Intel Active Management Technology v4.0 Скачать руководство пользователя страница 1

Страница: 1 / 143

Intel® Active Management Technology v4.0

Administrator's Guide

Overview

Product Overview

Operational Modes

Setup and Configuration Overview

Provisioning Methods

Menus and Defaults

MEBx Settings Overview

ME Configuration Menu

AMT Configuration Menu

MEBx Defaults

Setup and Configuration

Methods Overview

Configuration Service

MEBx Interface

(Enterprise Mode)

MEBx Interface

(SMB Mode)

System Deployment

Operating System Drivers

Management

Intel AMT Web GUI

AMT Redirection (SOL/IDE-R)

AMT Redirection Overview

Troubleshooting

Troubleshooting

If you purchased a DELL™ n Series computer, any references in this document to Microsoft

Windows

operating systems

are not applicable.

Information in this document is subject to change without notice.

Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.

Trademarks used in this text: Dell, Latitude, and the DELL logo are trademarks of Dell Inc.; Intel is a registered trademark of Intel Corporation in

the U.S. and other countries; Microsoft and Windows are either trademarks or registered trademarks of Microsoft Corporation in the United States

and/or other countries.

Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products.

Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

August 2008 Rev. A00

Содержание Active Management Technology v4.0

Страница 1: ...dows operating systems are not applicable Information in this document is subject to change without notice 2008 Dell Inc All rights reserved Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc is strictly forbidden Trademarks used in this text Dell Latitude and the DELL logo are trademarks of Dell Inc Intel is a registered trademark of Intel Corporat...

Страница 2: ...ort Several independent software vendors ISVs are building software packages to work with Intel AMT features This provides IT administrators many options when it comes to remotely managing the networked computer assets within their company Features and Benefits Intel AMT Features Benefits Out of band OOB access Allows remote management of platforms regardless of system power or operating system st...

Страница 3: ...e Dell computer is defaulted to Enterprise mode when it leaves the factory The mode can be changed during the setup and configuration process Small Medium Business SMB mode This mode is a simplified operational mode that does not support TLS and does not require a setup application SMB mode is for customers who do not have independent software vendor ISV management consoles or the necessary networ...

Страница 4: ...few seconds When Intel AMT is set up and configured you can reconfigure the technology as needed for your business environment Once Intel AMT is set up in SMB mode the computer does not have to initiate any configuration across the network It is set up manually and is ready to use with the Intel AMT Web GUI Intel AMT Setup and Configuration States The act of setting up and configuring Intel AMT is...

Страница 5: ...ce the computer is in the setup state you can continue to configure it manually or connect it to a network where it connects with an SCS and begin Enterprise Mode Intel AMT configuration IT TLS PSK IT TLS PSK Intel AMT setup and configuration is usually performed in a company s IT department The following are required Setup and configuration server Network and security infrastructure Intel AMT cap...

Страница 6: ...E non volatile memory NVM until you exit MEBx Hence if MEBx crashes the changes made until that point are NOT going to be committed to ME NVM Access MEBx Configuration User Interface The MEBx configuration user interface can be accessed on a computer through the following steps 1 Turn on or restart your computer 2 When the blue DELL logo appears press Ctrl p immediately If you wait too long and th...

Страница 7: ...the same on all newly deployed platforms You must change the default password before changing any feature configuration options The new password must include the following elements Eight characters One uppercase letter One lowercase letter A number A special nonalphanumeric character such as or excluding the and characters The underscore _ and spacebar are valid password characters but do NOT add ...

Страница 8: ... This page allows you to configure the specific functions of the ME such as features power options and so on Below are quick links to the various sections Intel ME State Control Intel ME Firmware Local Update Intel ME Features Control Manageability Feature Selection Intel ME Power Control Intel ME ON in Host Sleep States Intel ME State Control When the ME State Control option is selected on the ME...

Страница 9: ... disabled with the Disabled option Instead it is paused at the very early stage of its booting so the computer has no traffic originating from the ME on any of its busses ensuring that an you can debug a computer problem without worrying about any role the ME might have played in it Intel ME Firmware Local Update This option on the ME Platform Configuration menu sets the policy for allowing the ME...

Страница 10: ... Features Control menu contains the following configuration selection Manageability Feature Selection When you select the Manageability Feature Selection option on the ME Features Control menu the ME Manageability Feature menu appears ...

Страница 11: ...lected ASF ASF manageability feature is selected When you change the option from Intel AMT to None a warning that Intel AMT un provisions automatically if you accept the change appears The None option has no manageability feature provided by the ME computer In this case the firmware is loaded i e ME is still enabled but the management applications remain disabled Intel ME Power Control To comply w...

Страница 12: ... turned ON The default power package is Mobile ON in S0 The end user administrator can choose which power package is used depending on computer usage The power package selection page can be seen above Information on this page provided by Intel Back to Contents Page ...

Страница 13: ...uter technology terms such as TCP IP DHCP VLAN IDE DNS subnet mask default gateway and domain name Explaining these terms is beyond the scope of this document The Intel AMT Configuration page contains the user configurable options listed below For images of these menu options refer to the Enterprise Mode Setup and SMB Mode Setup pages of this document Menu Options Host Name TCP IP Provision Model ...

Страница 14: ...e Subnet mask The subnet mask used to determine what subnet IP address belongs to Default Gateway address The default gateway of the Intel Management Engine Preferred DNS address Preferred domain name server address Alternate DNS address Alternate domain name server address Domain name Domain name of the Intel Management Engine Provision Model The following provisioning models are available Provis...

Страница 15: ... used PKI only FQDN FQDN of the provisioning server mentioned in certificate PKI only Serial Number The 32 character that indicate the Certificate Authority serial numbers Time Validity Pass Indicates whether the certificate passed the time validity check Provisioning Server The IP address and port number 0 65535 for an Intel AMT provisioning server This configuration is only shown for the enterpr...

Страница 16: ...S Enter the PID and PPS in the dash format Ex PID 1234 ABCD PPS 1234 ABCD 1234 ABCD 1234 ABCD 1234 ABCD A PPS value of 0000 0000 0000 0000 0000 0000 0000 0000 does not change the setup configuration state If this value is used the setup and configuration state stays as Not started Delete PID and PPS Deletes the current PID and PPS stored in ME If there is no PID and PPS entered the MEBX returns an...

Страница 17: ...ocess is in process This parameter can only be modified while the computer is in the factory default or un provisioned state Enabling disabling remote configuration causes a partial un provision if the setup and configuration is In process Manage Certificate Hashes Select the Manage Certificate Hashes option under the Remote Configuration menu to display the Manage Certificate Hashes menu Four def...

Страница 18: ...ressing Enter you are prompted to enter the certificate hash value 3 The certificate hash value is a 20 byte hexadecimal number You must enter the hash data in the correct format or the message Invalid Hash Certificate Entered Try Again is displayed Upon pressing Enter you are asked about setting the active state of the hash 4 This query allows for setting the active state of the customized hash Y...

Страница 19: ...The details of the selected certificate hash are displayed to include the hash name the certificate hash data and the active and default states Set FQDN When the Set FQDN option is selected under the Remote Configuration menu you are prompted to enter the Fully Qualified Domain Name FQDN of the Provisioning Server Set PKI DNS Suffix When the Set PKI DNS Suffix option is selected under the Remote C...

Страница 20: ...ings to their default values If a PID PPS value is present both values are lost The MEBx password remains untouched CMOS clear This un provision option is not available in the MEBx This option clears all values to their default values If a PID PPS is present both values are lost The MEBx password resets to the default value admin To invoke this option you need to clear the CMOS i e system board ju...

Страница 21: ...ugh Kerberos If Kerberos is not used you have the choice to enable or disable user authentication on the SOL IDER session Serial Over LAN SOL DISABLED ENABLED SOL allows the Intel AMT managed client console input output to be redirected to the management server console IDE Redirection IDE R DISABLED ENABLED IDE R allows the Intel AMT managed client to be booted from remote disk images at the manag...

Страница 22: ...below the network password and the MEBX password may be different The settings are Default Password Only MEBX password and the network password will only be synched when the password is changed from the default password After the MEBX password is changed from the default value the network password and the MEBX password maybe different During Setup and Configuration MEBX password and the network pa...

Страница 23: ... user name and password are not supplied the firmware cannot be updated When the secure firmware update feature is enabled you are able to update the firmware using the secure method Secure firmware updates pass through the LMS driver If secure and local firmware update is disabled the user must enable secure firmware update or local firmware update to allow the firmware updates ...

Страница 24: ...T UTC format YYYY MM DD HH MM SS Valid date range is 1 1 2004 1 4 2021 Setting PRTC value is used for virtually maintaining PRTC during power off G3 state This configuration is only displayed for the Enterprise Provision Model ...

Страница 25: ...Use this setting to define the ME WOL idle timeout When this timer expires the ME enters a low power state This timeout only takes affect when one of the ME WOL power policies is selected Enter the value in minutes ...

Страница 26: ...l AMT Configuration Select and press Enter Host Name Example IntelAMT This is the same as the operating system machine name TCP IP Set the parameters as follows Enable Network interface Enable DHCP Mode Set a domain name e g amt intel com Provision Model Intel AMT 4 0 Mode Small Business SOL IDE R Enable SOL Enable IDE R Remote FW Update Enabled Save and exit MEBx and then boot the computer to the...

Страница 27: ...el AMT Configuration Select and press Enter Host Name Example IntelAMT TCP IP Set the parameters as follows Enable Network interface Disable DHCP Mode Set an IP address e g 192 168 0 15 Set a subnet mask e g 255 255 255 0 The default gateway address is optional The preferred DNS address is optional The Alternate DNS address is optional Set the domain name e g amt intel com Provision Model Intel AM...

Страница 28: ...ration Default Settings Host Name TCP IP DHCP Enabled Disable N Domain Name blank2 Provision Model Enterprise Change to Small Business N Setup and Configuration Current Provisioning Mode Provisioning Mode PKI Provisioning Record Displays the provision PSK PKI record data of the computer Provisioning Server Provisioning Server Address 0 0 0 0 Port Number 0 65535 0 TLS PSK Set PID and PPS blank form...

Страница 29: ...xFFFF 1 Default setting May cause Intel AMT partial unprovision 1 Intel ME Platform State Control is only changed for Management Engine ME troubleshooting 2 In Enterprise mode DHCP automatically loads the domain name 3 Un provision setting only seen if the box is provisioned Back to Contents Page ...

Страница 30: ...ng process from a GUI console on their server with only one touch on each of the Intel AMT capable computers The PPS and PID fields are completed using a file created by the configuration service saved to a USB mass storage device MEBx interface The IT administrator manually configures the Management Engine BIOS Extension MEBx settings on each Intel AMT ready computer The PPS and PID fields are co...

Страница 31: ...packs and connects computers if necessary 2 Inserts the USB drive key into a computer 3 Turns on that computer 6 The computer BIOS detects the USB drive key If found the BIOS looks for a setup bin file at the beginning of the drive key Go to step 7 If no USB drive key or setup bin file is found then restart the computer Ignore the remaining steps 7 The computer BIOS displays a message that automat...

Страница 32: ...ed by independent software vendors ISVs and is contained within the ISV management console product Consult with the management console supplier for more information Follow the steps below to set up and configure Intel AMT in the Enterprise mode ME Configuration To enable Intel Management Engine ME on the target platform 1 Press Ctrl p at the Dell logo screen to enter the MEBx screens 2 Type admin ...

Страница 33: ...d password characters but do NOT add to the password complexity 4 Change the password to establish Intel AMT ownership The computer then goes from the factory default state to the setup state 5 Select Intel ME Configuration and then press Enter ME Platform Configuration allows you to configure ME features such as power options firmware update capabilities and so on ...

Страница 34: ...6 Press y when the following message appears System resets after configuration change Continue Y N ...

Страница 35: ...e Control is the next option The default setting for this option is Enabled Do not change this setting to Disabled If you want to disable Intel AMT change the Manageability Feature Selection option to None in step 9 ...

Страница 36: ...7 Select Intel ME Firmware Local Update Press Enter 8 Then select either Enabled or Disabled and press Enter The default setting for this option is Disabled ...

Страница 37: ...9 Select Intel ME Features Control and then press Enter ...

Страница 38: ...Manageability Feature Selection is the next option This feature sets the platform management mode The default setting is Intel AMT Selecting the None option disables all remote management capabilities ...

Страница 39: ...10 Select Return to Previous Menu and then press Enter ...

Страница 40: ...11 Select Intel ME Power Control and then press Enter ...

Страница 41: ...Intel ME ON in Host Sleep States is the next option The default setting is Mobile ON in S0 ...

Страница 42: ...12 Select Return to Previous Menu and then press Enter ...

Страница 43: ...13 Select Return to Previous Menu and then press Enter ...

Страница 44: ...tel AMT settings Intel AMT Configuration To enable Intel AMT Configuration settings on the target platform perform the following steps 1 At the initial boot screen press Ctrl p to re enter the MEBx screens as seen in step 1 of Enabling Management Engine for Enterprise Mode 2 When a prompt for the password appears enter the new Intel ME password 3 Select Intel AMT Configuration and then press Enter...

Страница 45: ...que name for this Intel AMT machine and then press Enter Spaces are not accepted in the host name Make sure there is not a duplicate host name on the network Host names can be used in place of the computer s IP for any applications requiring the IP address ...

Страница 46: ...6 Select TCP IP Press Enter 7 Press n when the following message appears DHCP Enable Disable DHCP Y N ...

Страница 47: ...8 Type the domain name into the Domain name field ...

Страница 48: ...9 Select Provision Model from the menu and then press Enter 10 Press n when the following message appears Enterprise change to Small Business Y N ...

Страница 49: ...11 Select Setup and Configuration from the menu and then press Enter ...

Страница 50: ...12 Select Current Provisioning Mode to display the current mode and then press Enter The current provisioning mode is displayed Press Enter or Esc to exit ...

Страница 51: ...ss Enter The screen displays the provision PSK PKI record data of the computer If the data has not been entered the MEBX displays a message that states Provision Record not present If the data is entered the Provision Record displays one of several messages ...

Страница 52: ...14 Select Provisioning Server from the menu and then press Enter ...

Страница 53: ...er IP in the Provisioning server address field and press Enter The default setting is 0 0 0 0 This default setting works only if the DNS server has an entry that can resolve the provision server to the IP of the provisioning server ...

Страница 54: ...mber field and press Enter The default setting is 0 If left at the default setting of 0 the Intel AMT attempts to contact the provisioning server on port 9971 If the provisioning server is listening on a different port enter it here ...

Страница 55: ...17 Select TLS PSK from the menu and then press Enter ...

Страница 56: ...enerates the codes This option is for entering the provisioning ID PID and provisioning passphrase PPS PIDs are eight characters and PPS are 32 characters There are dashes between every set of four characters so including dashes PIDs are nine characters and PPS are 40 characters An SCS must generate these entries ...

Страница 57: ... Delete PID and PPS option This option returns the computer to factory defaults See the Return to Default section for more information about unprovisioning 19 Select Return to Previous Menu and then press Enter ...

Страница 58: ...20 Select TLS PKI from the menu and then press Enter ...

Страница 59: ...Select Remote Configuration Enable Disable from the menu and then press Enter This option is Disabled by default and can be Enabled if the network infrastructure does not support a Certificate Authority CA ...

Страница 60: ...22 If Enabled refer to steps 19 through 21 If not Enabled skip to step 22 ...

Страница 61: ...Manage Certificate Hashes option is the next option Four hashes are configured by default Hashes can be deleted or added per customer needs ...

Страница 62: ...23 Select Set FQDN from the menu and then press Enter 24 Type the FQDN of the provisioning server in the text field and press Enter ...

Страница 63: ...25 Select Set PKI DNS Suffix from the menu Press Enter 26 Type the PKI DNS Suffix in the text field and press Enter ...

Страница 64: ...27 Select Return to Previous Menu and press Enter ...

Страница 65: ...28 Select Return to Previous Menu and then press Enter This returns you to the Intel AMT Configuration menu ...

Страница 66: ...Skip the Un Provision option This option returns the computer to factory defaults See the Return to Default section for more information about unprovisioning ...

Страница 67: ...29 Select SOL IDE R and then press Enter ...

Страница 68: ...30 Press y when the following message appears Caution System resets after configuration changes Continue Y N ...

Страница 69: ...User name Password 31 Select Enabled and then press Enter This option allows you to add users and passwords from the WebGUI If the option is disabled then only the administrator has MEBx remote access ...

Страница 70: ...32 For Serial Over LAN SOL IDE R select Enabled and then press Enter ...

Страница 71: ...33 For IDE Redirection select Enabled and then press Enter ...

Страница 72: ...Secure Firmware Update is the next option The default setting is Enabled ...

Страница 73: ...Skip Set PRTC ...

Страница 74: ...Idle Timeout is the next option The default setting is 1 This timeout is applicable only when a WoL option is selected for enabling ME for the Enterprise operating mode ...

Страница 75: ...34 Select Return to Previous Menu and then press Enter ...

Страница 76: ...35 Select Exit and then press Enter ...

Страница 77: ...36 Press y when the following message appears Are you sure you want to exit Y N ...

Страница 78: ...The computer restarts Turn off the computer and disconnect the power cable The computer is now in setup state and is ready for deployment Back to Contents Page ...

Страница 79: ...Business instead of Enterprise Follow the steps below to set up and configure Intel AMT in the SMB mode ME Configuration To enable Intel Management Engine ME on the target platform perform the following steps 1 Press Ctrl p at the Dell logo screen to enter the MEBx screens 2 Type admin in the Intel ME Password field Press Enter Passwords are case sensitive You must change the default password befo...

Страница 80: ... but do NOT add to the password complexity 5 Change the password to establish Intel AMT ownership The computer then goes from the factory default state to the setup state 6 Select Intel ME Configuration and then press Enter ME Platform Configuration allows you to configure ME features such as power options firmware update capabilities and so on ...

Страница 81: ...7 Press y when the following message appears System resets after configuration change Continue Y N ...

Страница 82: ...ol is the next option The default setting for this option is Enabled Do not change this setting to Disabled If you want to disable Intel AMT change the Manageability Feature Selection option to None later in this procedure ...

Страница 83: ...8 Select Intel ME Firmware Local Update and then press Enter 9 Select either Enabled or Disabled and then press Enter The default setting for this option is Disabled ...

Страница 84: ...10 Select Intel ME Features Control and then press Enter ...

Страница 85: ...Manageability Feature Selection is the next option This feature sets the platform management mode The default setting is Intel AMT Selecting the None option disables all remote management capabilities ...

Страница 86: ...11 Select Return to Previous Menu and then press Enter ...

Страница 87: ...12 Select Intel ME Power Control and then press Enter ...

Страница 88: ...Intel ME ON in Host Sleep States is the next option The default setting is Mobile ON in S0 ...

Страница 89: ...13 Select Return to Previous Menu and then press Enter ...

Страница 90: ...14 Select Return to Previous Menu and then press Enter ...

Страница 91: ...s After the ME configuration is complete you can configure the Intel AMT settings Intel AMT Configuration Enabling Intel AMT for SMB Mode 1 At the initial boot screen press Ctrl p to re enter the MEBx screens 2 When a prompt for the password appears enter the new Intel ME password 3 Select Intel AMT Configuration and then press Enter ...

Страница 92: ...que name for this Intel AMT machine and then press Enter Spaces are not accepted in the host name Make sure there is not a duplicate host name on the network Host names can be used in place of the computer s IP for any applications requiring the IP address ...

Страница 93: ...6 Select TCP IP and then press Enter 7 Press n when the following message appears DHCP Enable Disable DHCP Y N ...

Страница 94: ...8 Type the domain name into the field ...

Страница 95: ...9 Select Provision Model from the menu and then press Enter 10 Press y when the following message appears Enterprise change to Small Business Y N ...

Страница 96: ...11 Skip the Un Provision option This option returns the computer to factory defaults See the Return to Default section for more information about unprovisioning 12 Select SOL IDE R Press Enter ...

Страница 97: ...13 Press y when The following message appears Caution System resets after configuration changes Continue Y N ...

Страница 98: ...4 Select Enabled for Username Password and then press Enter This option allows you to add users and passwords from the WebGUI If the option is disabled then only the administrator has MEBx remote access ...

Страница 99: ...15 For Serial Over LAN select Enabled and then press Enter ...

Страница 100: ...16 For IDE Redirection select Enabled and then press Enter ...

Страница 101: ...Secure Firmware Update is the next option The default setting is Enabled ...

Страница 102: ...17 Skip Set PRTC ...

Страница 103: ...is the next option The default setting is 1 This timeout is applicable only when a WoL option is selected for Intel ME ON in Host Sleep States screen of the process for enabling ME for the Enterprise operating mode ...

Страница 104: ...18 Select Return to Previous Menu and then press Enter ...

Страница 105: ...19 Select Exit and then press Enter ...

Страница 106: ...20 Press y when the following message appears Are you sure you want to exit Y N ...

Страница 107: ...21 After the computer restarts turn off the computer and disconnect the power cable The computer is now in setup state and is ready for deployment Back to Contents Page ...

Страница 108: ...the end user There is no feedback mechanism to tell you that the computer is broadcasting the message The SCS uses the information in the Hello message to initiate a Transport Layer Security TLS connection to the Intel AMT capable computer using a TLS Pre Shared key PSK cipher suite if TLS is supported The SCS uses the PID to look up the provisioning passphrase PPS in the provisioning server datab...

Страница 109: ...nzips and prompts the user to continue the installation process Once you install the SOL LMS driver the PCI Serial Port entry becomes the Intel Active Management Technology SOL COM3 entry HECI Driver The Intel AMT Host Embedded Controller Interface HECI driver is available on support dell com and on the ResourceCD under Chipset Drivers The driver is labeled Intel AMT HECI Once the driver is obtain...

Страница 110: ...r on the same subnet as the Intel AMT computer 3 Connect to the IP address specified in the MEBx and port of the Intel AMT capable computer example http ip_address 16992 or http 192 168 2 1 16992 By default the port is 16992 Use port 16993 and https to connect to the Intel AMT WebGUI on a computer that has been configured and set up in the Enterprise mode If DHCP is used then use the fully qualifi...

Страница 111: ...console Similarly the management console may send serial data over the LAN connection that appears to have come through the client s serial port IDE Redirection Overview IDE Redirection IDER is capable of emulating an IDE CD drive or a legacy floppy or LS 120 drive over a standard network connection IDER enables a management machine to attach one of its local drives to a managed client over the ne...

Страница 112: ...onfiguration screen Provisioning Server Set PID and PPS and Set PRTC options are available again because the computer is set to the default Enterprise Mode 2 Select Return to previous menu 3 Select Exit and then press y The computer restarts Firmware Flash Flash the firmware to upgrade to newer versions of Intel AMT The automatic flash feature can be disabled by selecting Disabled under the Secure...

Страница 113: ...Bad ME memory configuration DIMM A is located beneath the keyboard For instructions on accessing this slot refer to the system documentation Back to Contents Page ...

Страница 114: ... process Also a USB storage device is required and must conform to the requirements listed on the Using a USB Device page The nature of management software is that it is not always dynamic or real time In fact sometimes if you tell a computer to do something such as to reboot you may just have to do it again and it will work Format a USB device with the FAT16 file system and no volume label and th...

Страница 115: ...Click the to expand the Intel AMT Getting Started section ...

Страница 116: ...Click the to expand the Section 1 Provisioning section ...

Страница 117: ...Click the to expand the Basic Provisioning without TLS section ...

Страница 118: ...Select Step 1 Configure DNS The notification server with an out of band management solution installed must be registered in DNS as ProvisionServer ...

Страница 119: ...Click Test on the DNS Configuration screen to verify that DNS has the ProvisionServer entry and that it resolves to the correct Intel setup and configuration server SCS ...

Страница 120: ...The IP address for the ProvisionServer and Intel SCS are now visible ...

Страница 121: ...Select Step 2 Discovery Capabilities ...

Страница 122: ...Verify that the setting is Enabled If Disabled click the check box next to Disabled and click Apply ...

Страница 123: ...Select Step 3 View Intel AMT Capable Computers ...

Страница 124: ...Any Intel AMT capable computers on the network are visible in this list ...

Страница 125: ...Select Step 4 Create Profile ...

Страница 126: ...Click the plus symbol to add a new profile ...

Страница 127: ... the administrator can modify the profile name and description along with the password The administrator sets a standard password for easy maintenance in the future Select the manual radio button and enter a new password ...

Страница 128: ...n the MEBx The TLS Transport Layer Security tab provides the ability to enable TLS If enabled several other pieces of information are required including the certificate authority CA server name CA common name CA type and certificate template The ACL access control list tab is used to review users already associated with this profile and to add new users and define their access privileges ...

Страница 129: ...for Intel AMT as well as an Idle Timeout setting It is recommended that Idle timeout is always set to 0 for optimal performance The setting for the Power Policy tab can potentially impact a computer s ability to remain E Star 4 0 compliant Select Step 5 Generate Security Keys ...

Страница 130: ...Select the icon with the arrow pointing out to Export Security Keys to USB Key ...

Страница 131: ...Select the Generate keys before export radio button ...

Страница 132: ...mber of computers that need to be provisioned The default is 50 The Intel ME default password is admin Configure the new Intel ME password for the environment Click Generate Once the keys have been created a link appears to the left of the Generate button ...

Страница 133: ...ng Serverr Click the Download USB key file link to download setup bin file to the USB device The USB device is recognized by default save the file to the USB device If additional keys are needed in the future the USB device must be reformatted before saving the setup bin file to it ...

Страница 134: ...in the File Download dialog box b Verify the Save in location is directed to the USB device Click Save c Click Close in the Download complete dialog box The setup bin file is now visible in the drive explorer window ...

Страница 135: ...ows to return to the Altiris Console Take the USB device to the computer insert the device and turn on the computer The USB device is recognized immediately and you are prompted to Continue with Auto Provisioning Y N Press y Press any key to continue with system boot ...

Страница 136: ...Once complete turn off the computer and move back to the management server Select Step 6 Configure Automatic Profile Assignments ...

Страница 137: ...Verify that the setting is enabled In the Intel AMT 2 0 dropdown select the profile created previously Configure the other settings for the environment ...

Страница 138: ...Select Step 7 Monitor Provisioning Process ...

Страница 139: ...r which the keys were applied begin to appearing in the system list At first the status is Unprovisioned then the system status changes to In provisioning and finally it changes to Provisioned at the end of the process ...

Страница 140: ...Select Step 8 Monitor Profile Assignments ...

Страница 141: ...The computers for which profiles were assigned appear in the list Each computer is identified by the FQDN UUID and Profile Name columns ...

Страница 142: ...Once the computers are provisioned they are visible under the Collections folder in All configured Intel AMT computers ...

Страница 143: ...Back to Contents Page ...

Результаты поиска

Содержание Active Management Technology v4.0

Отзывы:

Похожие инструкции для Active Management Technology v4.0

Бренды по названию

Популярные бренды

Intel Active Management Technology v4.0, Руководство администратора

Результаты поиска

Содержание Active Management Technology v4.0

Отзывы:

Похожие инструкции для Active Management Technology v4.0

Бренды по названию

Популярные бренды