Are there any special considerations when using the networkservice account with the Intel SCS addons? The SCS and SCCM would be on the same machine. The SCCM machine account would already have local admin permissions on the clients.
this is more Intel SCS -RCS service related question:
so RCS service running as Network Service Account (RCS Server Computer account) will need to be authorised for specified AMT TLS certificate template Read and Enroll
For Standalone CA - access to CA will be required for RSC service account.
If only Host Based Configuration will be used - Intel RCS is not required, although it can be still used for central secure store of AMT Configuration profiles.
ACUConfig will be executed by SCCM agent -so in Local Computer account context
As in Host Based Configuration case it will be ACUConfid.exe component which will create AD ME objects and request AMT TLS certs from your CA - then same access shall be granted to all Intel vPro /AMT based computer accounts to AMT additional OU and AMT TLS certificate template - easiest way will be to grant it to Domain Computers.
In Host Based Configuration AMT RCFG cert is not used at all so no need to purchase it neither import to any certificate store.