the 5 listed ones it is possible. You could even use your own certificate server. What you will need to do is to generate or gather the certificate hash (signing chain) and then insert it on all the computers MEBx firmware so it will be recognized when requested by the RCS server. For more info go here.
Regards
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jose,
Thanks for your answer. The part of the certificate to provide in the mex of all computer, did I have to install it in the pki hash or I have to go in the list of all certificate autority provider and add a new ref. If yes for to add a new ref in the list of certificate provider, where can I found the hash as it's look longer than the thumbprint of my certificate?
Second question, is there a way to install it or remotely or via usb key?
Thanks for your time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2 ,
The following are the instructions detailed in the Intel SCS user guide
Entering a Root Certificate Hash Manually in the Intel AMT
Firmware
Normally the certificate hashes are programmed in the Intel AMT system firmware by the manufacturer.
Alternatively, there is an option to enter the root certificate’s hash manually via the Intel MEBX. (The names and locations of menu options might vary slightly in different Intel AMT versions.)
To enter the certificate hash via the Intel MEBX:
1. Open the Root certificate and tab to Details. Keep the Root certificate thumbprint from the thumbprint field
for use in step 7.
2. Power on the Intel AMT system and press <Ctrl-P> during boot.
3. When the Intel MEBX menu is displayed, do a full unconfiguration (unprovision).
4. From the Intel MEBX menu, select Setup and Configuration > TLS PKI.
5. Select Manage Certificate Hashes.
6. Press <Insert> and enter a name for the hash.
7. Enter the Root certificate thumbprint from step 1.
8. Answer Yes to the question about activating the hash.
9. Exit the Intel MEBX and reboot the Intel AMT system.
Hope it helps
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2 ,
I am just following up to double check if you found the provided information useful. If you have further questions please don't hesitate to ask. If you consider the issue to be completed please let us know so we can proceed to mark this ticket as resolved. This support interaction will be marked as resolved automatically in the next 72 hours if no activity is received.
Regards
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jose,
Thanks for your feedback on this topic. Sorry if I don't back yet but last week I wasn't able to found bw to have a look. I have to plan time for this this week as we will soon start to prepare our PC for image deployment.
I will keep you updated asap
Kind regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2 ,
We will look forward for your updates
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2 ,
I am just following up to ask you about the process of image deployment you were planning for this week.
I will wait for your updates.
Regards
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jose,
I have been able to test last friday but with no luck. When I install the certificate on my RCS server using the rcsutil, I got a warning that the certificate is not compatible for remote access. When I deploy the profil setting on a pc, I got a succes installation with a warning saying that my certificate is not compatible for remote access.
Kind Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2 ,
Thanks for the updates. Looks like your current certificate is not compatible with AMT. Could you please attach the RCS.log so we can check for these errors? Also please run and attach the system discovery tool included in the SCS software package. We would like to take a look at both logs.
Will look forward for your updates.
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2,
I was not able to find any of the attached files on the thread. I think there is a way to send me a private/direct message. You can try that way. Or you can upload it to any cloud service send me the download link.
I will look forward for your updates
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2,
I am still missing the requested logs. For some reason those did not attach to the thread. Please let know when you reattach them or if you need more time.
Regards
Jose A.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello TLege2,
We will proceed to mark this thread as closed. If you have further issues or questions just go ahead and create a new topic.
Regards
Jose A.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page