Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2834 Discussions

SCS: plattform status: In Configuration

idata
Employee
‎08-31-2009 05:00 AM
1,173 Views

Hello,

 

can somebody help me? I try to configure my first AMT device.

The device is in the SCS in status: "In Configuration".

What have I to do to get it configured?

 

In the client software "Intel Management and Security Status" I see:

 

Intel AMT Status:

 

Status: Not configured

 

Mode: Ready for configuration

 

Firmware Version: 4.1.11.1051

Advanced Information:

 

Advanced Systemdetails:

 

System UUID:

 

Intel ME Driver: active 4.0.1.1074

 

LMS: active: 4.10.1042

 

power directive: N/A

I have installed the Service with IIS 6.0, SOAP, a root certificate of our domain CA, enhanced the schema, configured option 15 of the DHCP to foo.de and generate 50 pairs of PID and PPS.

 

I have set password, one pair of the sets of PID and PPS and the set the FQDN of my AMT device.

 

I have set the FQDN in the plattform in the SCS, set the OU, set the profile to "default profile" and authorized AMT.

 

Here are my settings:

 

AMT CLIENT DEVICE

#

 

Management Engine BIOS Extension v4.0.4.0006

 

--------------------------------------------

 

ME Configuration

 

ME State Control: [X] Enabled

 

ME Firmware Local Update Qualifier: [X] Always open

 

ME Features Control

 

Manageability Feature Selection: [X] Intel AMT

 

ME FW Update Interface: [X] ME and TPM

 

ME Power Control

 

ME ON in Host Sleep States: [X] S0-S5

 

--------------------------------------------

 

AMT Configuration

 

Host Name: PC01

 

TCP/IP: DHCP Enabled

 

Domain Name: foo.de

 

Provision Model: Enterprise

 

Setup and Configuration

 

Current Provisioning Mode: PSK

 

Provisioning Record

 

TLS Provisioning Mode: PSK

 

Provisioning IP:

 

Date of Provision: 8/31/2009 at 11:40

 

Provisioning Server address: Port: 9971

 

TLS PSK

 

TLS PSK Configuration

 

Set PID and PPS:

 

TLS PKI

 

Remote Configuration: [X] Enabled

 

Manage Certificate Hashes:

 

FQDN of provisioning server: provision.foo.de

 

PKI DNS Suffix: foo.de

 

SOL/IDE-R: [X] Enabled

 

Password Policy: [X] Default Password only

 

Secure Firmware Update: [X] Enabled

 

PTRC:

 

Idle Timeout: 1

 

--------------------------------------------

 

ME Password

 

mailto:P@ssword P@ssword

 

#

INTEL SCS

Serivce Status:

 

Service name: Provision

 

Version: 5.2.0.34

 

Status: Running

default profile

 

Enabled interfaces: [X] Web UI, [X] Serial Over LAN, [X] IDE Redirection

 

Power Management Settings: Allways On (S0-S5)

 

Idle Timeout 3 Minutes

 

New MEBx password: mailto:P@ssword P@ssword

 

Encryption mode: (*) force encryption

 

Kerberos clock tolerance: 5

 

Network Settings: [ ] Use VLAN, [X] Enable ping response

 

Optional Settings: [X] ACL, [ ] Domains, [ ] TLS, [ ] 802.1x, [ ] WiFi, [ ]EAC, [ ] Remote Access

 

ACL:

 

Digest user: (grey) admin, (grey) [X] Randomize Password, (grey) AccessType Both, Realms (grey) [X] PT Administraton - other [ ] unchecked

 

AD user: cn=domain-admins,dc=foo,dc=de, AccessType: Both, Realms all [X] checked

Plattform Collections

 

Using Profile default profile (1)

 

Configured (0)

 

Not Configured (0)

Under Using Profile default profile (1)

 

UUID:

 

FQDN: PC01.foo.de

 

Status: InConfiguration

 

version: 4.1.11

 

green connector

Plattform

 

Properties

 

FQDN: PC01.foo.de

 

UUID:

 

AD OU: ou=my computers,dc=foo,dc=de

 

Profile: default profile

 

Configuration Status: Configured

 

Admin Password: admin

 

Advanced

 

Connection STatus: AMT is connected

 

Configuration communication type: PSK

 

Intel AMT Version: 4.1.11

 

Las Clock Sync: N/A

 

SKU: Intel vPro

 

Last Admin Password Update: N/A

 

Last Configuraiton: N/A

 

History

 

ExtendConfigWindowOfOpportunity InQueue 12:12

 

ExtendConfigWindowOfOpportunity Succeeded 12:07

 

Configuration InProgress 12:07

 

Profile

 

Profile Components

 

Trusted Root Certificates

 

foo root CA

 

valid from: 27.08.2007 to 27.08.2012

 

all given directives and all application directives (in German: Alle ausgegebenen Richtlinien, Alle Anwendungsrichtlinien)

 

Version: V3

 

Serial:

 

Requester: CN=foo root CA, DC=foo, DC=de

 

Signature algorithm sha1RSA

 

Public Key: RSA 2048 Bits

 

certification template: CA

 

key usage: approved, zertificate signature, offline signing of certification revoke list, signing of certification revoke list (46)

 

in German: Zugelassen, Zertifikatssignatur, Offline Signieren der Zertifikatsperrliste, Signieren der Zertifikatssperrliste (46)

 

keysign or requester (in German: Schlüsselkennung des Antragsstellers):

 

 

Version of...
0 Kudos

Link Copied

0 Replies
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.