Compaq 8100 vPro Setup and Configuration for the 8100 Elite Business PC with I - Page 40

Remote Configuration Prerequisites, MEBx and Hashes

Get Compaq 8100 - Elite Convertible Minitower PC PDF manuals and user guides View all Compaq 8100 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 40 highlights

If no SCS responds to the Hello messages within the timeout period, then the network interface that sends out the Hello messages will be disabled. The network interface can be re-enabled to send out Hello messages again by the following methods: • Restarted by a local agent. • Partial Unprovisioning through the MEBx. Once the network interface has been re-enabled it will send out Hello messages for the next 6 hours as long as the ME is active and the system is connected to a network. Remote Configuration Prerequisites RCFG requires certain prerequisites before it can be used. 1) Both the AMT system and the SCS must be on a DHCP server. The SCS must have the name of "Provisionserver" or if not, it must have an alias in DNS, and be on the same domain as the AMT system. 2) The AMT system must have at least one pre-programmed active root certificate hash. 3) The SCS must have a server certificate with the proper OID or OU values. i. OID value in the Extended Key Usage field = 2.16.840.1.113741.1.2.3 This is the unique Intel AMT OID. ii. OU value in Subject field = "Intel(R) Client Setup Certificate" This OU value is case sensitive and must be entered exactly as shown. 4) In the case of a Delayed Setup and Configuration, an OS and local agent must be installed on the AMT system. MEBx and Hashes AMT 6.0 has the feature in the MEBx to allow IT administrators to manually activate a hash and to add up to three additional certificate hashes. To enter the Remote Configuration screen in the MEBx: 1) Hit CTRL-P for the MEBx and enter the MEBx password. 2) Go into the Intel® AMT Configuration option. 3) Go into the Setup and Configuration option. 4) Choose the TLS PKI option. 40

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
40
If no SCS responds to the Hello messages within the timeout period, then the
network interface that sends out the Hello messages will be disabled.
The network interface can be re-enabled to send out Hello messages again by the
following methods:
Restarted by a local agent.
Partial Unprovisioning through the MEBx.
Once the network interface has been re-enabled it will send out Hello messages for
the next 6 hours as long as the ME is active and the system is connected to a
network.
Remote Configuration Prerequisites
RCFG requires certain prerequisites before it can be used.
1)
Both the AMT system and the SCS must be on a DHCP server.
The SCS
must have the name of “Provisionserver” or if not, it must have an alias in
DNS, and be on the same domain as the AMT system.
2)
The AMT system must have at least one pre-programmed active root
certificate hash.
3)
The SCS must have a server certificate with the proper OID or OU values.
i.
OID value in the Extended Key Usage field = 2.16.840.1.113741.1.2.3
This is the unique Intel AMT OID.
ii.
OU value in Subject field = “Intel(R) Client Setup Certificate”
This OU value is case sensitive and must be entered exactly as shown.
4)
In the case of a Delayed Setup and Configuration, an OS and local agent
must be installed on the AMT system.
MEBx and Hashes
AMT 6.0 has the feature in the MEBx to allow IT administrators to manually activate
a hash and to add up to three additional certificate hashes.
To enter the Remote Configuration screen in the MEBx:
1)
Hit CTRL-P for the MEBx and enter the MEBx password.
2)
Go into the Intel® AMT Configuration option.
3)
Go into the Setup and Configuration option.
4)
Choose the TLS PKI option.