Home > Intel Communities > Open Port IT Community > Intel® vPro™ Expert Center > Blog > Tags > windows
Up to Blog Posts in Intel® vPro™ Expert Center

Intel vPro Expert Center Blog

8 Posts tagged with the windows tag
Kelsey Witherow
5

Windows 7 Coming out October 2009…
What are we getting ourselves into this time?
Read this fresh young perspective on my experience with Windows 7*…
*Note that this is from the use of Build Version 7077

With the release of Win7 coming soon, I thought that I’d have to give it a go and see, firsthand, if Win7 is what we’ve all been waiting for. At first glance I began to ooh and ahh over the pretty features and slightly more sleek appearance. Windows Vista had, in general, not done so hot when it came to public opinion. This was clearly stated in an article by InfoWorld, if you care to read that here. The transition from Windows 95 and 98 on up to Windows XP had been a little bit difficult; however, consumers saw that the upgrade outweighed the hassle. That was not the case with Vista, and so now we are coming to a new OS, Windows 7. And while I am no computer connoisseur, I am just about as typical of a user as it gets. I’m heading off to college this fall and use typical applications and apply a fair workload to my PC. After these past months experimenting with Windows7, you can bet I’ll be upgrading this October on my college laptop. It’s faster, smoother, and has a better appearance that all older versions of the Windows OS.

The first thing that caught my eye, was the awesome taskbar. No longer are your items jammed so tightly on the taskbar that, when you have many apps open, you can only see a measly 3 letters of each window. Instead, Win7 has so wisely grouped all of your windows by simply what application they’re running from. Instead of 8 individual windows for all of the e-mails you have open, you have one Microsoft Outlook icon. And when you hover your mouse over this icon, all the outlook windows you have open conveniently display right there in little boxes. This works for all your programs. As you can see below I was on my desktop and had my cursor over the MSFT icon, and it brought up, in a transparent window, all three Outlook windows that I currently had opened. This sort of gave me the idea of how a Mac has a “dock” with little icons of all your running programs. It’s a neat feature and really provides for a clean smooth transition between windows. Another cool feature is when you hover your mouse over one of the three boxes, it provides a closer look and drops off everything else you have open and just shows that window, one click and it brings back all other windows and places the one you’ve selected on top and ready to be used.

Capture.PNG

When I decided to stop playing with the new exciting taskbar, I moved on to attempt migration of my data from my Windows XP laptop to this new laptop with Win7. I was hesitant to attempt this because I was fearing that all would break loose and I would lose my data or not have everything copy properly. I was so wrong. Windows 7 made it really simple to transfer files. It identified all the data and sorted it accordingly. No folder was left empty and all of it went flush into the right sections. All my pictures, music, and files looked identical to how I had them before on my old laptop. I was rather pleased.

After getting the data I needed, I was surprised and excited to see what other cool features this computer had to offer. Being the girly girl that I am, I went straight to the desktop to search for all the new “Personalize” goodies. I was excited to see that, like Vista, it had the gadgets to place on the desktop. I put up the weather, a calendar, and a clock all adjusted to my time and location. Ok, so that isn’t so exciting for you who are coming from Vista, but if you’ve never had these “gadgets” before, it is cool. Moving on, I got to the personalization section. Windows 7 offers seven awesome “Themes” for your computer to follow, or you can create your own. In a theme, it customizes your desktop, color scheme, everything. Another cool feature is that your desktop background can shuffle pictures. I set it to take pictures from a certain folder, and it changes my desktop to a new picture every day. This adds to the sleek new look of Win7.
captureee.PNG

 

If you are moving from XP or older to Win7 you are going to be blessed with a built in search bar in the start menu. It is fantastic and instantly searches your whole computer for anything containing that keyword. You can find programs, documents, emails, etc that contain what you’re looking for. It’s so simple and is right on the bottom of the start menu. You click the Windows icon and then it says “Search Programs and Files,” type in the words you’re looking for and Ta-da! Magic. Also on the start menu, is the capability to go directly to shutdown. On Vista, you click that mischievous button that looks like it would mean shut down, and then you’re stuck in this annoying black hole where you’ve put it to sleep. On Windows 7, “Shut Down” really means shut down. It’s a glorious thing.

Capture2.PNG

Normally, on older Windows versions, you have to manually set everything in order to have a monitor and your laptop displaying your OS. However, with Win7 all I had to do was plug in the monitor and it switched over and I have yet to make changes to it. It remembers these settings and displays just on the laptop when I have taken it home, and when at work and plugged into the monitor it goes right back to the correct settings. It’s a good hassle-free feature.


While we’re going over silly features – I thought I’d take us all back to the calculator. Yes, the calculator has been one of my least favorite things on my Windows XP (can’t speak for Vista users, really, cause I’ve had minimal experience with it.) If any of you still use the calculator on your computer, you know how frustrating it is when you can’t remember if you already hit the plus sign, or what the last number you entered was, etc…well, Win7 has us geeky computer-calculator users covered! Not only does it look 10x sleeker and cooler than the only dinky flat gray one, it keeps a line of what you’ve entered and does the math as you enter it without having to hit enter.
3.PNG

Onto a little bit more commonly used feature…Internet Explorer 8: it totally rocks. The multiple “tabs” in one window has been out for a while I believe, but it still is nice, and IE 8 has added even more features. “Suggested Sites,” for example, has been one of my favorite additions. There’s a button on you I.E. window that says “Suggested Sites” and it shows a drop down window when clicked of some sites that you may like based on your viewing history. You can go further from there and click “See More Suggested Sites.” I’ve shown a screenshot of that below.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Also really cool is the ability to highlight any words on any website and click on a little blue arrow – it lets you “obtain driving directions, translate and define words, email content to others, search with ease, and more.*” For information about features and the source of that previous quote check out this site. I’ve found just one issue so far with Windows 7. Granted it could be due to the fact that I’m on an evaluation copy, it bothered me nonetheless. It’s when I’m using I.E. 8, the taskbar often beings to flicker out of control. The only way to stop my seizure-like window flashing is to hover or click the task bar enough places until it stops and returns to its normal functioning ways. It’s just a little annoying.

 

5.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

All in all I have been very pleased with Windows 7 and am greatly looking forward to getting it on my college laptop while I’m down at Arizona State. It’s a great new upgrade from Vista and certainly goes leaps and bounds above XP. It’s attracting more of that hip and cool vibe we are all looking for and is easy to use. When deciding on my computer for college, I was stuck in a dilemma that many of us face: the PC I’d always grown up with and could use with my eyes shut, or the Mac with the awesome interface and that oh-so-popular iChat. Well, I think that Win7 sealed the decision for me and has provided a more tech savvy look and an easier smoother transition that what we saw with Windows Vista. Said and done, with only one noticeable glitch, I give Windows7 a total of 4.5 out of 5 stars

5 Comments Permalink Tags: windows, os, upgrade, win7
Trevor Sullivan
2

I wanted to quickly share an example of how to set the current power state of a provisioned Intel vPro system using Windows Powershell!

 

Take a moment, and ask yourself these quick questions:

 

  • Have you ever wanted to be able to automate the powering up, or powering off, of multiple computers?
  • Is your company interested in saving money by not needlessly leaving computers powered on at night?
  • Do you have a time-critical environment, such as a call center, where you need to reliably power up your computers so they are ready to go in the morning for agents?
  • Do you want to be able to create your own helpdesk tools to enable remote reset of hung systems?

 

If you answered "yes" to any of the previous questions, then hopefully this Powershell code will help you, as an administrator, achieve your goals! Let's take a look at how to perform the actions of:

 

  • Powering up a vPro (AMT) system
  • Powering down a vPro (AMT) system (not gracefully, just FYI)
  • Power cycling a vPro (AMT) system (also not graceful)

 

For the sake of simplicity, we'll continue to work with the ManageabilityStack.AmtSystem object that I have referenced in my previous article(s). If you aren't sure how to get the $Global:Amtdevice Powershell variable, please look back at my other articles. This will also require the download of the Intel AMT Developer Toolkit. You'll need the Manageability Stack.dll library contained within.

 

-------------------

In order to control the remote power state of an AMT system, all you really need to know are these 3 hex values:

 

0x10 = System reset

0x11 = Power on

0x12 = Power off

0x13 = Reset w/ power cycle

 

These hex values will be used with the $AmtSystem.Remote.SendRemoteControl() method to alter the power state of the remote system. The SendRemoteControl() method included with the DTK includes a number of parameters that go beyond the scope of this article, so we will pass hex value 0x0 to these parameters for the time being. In order to use the above hex values, simply pass the hex value as the first parameter of the SendRemoteControl() method. In order to fulfill the parameter requirements of this method, pass 5 additional parameters with the value 0x0. Here are some examples:

 

Powering up an AMT System

 

$Result = $AmtDevice.Remote.SendRemoteControl(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

Write-Host "Power command resulted with: ${Result}"

 

Powering off an AMT System

 

$Result = $AmtDevice.Remote.SendRemoteControl(0x12, 0x0, 0x0, 0x0, 0x0, 0x0)

Write-Host "Power command resulted with: ${Result}"

 

Power cycling an AMT System

 

$Result = $AmtDevice.Remote.SendRemoteControl(0x10, 0x0, 0x0, 0x0, 0x0, 0x0)

Write-Host "Power command resulted with: ${Result}"

 

The above samples show how to use the SendRemoteControl() method of the AmtRemoteControl .NET type in the Intel AMT Developer Toolkit (DTK) to control the power state of a remote AMT device.

 

If you have any questions about this, please leave a comment or send me a private message.

 

Sincerely,

 

Trevor Sullivan

Systems Engineer

OfficeMax Corporation

2 Comments Permalink Tags: customize, vpro, roi, administrator, manageability, trevor, sullivan, script, automate, automation, developer, intel, amt, dtk, sdk, microsoft, windows, powershell
Justin Van Buren
0

At the recent Symantec ManageFusion 2009, Symantec announced the general availability of Symantec Altiris Client Management Suite Version 7.

One of the new features in Symantec Altiris Client Management Suite Version 7 is support for Intel Centrino 2 with vPro technology's "Fast Call for Help."  The video below by Symantec's Senior Technical Manager Lee Bender is a demonstration of how an end-user would connect back to the Altiris Client Management Suite for remote diagnosis and repair of his notebook even though he connect boot into Windows and is outside of the corporate firewall.

To learn more about Intel's presence at ManageFusion 2009, please go to http://www.intel.com/go/managefusion/

0 Comments Permalink Tags: bender, management, oob, intel, outside, corporate, blue, fast, centrino, diagnosis, call, with, firewall, screen, firewall., vpro, console, windows, and, for, technology, remote, repair, symantec, lee, help, altiris, v7.
Trevor Sullivan
1

         

Integrating VNC on Windows PE 2.0

                            Author: Trevor Sullivan

                      Company:    OfficeMax Corporation

                        Versions: 1.0 – April 24, 2008 – original document

Synopsis

Integrating VNC on Windows PE allows a remote user, such as a support person, to remotely control a Windows pre-execution environment, and perform administrative tasks such as deploying an operating system image, or diagnosing hardware and software problems using 3rd party tools. This image can be remotely booted in a LAN environment using the IDE-R feature of Intel AMT.

Requirements

  1. Microsoft Windows AIK v1.1 (downloadable from Microsoft)
  2. A working Windows PE 2.x CD (can be built from WAIK)
  3. UltraVNC 1.02 (downloadable from Internet)
  4. ImageX (to mount WIM files) - included with WAIK

Setting up UltraVNC

Install UltraVNC 1.02 on a development system

 

You can optionally install UltraVNC 1.02 to an Altiris SVS virtual layer to avoid making permanent changes to your development system

 

After UltraVNC is installed:

1.  Execute VNC in user-mode

2.  Run the following command: winvnc –defaultsettings

3.  You should be presented with a configuration dialog

4.  Set a password for VNC and choose to disable the tray icon

5.  Confirm the settings dialog, and stop Winvnc by running: winvnc –kill

6.  Extract the following registry tree: HKLM\Software\ORL (vnc.reg)

7.  Add the password to the default key

a.  Open the registry file (vnc.reg)

b. Create a new section (key) for HKLM\Software\ORL\Default

c.  Copy the password value from ORL to the Default key

Gathering Source Files

Copy the following list of files from the UltraVNC installation directory on the source computer into a separate working folder:

 

  • Authadmin.dll
  • Authssp.dll
  • Ldapauth.dll
  • Logging.dll
  • Logmessages.dll
  • Mslogon.acl
  • Unzip32.dll
  • Vnchooks.dll
  • Vnchooks_settings.reg
  • Vncviewer.exe
  • Winvnc.exe
  • Workgrpdomnt4.dll
  • Zip32.dll
  • Vnc.reg (from previous section)
  • Vnc.vbs (see below)

 

Trevor developed a short script to get around a problem with winvnc hanging when I’d execute it. This executes winvnc.exe asynchronously so that it continues to run in the background, but startnet.cmd will be allowed to continue. The script source is included below:

 

ScriptPath = Left(Wscript.ScriptFullname, len(Wscript.ScriptFullName) - len(Wscript.ScriptName))

set sh = CreateObject("Wscript.Shell")

sh.Run "regedit /s " & ScriptPath & "vnc.reg", 1, true

sh.Run "wpeutil disablefirewall", 0, true

sh.Run ScriptPath & "winvnc.exe", 1, false

Modifying the PE Disc

  • Mount WIM file on filesystem using ImageX
  • Copy all source files to folder on root of WIM mount path
  • Modify startnet.cmd to execute VNC vbscript using cscript.exe
    • Use the fully qualified path to the script file (eg. “cscript X:\vnc\vnc.vbs”)

Notes

  • Winvnc does not work under service mode on Windows PE; Winvnc must be run under user context
  • The registry value “password” must exist under HKLM\Software\ORL\Default, otherwise winvnc will prompt for a password upon startup

 

Trevor Sullivan

Systems Engineer

OfficeMax Corporation

1 Comments Permalink Tags: remote, tools, vnc, trevor, sullivan, configuration, pe, winvnc, control, winpe, ultravnc, microsoft, windows, imaging, deployment, manage
Trevor Sullivan
2


Hello vPro Experts!


I've got something sitting in the back of my mind, that I would like to share with you all. Unfortunately, it's simply a theory, and I have not yet had the opportunity to test it, but I am in the early stages of developing and documenting it, and would really appreciate any feedback, to help make it become a reality.


----

The Problem

 

Are you asking yourself either of these questions?


"How can I reduce the amount of overhead involved with imaging every new client system that comes through the doors, but at the same time, not shift that cost to the vendor?"


or, slightly paraphrased:


"How can I streamline the provisioning of new systems, but at the same time, not sacrifice the flexibility of having in-house imaging?"


If your support teams are imaging each desktop and laptop that is shipped from your hardware vendor, you may have investigated the option of having the vendor pre-image systems prior to shipping them out. There are a couple of caveats to this methodology though. First of all, there is usually an additional cost associated with any sort of customization that the vendor must make to a system. Secondly, if you are using a task sequence-based "imaging" process in-house, then you may not have a way of transferring that process (which is inherently network-reliant), to the vendor. Typically, in this scenario, your operating systems, applications, and Active Directory domain, are all residing on network servers that can't be contacted by the vendor during the process (unless you have some uber-fast, secure VPN link between you and them, in which case you can stop reading).


----


The Theoretical Solution (utilizing Intel vPro)


The proposed solution to the problem presented above, is actually a combination of technologies, and custom development work. In this case, I'm going to be working with the following tools:



Requirements


Here are the requirements for the process:


  • Microsoft Configuration Manager SP1
  • An Out-of-Band (OOB) service point for ConfigMgr SP1
  • ProvisionServer” DNS record pointing to out-of-band service point
  • Collection 1: SCCM collection to temporarily store resource records created by script
  • Collection 2: SCCM collection that contains provisioned vPro clients without the ConfigMgr client agent
  • ConfigMgr Task Sequence to build vPro system
  • ConfigMgr advertisement to link task sequence to Collection 2

Step-by-Step Workflow


This is the theoretical process that would be followed:


  1. Physically plug in vPro system – power and network (device remains powered off)
  2. vPro System obtains IP address and DHCP Option 15 (mydomain.com)
  3. vPro System sends “hello packet” to site server (CNAME provisionserver.mydomain.com)
  4. Script reads vPro system’s UUID from amtopmgr.log file on site server
  5. Script creates Resource Record for system in “Collection 1” with auto-provisioning enabled
    1. Use a random name for the hostname (based off of the SMBIOS UUID perhaps)
    2. Make sure to refresh the collection membership, or verify that it gets added somehow
  6. vPro System sends another hello packet to site server at built-in interval
  7. vPro System is recognized as a SCCM resource and provisions
  8. Provisioned vPro resource is automatically populated into SCCM “Collection 2
  9. Task sequence begins executing
  10. Once the operating system is installed, the device should detect a mismatching hostname between the OS and the ME firmware (this could be configured as part of the task sequence)
  11. The device will send a request to the ConfigMgr site server to re-provision the AMT firmware with the new hostname (equivalent of "Update Provisioning Data"?)


Known Issues and Risks


There is at least one known outstanding issue that I'm aware of, and there may be a way to solve it.

Possibility of over-writing an existing system

If an existing, un-provisioned system is not reporting into Configuration Manager properly, it may be incorrectly assumed to be a new, blank system. Therefore, during the build (or imaging) process, an automated check may need to be put into place to verify whether or not the system is truly a new client or not. This could theoretically be done by analyzing the filesystem, or mounting the offline registry hives, and looking for any indicators. Additionally, if a vPro device was already provisioned, it would need to be excluded from being targeted with this process.

----

Conclusion

I hope that this overview gives you some ideas about how to automate the provisioning of new enterprise clients using Intel vPro out-of-band provisioning. If you have any suggestions for improvement, I'd be interested in hearing them. If you'd like, you can download a copy of this document below.


Thanks,


Trevor Sullivan

Systems Engineer

OfficeMax Corporation

 


2 Comments Permalink Tags: sccm, configuration, manager, engineering, roi, 5.0, sccm_sp1, automation, tools, configmgr, deploy, vista, vpro, amt, trevor, provision, 3.2.1, install, windows, 4.0, dtk, xp, sullivan, automated, microsoft
Trevor Sullivan
0

Hello Intel vPro Community!

 

I'm going to talk to you today a little bit about how to use Windows Powershell to set Intel vPro power profiles. I'll provide a quick bit of background first on what power profiles are, and why you'd want to be able to set them with Powershell.

 

Intel vPro power profiles are nothing more than a setting in the Management Engine that tells the AMT chip when to be powered up, and when not to be powered up. In some cases, you may want vPro to be inactive during sleep states, or after the computer has lost power (eg. UPS failure).

 

In my case however, I want vPro to be always active. This is problematic, because Microsoft Configuration Manager's implementation of a provisioning server doesn't give you the option of setting the active power profile. Instead, during provisioning, ConfigMgr sets the active profile to whatever index "5" is. You'll actually see this in the amtopmgr.log file on your OOB (Out-Of-Band) service point during the provisioning process.

 

Because ConfigMgr decides the default power profile during provisioning, I've decided that I wanted to change it. Because Windows Powershell is an awesome automation tool, and because Intel's AMT Developer Toolkit (DTK) offers a .NET library that I can use in Powershell, I figured that I would figure out how to do it!

 

--------------------

 

You might remember my last post on how to use Powershell to connect to an AMT device. The process basically involves loading the aforementioned .NET DLL from the DTK, and then establishing a connection to the device. I didn't really get the opportunity to show you how to do a whole lot with it after making the connection though, so that's the purpose of this post! Let's go ahead and take a look at a few lines of Powershell code, so you can understand the retrieval, and setting of power profiles.

 

-------------------------------------------------

 

# In my last Powershell script, I used the $amtdevice variable

# to reference the AmtSystem .NET object. We'll assume at this point

# that you have already connected to the AMT device based

# on my last article.

$amtdevice

 

# By using the .NET Reflector tool, we can see that the AmtSystem

# object has a property called SecurityAdmin, which returns an AmtSecurityAdmin

# object.

$AmtSecAdmin = $AmtDevice.SecurityAdmin

 

# The AmtSecurityAdmin object has a method called GetPowerPackages().

# After examining this data type in .NET Reflector, we can filter for only the two

# properties we want to see, the profile ID, and its Name. We'll use the Powershell

# Select-Object cmdlet to filter this data.

$AmtSecAdmin.GetPowerPackages() | Select-Object -Property ID,Name

# You should get some output looking something like this:

# 12834f94-10fb-dc4f-968e-1e232b0c9065 Desktop: ON in S0
# ab0086a1-7f9a-424c-a6e6-bb243a295d9e Desktop: ON in S0, S3
# acab8672-b496-e248-9b9e-9b7df91c7fd4 Desktop: ON in S0, S3, S4-5
# 4dcd327b-be6b-8943-a62a-4d7bd8dbd026 Desktop: ON in S0, ME Wake in S3
# 46732273-dc23-2f43-a98a-13d37982d855 Desktop: ON in S0, ME Wake in S3, S4-5
# baa419c5-6f6e-4d8d-b227-517f7e4595db Desktop: ON in S0, S3, S4-5, OFF After Power Loss
# ede30bd6-c504-462c-b772-d18018ee2fc4 Desktop: ON in S0, ME Wake in S3, S4-5, Off After Power Loss

 

# Once we have a listing of the power profiles available on the AMT device

# we can get the one that we want, and then set it. Since I always want my

# AMT device active, no matter the system's power state, I'm going to choose

# "Desktop: ON in S0, S3, S4-5" which is index 2 (in a zero-based collection).

$TargetPowerProfile = ($AmtSecAdmin.GetPowerPackages())[2]

 

# Now that I have a variable referencing the target power profile, I will set the

# profile on the AMT device. The AmtSecurityAdmin object has a method called

# SetActivePowerPackage() that takes one parameter: the power profile we have

# a reference to.

$AmtResult = $AmtSecAdmin.SetActivePowerPackage($TargetPowerProfile)

"Setting power profile to $($TargetPowerProfile.Name) resulted in $AmtResult!"

 

##### End Setting Power Profile #####

 

# Let's also take a quick look at how to get some basic information about

# the AMT device's provisioning data. We can figure out if IDE-R, SoL, and the

# WebUI are enabled. We'll use the AmtGeneralInfo object for this.

 

# Get a reference to the AmtGeneralInfo object

$AmtInfo = $amtdevice.Info

 

# Write out the current configuration settings

"SOL Enabled: $AmtInfo.SerialOverLanEnabled"

"IDE-R Enabled: $AmtInfo.IdeRedirectEnabled"

"WebUI Enabled: $AmtInfo.WebUiEnabled"

-------------------------------------------------

 

I hope this helps get you on your way to doing some cool Powershell / vPro automation! Let me know whether or not this helps you in your endeavors

 

Trevor Sullivan

Systems Engineer

OfficeMax Corporation

0 Comments Permalink Tags: configmgr, microsoft, system, center, saver, configuration, standardize, trevor, manager, sullivan, 2007, powershell, amt, deploy, administrate, automate, sccm, sccm_sp1, administer, manage, windows, automation, scripting, time, vpro, tools, dtk, intel
Trevor Sullivan
0

Hello vPro community!

 

I rather quickly posted the Powershell code I got functioning yesterday just to make sure that I didn't forget to post it at some point, but if you're new to Powershell, you might not understand everything that's going on here. If I left your head spinning, then I apologize, but tonight, I'm wrapping back around to help describe to you the thought process behind the script I posted!

 

On top of that, once I put together some notes from earlier today, I will post later on about some of my newest findings! To give you a teaser, I found a method of setting AMT power profiles using Powershell code! I'll be sure to get this posted as soon as I can, but for now, I think it would be most beneficial to understand the basics of connecting to a vPro system.

 

I'm going to step through the script line-by-line and leave some comments about each of them. Comments will be denoted by lines beginning with a pound sign (#). This is because Powershell uses this character as a "comment" character.

 

If you're experienced with .NET, then you'll probably either already know about, or want to get familiar with, the tool known as the .NET Reflector. This utility allows you to "reflect" over a .NET library, and discover the objects, methods, and properties that are available to you to use in your Powershell scripts. It's not always a simple task to figure out how to use .NET objects, especially if there is either poor documentation, or none at all, but this tool definitely makes it easier.

 

----------------------------------

 

# The following 6 lines are simply variables that we are setting

# to make troubleshooting and customizing our script easier.

# We will be instantiating (creating) an object of the data type

# "AmtSystem" that requires these values as params to its

# constructor method.

 

# This is the domain\userID we want to authenticate as

$amtusername = "vprodemo\DomainUser"

 

# This is the password for the user account to authenticate
$amtpassword = "P@SSW0Rd"

 

# This is the FQDN of the vPro client system we want to connect to
$amthostname = "vproclient.vprodemo.com"

 

# This is the TCP port that we want to connect to the vPro client on

# TCP 16993 is used for TLS communications to AMT clients

$amtport = 16993

 

# This parameter determines whether or not your password is

# saved in the AmtSystem object (I think)
$amtrecallpassword = $false

 

# I haven't verified this, but I believe that this parameter determines

# whether or not WS-MAN is used exclusively on vPro clients

# that support it. Otherwise, it will attempt to use EOI (SOAP).
$amtwebservicesonly = $false

 

# Next, this variable stores the path to the "Manageability Stack.dll"

# which is included with the Intel AMT Developer Toolkit (DTK).

# Be sure to download the latest version from the Intel website.

# This DLL is a .NET library, written in C#, that provides an API

# to interact with Intel vPro clients.

$manageabilitystack = "C:\Program Files\Intel\Manageability Developer Tool Kit\0.6.08325.2\Manageability Stack.dll"

 

# This line uses the built-in Assembly class (part of .NET reflection)

# to load the .NET DLL containing the AMT API. The Out-Null Powershell

# cmdlet is used to suppress any console output of the LoadFile() method.

[System.Reflection.Assembly]::LoadFile("$ManageabilityStack") | Out-Null

 

# The Write-Host cmdlet is built into Powershell and simply writes

# some text to the console. We are using inline variables to dynamically

# display the information about the client we're connecting to.

Write-Host "Connecting to $amthostname on port $amtport"

 

# This is the line that's actually getting the object that we will use to

# reference our target Intel AMT client. We are creating a global variable

# name "amtdevice" and setting its value to a "New-Object" of datatype

# ManageabilityStack.AmtSystem (you can use .NET Reflector to find this)

# and then passing the parameters that we defined before to its constructor.

# If the below line wraps in your browser, please be sure to put it all on one line in your script.

$global:amtdevice = New-Object ManageabilityStack.AmtSystem -ArgumentList $amthostname,$amtport,$amtusername,$amtpassword,$amtrecallpassword,$amtwebservicesonly

 

# Footnote: With respect to variable scope in Powershell, the reason I am

# defining this as a global variable explicitly, is because if you copy and paste

# this code into a script, and then run that script from within an interactive

# Powershell session, the $amtdevice will now be defined as global to the session

# and will not be deleted when the script exits. This allows you to run the script to

# retrieve the device object, but then continue to work with it interactively once

# the connection is established!

 

# Tell the AmtSystem object that we want to use TLS

$amtdevice.UseTls = $true

# Enable WS-MAN support (if available) on the connection
$amtdevice.WsManSupport = $true

 

# Once we've set up all of our configuration options about the connection,

# this next line actually establishes the connection.

$amtdevice.Connect()

 

# The "State" property of the AmtSystem object is "Connecting" until the

# connection either succeeds or fails. We want to monitor the status until

# this occurs.

while ($amtdevice.State -eq "Connecting") { Start-Sleep 1 }

 

# Finally, once the connection either succeeds or fails, we write out the

# State property to the console so that we know what the outcome was.

Write-Host "AMT device is in state $($amtdevice.State.ToString())"

 

-----------------------------------

 

So, there you have it. That is the code, with my comments inline. If you have any questions or feedback on my articles, please feel free to comment on this blog article. I will try my best to answer them, although please understand that I am still working on comprehending this great API! If this is useful to any of you, I would like to know that, and if not, then please recommend something that you would like to hear about!

 

As promised, I will eventually write another follow-up article on how you can set Management Engine (ME) power profiles on a provisioned AMT client remotely, using Powershell! Until next time ...

 

Happy Powershell Scripting!!

 

Trevor Sullivan

Systems Engineer

OfficeMax Corporation

0 Comments Permalink Tags: microsoft, windows, powershell, 1.0, trevor, sullivan, intel, vpro, amt, firmware, automation, automate, script, administrate, administrative, deployment, configure, manage, standardize
Trevor Sullivan
3

Hello everyone!

 

I have been working on understanding the Intel AMT Developer's Toolkit (DTK) so that I can begin developing some custom tools around Intel vPro. One of the tools that I am planning on working with is Microsoft's Windows Powershell. Windows Powershell is a very powerful, object-oriented command-line replacement for Windows XP, Vista, 2003, and 2008. It's an administrative scripting language that is significantly more powerful than VBscript, and has the entire power of the Microsoft .NET Platform behind it.

 

Just today, I've had my first success in using the Intel DTK with Windows Powershell, in my quest to automate Intel vPro related tasks using Powershell!

 

This is some really cool stuff, and I just had to get it out there to share with the community. I can't wait to see what else people build off of this!

 

Here is the first sample code that I've gotten to function correctly. I'm using it against a Dell Optiplex 755 running AMT firmware version 3.2.1, which was provisioned through ConfigMgr SP1.

 

-------------

 

$amtusername = "vprodemo\DomainUser"
$amtpassword = "P@SSW0Rd"
$amthostname = "vproclient.vprodemo.local"
$amtport = 16993
$amtrecallpassword = $false
$amtwebservicesonly = $false


$manageabilitystack = "C:\Program Files\Intel\Manageability Developer Tool Kit\Manageability Stack.dll"


[System.Reflection.Assembly]::LoadFile("$ManageabilityStack") | Out-Null
Write-Host "Connecting to $amthostname on port $amtport"
$amtdevice = New-Object ManageabilityStack.AmtSystem $amthostname,$amtport,$amtusername,$amtpassword,$amtrecallpassword,$amtwebservicesonly
$amtdevice.UseTls = $true
$amtdevice.WsManSupport = $true
Write-Host "TLS: $($amtdevice.UseTls), WsMan Support: $($amtdevice.WsManSupport)"
$amtdevice.Connect()


while ($amtdevice.State -eq "Connecting")
{
Start-Sleep 1
}
Write-Host "AMT device is in state $($amtdevice.State.ToString())"

 

-------------

 

Unfortunately that's all I can post for now, but I definitely plan on continuing work on this development!

 

Trevor Sullivan

Systems Engineer

OfficeMax Corporation

3 Comments Permalink Tags: administrator, trevor, sullivan, microsoft, windows, powershell, scripting, development, automation, vpro, amt, intel, configmgr, deploy, engineer, automate, manage, administrate

Popular Blog Posts