- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
I have lab SCCM 2007 SP1 R2 on Windows 2008 Server.
I installed all hotfixes to Windows Server and hotfixes to SCCM (KB954718,
KB955126, KB955355, KB956337, KB957469, KB960804)
I installed Client on my test computer (Dell 755). OS system is Vista SP1
x86.
I want to provision this computer with in-band agent provisioning.
In OOBMGMT.log on client is:
----------------------------------
BEGIN
Retrying to activate the device.
New OTP generated
Successfully activated the device.
END
----------------------------------
In create collection "AMT Systems". I choosed option Out of Band
Management - Discover Management Controllers.
I checked AMTOPMGR.log on SCCM server:
----------------------------------------------------------------------------------------------
AMT Discovery Worker: Wakes up to process instruction files
AMT Discovery Worker: Wait 3600 seconds...
AMT Discovery Worker: Wakes up to process instruction files
AMT Discovery Worker: Reading Discovery Instruction
c:\ConfigMgr\inboxes\amtopmgr.box\disc\{99AD5C16-1204-481F-BE97-52B3CA79113D}.RDC...
AMT Discovery Worker: Execute query exec AMT_GetThisSitesNetBiosNames
'ISW0000D', NULL, 'ISW'
AMT Discovery Worker: Execute query exec AMT_GetAMTMachineProperties 26
AMT Discovery Worker: CSMSAMTDiscoveryWorker::RetrieveInfoFromCollection:
Found machine hp - 10.1.12.22 from Collection ISW0000D.
AMT Discovery Worker: Execute query exec AMT_GetAMTMachineProperties 28
AMT Discovery Worker: CSMSAMTDiscoveryWorker::RetrieveInfoFromCollection:
Found machine DELL01 - 10.1.12.21 from Collection ISW0000D.
AMT Discovery Worker: Execute query exec AMT_GetProvAccounts
AMT Discovery Worker: Execute query exec AMT_GetProvAccounts
AMT Discovery Worker: Finish reading discovery instruction
c:\ConfigMgr\inboxes\amtopmgr.box\disc\{99AD5C16-1204-481F-BE97-52B3CA79113D}.RDC
AMT Discovery Worker: Parsed 1 instruction files
AMT Discovery Worker: There are 2 tasks in pending list
AMT Discovery Worker: Send task to completion port
Auto-worker Thread Pool: Current size of the thread pool is 1
AMT Discovery Worker: Send task to completion port
Auto-worker Thread Pool: Current size of the thread pool is 2
Auto-worker Thread Pool: Work thread 3156 started
Auto-worker Thread Pool: Work thread 4652 started
CAMTDiscoveryWSMan::DoDetectAMTVersion: recv failed: 10054
AMT Discovery Worker: 2 task(s) are sent to the task pool successfully.
STATMSG: ID=7203 SEV=I LEV=M SOURCE="SMS Server"
COMP="SMS_AMT_OPERATION_MANAGER" SYS=SCCM SITE=ISW PID=3520 TID=5052
GMTDATE=Wt kwi
AMT Discovery Worker: Wait 20 seconds...
AMT Discovery Worker: Wakes up to process instruction files
AMT Discovery Worker: Wait 20 seconds...
Error 0x80090304 returned by InitializeSecurityContext during follow up TLS
handshaking with server.
**** Error 0x331b580 returned by ApplyControlToken
Error 0x80090304 returned by InitializeSecurityContext during follow up TLS
handshaking with server.
**** Error 0x331b580 returned by ApplyControlToken
session params : http://dell01.vprolab.com:16992/ http://DELL01.vprolab.com:16992 , 111001
ERROR: Invoke(get) failed: 80020009argNum = 0
Description: The I/O operation has been aborted because of either a thread
exit or an application request.
Error: Failed to get AMT_SetupAndConfigurationService instance.
session params : http://dell01.vprolab.com:16992/ http://DELL01.vprolab.com:16992 , 111001
ERROR: Invoke(get) failed: 80020009argNum = 0
Description: The I/O operation has been aborted because of either a thread
exit or an application request.
Error: Failed to get AMT_SetupAndConfigurationService instance.
CSMSAMTDiscoveryTask::Execute - DDR written to
c:\ConfigMgr\inboxes\auth\ddm.box
Auto-worker Thread Pool: Succeed to run the task . Remove it from task list.
CAMTDiscoveryWSMan::DoConnectToAMTDevice: Failed to establish tcp session to
10.1.12.22:16992.
GeneralInfo.GetProvisioningState finished with HResult = 0x0, status = 0x0,
clientError = 0.
CSMSAMTDiscoveryTask::Execute - DDR written to
c:\ConfigMgr\inboxes\auth\ddm.box
Auto-worker Thread Pool: Succeed to run the task . Remove it from task list.
AMT Discovery Worker: Wakes up to process instruction files
AMT Discovery Worker: Wait 3600 seconds...
Auto-worker Thread Pool: Work thread 3156 has been requested to shut down.
Auto-worker Thread Pool: Work thread 3156 exiting.
Auto-worker Thread Pool: Work thread 4652 has been requested to shut down.
Auto-worker Thread Pool: Work thread 4652 exiting.
Auto-worker Thread Pool: Current size of the thread pool is 0
----------------------------------------------------------------------------------------------
My test computer name is DELL01.vprolab.com and his ip is 10.1.12.21.
In collection "AMT Systems" computer show status "Detected" in AMT Status
column and 3.2.3 on AMT Version column.
Computer don't change status to "Provisioned". Is still "Detected".
I can't manage it via Out of Band Management Console.
Could you help me with this trouble?
--
piotrek
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Piotrek,
Thanks for your thorough, informational post!
Has this device ever been provisioned before? If yes, please enter the MEBx and make sure it is unprovisioned first. If the device is provisioned, but ConfigMgr is unable to communicate with it, due to lack of proper credentials, this could cause the "Detected" state to appear.
Does the client have forward and reverse lookup records in DNS? In order for AMT to function, the client must have a A and PTR record in DNS, in the zone that matches the name of the Active Directory domain that the client is a member of. For example: if the client's hostname is AmtClient, and it is a domain member of DomainA.local, and it has IP address 10.1.1.100, then an A record must exist called AmtClient.DomainA.local, and a PTR record must exist for 10.1.1.100, pointing to AmtClient.DomainA.local.
What provisioning certificate provider are you using? Do you have a valid SSL certificate that has the correct OU name of "Intel(R) Client Setup Certificate" and is published to a member server of the Active Directory domain in your lab (eg. sccmsp1.DomainA.local)?
If these things have been checked, then please try resetting the system to factory defaults by disconnecting power, and pulling the CMOS battery on the motherboard for ~10 seconds. Do not log into the MEBx, and try reprovisioning the device.
I hope this helps! Please post back your results, and let me know if I can further assist you!
Trevor Sullivan
Systems Engineer
OfficeMax Corporation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Does your DHCP server have option 15 enabled when offering an IP address to your AMT system? And does that value match the FQDN of the provisioning certificate you are using? For example, if the provisioning certificate is sccm.domain1.com is the Option 15 value domain1.com? Also, please make sure you are running the latest BIOS from Dell's web site for the 755.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Trevor, William
Thanks for you answers.
Has this device ever been provisioned before?
Yes. It was provisioned Out of band provisioning method and it worked, but I deleted his account from SCCM and reset BIOS, because I want to test in band provisioning method.
Does the client have forward and reverse lookup records in DNS?
It has only forward lookup record (A record). I create PTR record for this computer. But still status is "Detected".
What provisioning certificate provider are you using?
I have certificate signed by GoDaddy. His OU is "Intel(R) Client Setup Certificate" and is published in my SCCM server which is a member server of my domain vprolab.com.
Does your DHCP server have option 15 enabled?
Yes, it does (vprolab.com).
Please make sure you are running the latest BIOS from Dell's web site for the 755.
I have BIOS A13 version with AMT 3.2.3 version. It is new version of BIOS for this computer.
Have you any other ideas?
Best regards.
--
piotrek
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page