Home > Intel Communities > Open Port IT Community > Intel® vPro™ Expert Center > Microsoft Manageability > Blog > Authors > William York
Up to Blog Posts in Microsoft Manageability

Microsoft Manageability

6 Posts authored by: William York
William York
0

On mmy SCCM Site server, I was looking througurah my AMTOPMGR.log and I noticed the following entry:

 

Error: The provisioning certificate with the thumbprint 55B7AF313A725CA10BB47A382494A3BD2927D1FB will expire in 1 day(s). Please ensure that this certificate is renewed. (CertID = 1)

 

In looking at my Provisioning Certificate loaded on my SCCM SP2 site server, I did find out the expiration date was about to hit.

 

Untitled.gif

 

So I will let this cert expire so I can report out what happens to an environment that has their provisioning certificate expire.  I will add more of these learnings after this expiration date hits.  More to come....and then type for me to re-purchase this cert so my lab continues to provision.

0 Comments Permalink Tags: sccm_sp2, provisioning, godaddy, bill_york, remote_configuration
William York
2

Here is a demonstration I created on how to setup a SCCM advertisement to remotely and securely wake-up (boot) Intel vPro systems and push an automated BIOS upgrade.  I wanted to show a useful and real-world Intel vPro Use Case that you can use today.  If there are other Use Cases you would like to see, please post your comments and I will get more of these types of videos posted.

 

Thanks,

Bill

 

2 Comments Permalink Tags: sccm_sp1, sccm, intel, vpro, bill_york, amt, configmgr, microsoft
William York
1

While working on-site with a customer and a Microsoft SCCM Technical Consultant, I was shown a great capability in the OS to force the SCCM client agent to check its AMT auto-provisioning policy at will.

 

The Windows OS ships with a utility called Windows Management Instrumentation Tester that can be used to force the SCCM agent to check its AMT Auto-Provisioning Policy (standard WMI calls). The following steps show this manual method that you can perform with this utility, either locally or remotely, to force this check. By default the SCCM server's site control file sets the agent check to automatically run every 24 hours. However, in a lab or testing environments this 24 hour default cycle is not convenient. With these steps below, you can execute this check at will or even use while troubleshooting issues. To perform these steps, you must have administrative privileges on the target OS.

 

After the manual steps listed below, Matt Royer has provided a reference to a .vbs file that performs these steps to help automate the process. Feel free to use these steps and scripts for your environment. And if you find new and/or improved methods with these WMI calls, please post for others to learn from.

Manual Steps to issue WMI command:

  • Open a command prompt and type wbemtest

    This is the Windows Management Instrumentation Tester

  • After the Windows Management Instrumentation Tester Utility Opens, click Connect

  • In the Namespace of the Connect Window, type the system name you want to force the check followed by \root\ccm

    Example: **

  • Click Connect

  • You can also simply run the command on the local system by simply leaving out the host name

  • Example: \root\ccm

 

  • After you successfully connect to the target system, click the Execute Method Button

  • In the Get Object Path window, type sms_client in the Object Path field

    Click OK

  • In the Execute Method Window, enter TriggerSchedule in the Method Field

    Click the Edit In Parameters Button

  • In the Object editor for _PARAMETERS window, Double Click the sScheduleID in the Properties field

  • In the Property Editor Window, change the Value to Not NULL and add the following {00000000-0000-0000-0000-000000000120}

    This value is the Object ID to initiate this OOB auto-provisioning check.

  • Click the Save Property button

 

  • In the Object editor for _Parameters window, click the Save Object button

  • In the Execute Method window, click the Execute Button

  • After you Execute the method, you should see a message that the Method was executed successfully

  • To confirm that your method was executed, look at the target systems c:\windows\system32\CCM\Logs\oobmgt.log

    You should now see a new entry in the log GetProvisioningSetting indicating that the policy has been re-evaluated.

 

To perform these steps automatically through a .vbs script:

  • All you need to do is run the following command:

 

cscript sendsched.vbs {00000000-0000-0000-0000-000000000120} <target vpro machine name with sccm client>

 

sendsched.vbs is piece of code included in the SMS 2003 Toolkit: http://technet.microsoft.com/en-us/sms/bb676787.aspx

 

00000000-0000-0000-0000-0000 00000120 is the scheduled ID for auto-provisioning policy.

1 Comments Permalink Tags: sccm_sp1, wryork, provisioning, vpro
William York
0

I have recently posted a new Quick Start guide to help you quickly setup your SCCM SP1 lab environment and start testing the Out of Band management capabilities for your vPro systems.

 

Intel vPro Technology Out of Band Management Quick Start Install Guide for SCCM SP1 Rev1.9.1

 

 

As always, feedback is highly encouraged and appreciated.

 

 

Thanks,

 

 

Bill

0 Comments Permalink Tags: sccm_sp1, quick_start_guide, bill_york, oob
William York
0

 

During my lab setup of SCCM and trying to get Agent Initiated Provisioning to work for a vPro system, I was running into a basic issue of the SCCM agent being able to auto-discover the SCCM Site Server. After installing the SCCM Agent on the vPro system, I would initiate, from the vPro Client, Control Panel > Configuration Manger > Advanced Tab > Configurations Settings > Discover Button, and would receive an error that the client was unable to discover the SCCM server.

 

 

So I started looking at the SCCM Help file. I ran into the section about extending the active directory to enable this site discovery (http://technet.microsoft.com/en-us/library/bb633121(TechNet.10).aspx). But not only do you need to extend the active directory, you also need to Create the System Management container, set security permissions on this container, and enable Active Directory publishing for the Configuration Manager site to this container. These steps will allow clients to automatically detect the server locator points and management points (which must be added to your SCCM Site Server).

 

 

After following these steps, I was able to immediately discover the SCCM server with my Agent installed on my vPro system. Now I can move on with the AMT provisioning process.

 

 

TechNet also provides alternative steps that allow you to update your WINS environment without extending the schema and/or publishing this information to the System Management container. You will need to determine if this WINS update is acceptable for your environment or extending the AD is the right solution (see link below). I'm curious on feedback from the community if the updating of WINS would be acceptable in your environment and what issues this would create.

 

Related links from Microsoft TechNet to enable this capability.

How to extend Active Directory for SCCM: http://technet.microsoft.com/en-us/library/bb680608(TechNet.10).aspx
Create the System Management container in AD: http://technet.microsoft.com/en-us/library/bb632591(TechNet.10).aspx
Set security permissions on the System Management container in the AD: http://technet.microsoft.com/en-us/library/bb633169(TechNet.10).aspx
Enable Active Directory publishing for the Configuration Manager site: http://technet.microsoft.com/en-us/library/bb680711(TechNet.10).aspx
Verify that Configuration Manager has published the site information to AD: http://technet.microsoft.com/en-us/library/bb693614(TechNet.10).aspx
How to Manually Add Configuration Manager Site Information to WINS: http://technet.microsoft.com/en-us/library/bb632567(TechNet.10).aspx

 

0 Comments Permalink Tags: sccm, sccm_sp1, agent_discovery
William York
0

 

Go download from Microsoft and start managing vPro today with SCCM SP1.

 

 

And when you do, make sure to checkout the Microsoft TechNet Library on SCCM: http://technet.microsoft.com/en-us/library/bb735860(TechNet.10).aspx

 

 

And drill down to the section on Out of Band Management for vPro: http://technet.microsoft.com/en-us/library/cc161989(TechNet.10).aspx (Great material).

 

 

Microsoft has done a great job with instructions on how to prepare the environment, setup OOB service, and manage vPro systems.

 

 

0 Comments Permalink

Popular Blog Posts

Incoming Links