Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2833 Discussions

SCCM 07 OOB Issue (Power Commands)

idata
Employee
‎06-07-2012 11:05 AM
1,991 Views

Hi All,

I have a SCCM 07 SP2 R2 Environment sitting on Server 2003. Our Primary Site Server is also the oob point. About 4weeks ago the wake up and power on commands using Vpro stopped working. I can browse to the WebUI of provisioned machines and issue power commands from that, but right-clicking a computer and selecting Power On does not work. This lead me to believe it was a TLS Authentication issue. From what I understand the WebUI uses Kerberos and the console uses our own internal Cert to authenticate.

I have checked our CA Server and all the clients have current certificates issued to their respective fqdn. AD permissions are all correct. I recreated the AMT web certificate template using the Step by Step instructions from Microsoft and still no dice. Looking for any help or assistance on what would cause this to just randomly stop functioning.

We had a few IIS issues about a month ago where 1 of the app pools was set to a different .net version (My guess is 1 of our admins was messing with it) but that is fixed. Is there anything else that would cause the Power on commands to just stop working?

Thanks and really appreciate it!

oobconsole.log - 6][5/30/2012 8:25:25 AM] :GetAMTPowerState fail with result:0x8033810F

amtopmgr.log - AMT Operation Worker: AMT machine MK19267.domain.int can't be waken up. Error code: 0x8033810F SMS_AMT_OPERATION_MANAGER

0 Kudos

Link Copied

5 Replies
idata
Employee
‎06-12-2012 05:32 AM
966 Views

Hi Craig,

The error you are seeing is coming from WinRM indicating an issue with the connection. Something you already know.

Try accessing the system with SCCM to unprovision and reprovision and see if the issue goes away.

If not, please attach a Wireshark network trace of the handshake when trying to access the power commands.

Regards,

David

0 Kudos
Copy link
idata
Employee
‎06-12-2012 09:30 AM
966 Views
In response to idata

Hi David,

I get the same result on unprovisioned/reprovisioned and new machines. I thought WinRM was only used on machines with firmware lower than 3.2.1?

I'll talk with our Networking team to see if they can setup a TAP on the server.

In response to idata
0 Kudos
Copy link
idata
Employee
‎06-13-2012 12:20 AM
966 Views
In response to idata

Hi Craig,

You are thinking of the WSMan Translator. WinRM is the widows service that handles WSMan calls for the OS.

David

In response to idata
0 Kudos
Copy link
idata
Employee
‎06-28-2012 01:37 AM
966 Views

Hi Craig,

Were you able to resolve this?

Regards,

David

0 Kudos
Copy link
idata
Employee
‎07-02-2012 04:54 AM
966 Views
In response to idata

 

Hi David,

Yes I was able to resolve this. Turns out one of our admins hard set a proxy on the server which was preventing the WinRm packets to get out.

Thanks for the help/

In response to idata
0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.