Community
cancel
Showing results for 
Search instead for 
Did you mean: 
SCart1
Beginner
1,353 Views

vPro OOB demo AMT 8.1.20

Hi all,

I have been asked to demo vPRO Out of Band Management to a potential customer and after looking through shed loads of documentation, I got started on testing.

The client has AMT 8.1.20 build 1366

I configured the AMT client settings in the MEBx menu (ctrl+p)

Set password

Set Domain

Set IPv4 details (fixed IP etc)

everything else is at defaults.

From the system I am using to manage from, I have managed to connect using the web browser and 'http://AMT_IP_Address:16992 http://AMT_IP_Address:16992' and log in.

Everything here looks fine.

The problem I have is when I try to connect with VNC Viewer Plus.

The AMT IP is in

Security set to 'none'

Connection type to 'Intel (R) AMT KVM'

When I click connect and enter the username and password it tells me to check user permissions (It is definitely not incorrect login details as that gives a different message)

On top of the I have installed the PowerShell module and attempted to get-powerstate and it comes back with unauthorized.

Does anyone have any thoughts or suggestions?

Thanks,

Triss

PS. if you need more info please feel free to ask.

Tags (1)
0 Kudos
7 Replies
Bruno_Domignues
Employee
193 Views

Triss,

I'm assuming that you are using 'admin' user and the password that you defined, right?

In this case, there are two configuration in VNC Viewer Plus that may cause this behavior:

in VNC Viewer Start screen -> Options... -> Connection -> Uncheck "Use single sign-on if VNC Server supports it" - basically, this mark try to use you kerberos token to authenticate and as far you are not using it integrated with AD, it will fail;

Also, check 'AMT Server' tab, and see if 'connect without requiring consent' is marked - doing SMB provisioning, as you did, you can do direct connect without user consent.

See if it works.

Best Regards!

-Bruno Domingues

SCart1
Beginner
193 Views

Thanks for the direction but unfortunately I get the same response.

The fact that the PowerShell Module gives me 'Unauthorized' makes me think it's something for the AMT end. I have been looking and notice client control mode and admin control mode. Could it be anything to do with that? should I need a Certificate?

roll on remote access cards in clients No offence Intel, but this is too time consuming to figure out, through the web, a phone call with an expert could probably solve it in minutes.

Thanks again,

 

Triss
Bruno_Domignues
Employee
193 Views

Triss,

It's should be a detail that I hope we can fix in a minute

Basically, PowerShell and VNC Viewer Plus rely on IE configuration to access vPro machines and in IE you have two possible configuration for authentication, i.e. AD integrated, i.e. kerberos or digest authentication. As you mentioned that you made manual provisioning, you only have digest authentication available, that is not the default IE option. What is missing in this puzzle is the fact that you told that was able to authenticate using browser, probably you didn't use IE, right?, so try change this option in IE and try it again (uncheck Windows integration):

Hope it solve your problem and that you can do a great vPro demo

Best Regards!

-Bruno Domingues

SCart1
Beginner
193 Views

Thanks again Bruno but still no luck,

I was able to log in to the browser session with IE before removing the setting and rebooting, bit still no VNC access, same message.

'Failed to access resources IPS_KVMRedirectionSettingData, check user permissions'

PowerShell is still unauthorised too but with the IntelvProGui invoked and the login settings correct I can connect (through PS)

Any other Ideas,

Thanks,

Triss

Bruno_Domignues
Employee
193 Views

But now you brought further details... can you confirm your maker and model of your vPro system? I'm assuming that as far you can get access through WebUI and also been able to connect using PS, it's not a problem with vPro provisioning, but with KVM. I found some makers/models that beside the fact that is vPro, OEM configured the machine to use a 3rd party GPU and to KVM works you need to use Intel integrated GPU.

Best Regards!

-Bruno Domingues

SCart1
Beginner
193 Views

Hey Bruno,

It is a Dell Precision, I am looking through the documentation now but the process suggested uses USB provisioning and Dell's software requires a TLS Certificate.

All I want is simplicity

Bruno_Domignues
Employee
193 Views

Hi,

Could be that your system does not support KVM. I'm not sure about your DELL Precision model, but just taking one such http://www.dell.com/us/business/p/precision-m4800-workstation/pd this from DELL website

As you can see, this SKU uses a Graphic Card that is not Intel, so KVM will never works:

That matches with what you are experiencing.

BTW: What you have done for provisioning is right, it can simple or complex based on what security level you want and also match your infrastructure requirements, e.g. AD integration, 802.1x wired and wireless, etc.

Best Regards!

-Bruno Domingues

Reply