- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
can somebody help me? I try to configure my first AMT device.
The device is in the SCS in status: "In Configuration".
What have I to do to get it configured?
In the client software "Intel Management and Security Status" I see:
Intel AMT Status:
Status: Not configured
Mode: Ready for configuration
Firmware Version: 4.1.11.1051
Advanced Information:
Advanced Systemdetails:
System UUID:
Intel ME Driver: active 4.0.1.1074
LMS: active: 4.10.1042
power directive: N/A
I have installed the Service with IIS 6.0, SOAP, a root certificate of our domain CA, enhanced the schema, configured option 15 of the DHCP to foo.de and generate 50 pairs of PID and PPS.
I have set password, one pair of the sets of PID and PPS and the set the FQDN of my AMT device.
I have set the FQDN in the plattform in the SCS, set the OU, set the profile to "default profile" and authorized AMT.
Here are my settings:
AMT CLIENT DEVICE
#
Management Engine BIOS Extension v4.0.4.0006
--------------------------------------------
ME Configuration
ME State Control: [X] Enabled
ME Firmware Local Update Qualifier: [X] Always open
ME Features Control
Manageability Feature Selection: [X] Intel AMT
ME FW Update Interface: [X] ME and TPM
ME Power Control
ME ON in Host Sleep States: [X] S0-S5
--------------------------------------------
AMT Configuration
Host Name: PC01
TCP/IP: DHCP Enabled
Domain Name: foo.de
Provision Model: Enterprise
Setup and Configuration
Current Provisioning Mode: PSK
Provisioning Record
TLS Provisioning Mode: PSK
Provisioning IP:
Date of Provision: 8/31/2009 at 11:40
Provisioning Server address: Port: 9971
TLS PSK
TLS PSK Configuration
Set PID and PPS:
TLS PKI
Remote Configuration: [X] Enabled
Manage Certificate Hashes:
FQDN of provisioning server: provision.foo.de
PKI DNS Suffix: foo.de
SOL/IDE-R: [X] Enabled
Password Policy: [X] Default Password only
Secure Firmware Update: [X] Enabled
PTRC:
Idle Timeout: 1
--------------------------------------------
ME Password
mailto:P@ssword P@ssword
#
INTEL SCS
Serivce Status:
Service name: Provision
Version: 5.2.0.34
Status: Running
default profile
Enabled interfaces: [X] Web UI, [X] Serial Over LAN, [X] IDE Redirection
Power Management Settings: Allways On (S0-S5)
Idle Timeout 3 Minutes
New MEBx password: mailto:P@ssword P@ssword
Encryption mode: (*) force encryption
Kerberos clock tolerance: 5
Network Settings: [ ] Use VLAN, [X] Enable ping response
Optional Settings: [X] ACL, [ ] Domains, [ ] TLS, [ ] 802.1x, [ ] WiFi, [ ]EAC, [ ] Remote Access
ACL:
Digest user: (grey) admin, (grey) [X] Randomize Password, (grey) AccessType Both, Realms (grey) [X] PT Administraton - other [ ] unchecked
AD user: cn=domain-admins,dc=foo,dc=de, AccessType: Both, Realms all [X] checked
Plattform Collections
Using Profile default profile (1)
Configured (0)
Not Configured (0)
Under Using Profile default profile (1)
UUID:
FQDN: PC01.foo.de
Status: InConfiguration
version: 4.1.11
green connector
Plattform
Properties
FQDN: PC01.foo.de
UUID:
AD OU: ou=my computers,dc=foo,dc=de
Profile: default profile
Configuration Status: Configured
Admin Password: admin
Advanced
Connection STatus: AMT is connected
Configuration communication type: PSK
Intel AMT Version: 4.1.11
Las Clock Sync: N/A
SKU: Intel vPro
Last Admin Password Update: N/A
Last Configuraiton: N/A
History
ExtendConfigWindowOfOpportunity InQueue 12:12
ExtendConfigWindowOfOpportunity Succeeded 12:07
Configuration InProgress 12:07
Profile
Profile Components
Trusted Root Certificates
foo root CA
valid from: 27.08.2007 to 27.08.2012
all given directives and all application directives (in German: Alle ausgegebenen Richtlinien, Alle Anwendungsrichtlinien)
Version: V3
Serial:
Requester: CN=foo root CA, DC=foo, DC=de
Signature algorithm sha1RSA
Public Key: RSA 2048 Bits
certification template: CA
key usage: approved, zertificate signature, offline signing of certification revoke list, signing of certification revoke list (46)
in German: Zugelassen, Zertifikatssignatur, Offline Signieren der Zertifikatsperrliste, Signieren der Zertifikatssperrliste (46)
keysign or requester (in German: Schlüsselkennung des Antragsstellers):
Version of...
Link Copied
0 Replies

Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page