Intel vPro® Platform
Intel Manageability Forum (Intel® EMA, AMT, SCS & Manageability Commander)
This community is designed for sharing of public information. Please do not share Intel or third-party confidential information here.
2616 Discussions

SCS: plattform status: In Configuration

Community Manager



can somebody help me? I try to configure my first AMT device.

The device is in the SCS in status: "In Configuration".

What have I to do to get it configured?


In the client software "Intel Management and Security Status" I see:


Intel AMT Status:


Status: Not configured


Mode: Ready for configuration


Firmware Version:

Advanced Information:


Advanced Systemdetails:


System UUID:


Intel ME Driver: active


LMS: active: 4.10.1042


power directive: N/A

I have installed the Service with IIS 6.0, SOAP, a root certificate of our domain CA, enhanced the schema, configured option 15 of the DHCP to and generate 50 pairs of PID and PPS.


I have set password, one pair of the sets of PID and PPS and the set the FQDN of my AMT device.


I have set the FQDN in the plattform in the SCS, set the OU, set the profile to "default profile" and authorized AMT.


Here are my settings:





Management Engine BIOS Extension v4.0.4.0006




ME Configuration


ME State Control: [X] Enabled


ME Firmware Local Update Qualifier: [X] Always open


ME Features Control


Manageability Feature Selection: [X] Intel AMT


ME FW Update Interface: [X] ME and TPM


ME Power Control


ME ON in Host Sleep States: [X] S0-S5




AMT Configuration


Host Name: PC01


TCP/IP: DHCP Enabled


Domain Name:


Provision Model: Enterprise


Setup and Configuration


Current Provisioning Mode: PSK


Provisioning Record


TLS Provisioning Mode: PSK


Provisioning IP:


Date of Provision: 8/31/2009 at 11:40


Provisioning Server address: Port: 9971




TLS PSK Configuration


Set PID and PPS:




Remote Configuration: [X] Enabled


Manage Certificate Hashes:


FQDN of provisioning server:


PKI DNS Suffix:


SOL/IDE-R: [X] Enabled


Password Policy: [X] Default Password only


Secure Firmware Update: [X] Enabled




Idle Timeout: 1




ME Password


mailto:P@ssword P@ssword




Serivce Status:


Service name: Provision




Status: Running

default profile


Enabled interfaces: [X] Web UI, [X] Serial Over LAN, [X] IDE Redirection


Power Management Settings: Allways On (S0-S5)


Idle Timeout 3 Minutes


New MEBx password: mailto:P@ssword P@ssword


Encryption mode: (*) force encryption


Kerberos clock tolerance: 5


Network Settings: [ ] Use VLAN, [X] Enable ping response


Optional Settings: [X] ACL, [ ] Domains, [ ] TLS, [ ] 802.1x, [ ] WiFi, [ ]EAC, [ ] Remote Access




Digest user: (grey) admin, (grey) [X] Randomize Password, (grey) AccessType Both, Realms (grey) [X] PT Administraton - other [ ] unchecked


AD user: cn=domain-admins,dc=foo,dc=de, AccessType: Both, Realms all [X] checked

Plattform Collections


Using Profile default profile (1)


Configured (0)


Not Configured (0)

Under Using Profile default profile (1)






Status: InConfiguration


version: 4.1.11


green connector









AD OU: ou=my computers,dc=foo,dc=de


Profile: default profile


Configuration Status: Configured


Admin Password: admin




Connection STatus: AMT is connected


Configuration communication type: PSK


Intel AMT Version: 4.1.11


Las Clock Sync: N/A


SKU: Intel vPro


Last Admin Password Update: N/A


Last Configuraiton: N/A




ExtendConfigWindowOfOpportunity InQueue 12:12


ExtendConfigWindowOfOpportunity Succeeded 12:07


Configuration InProgress 12:07




Profile Components


Trusted Root Certificates


foo root CA


valid from: 27.08.2007 to 27.08.2012


all given directives and all application directives (in German: Alle ausgegebenen Richtlinien, Alle Anwendungsrichtlinien)


Version: V3




Requester: CN=foo root CA, DC=foo, DC=de


Signature algorithm sha1RSA


Public Key: RSA 2048 Bits


certification template: CA


key usage: approved, zertificate signature, offline signing of certification revoke list, signing of certification revoke list (46)


in German: Zugelassen, Zertifikatssignatur, Offline Signieren der Zertifikatsperrliste, Signieren der Zertifikatssperrliste (46)


keysign or requester (in German: Schlüsselkennung des Antragsstellers):



Version of...
0 Kudos
0 Replies