During the provisioning process, a certificate will be generated for each vPro client. To check to see if a certificate was issued, connect to your issuing Certificate Authority (the CA that you configured to issue the certificates via Certificate Template) and expand "Issued Certificates"; you should see your certificate in the list. Open the certificate by double clicking on it and verify that the "Issue To" is set listed as the FQDN of the vPro Client.

Are you able to perform collection based power control? Can you right click on the vpro client in the collection and select "out of band management" -> power control and use power on/off/restart on the vpro client. If you you're your certificate is most likely set up correctly. Then you should check to ensure you the AMT Object was created properly in the OU; to verify, open up the OU container and see if the object was created. It is also imperative you have the appropriate permissions created in the OU and the permissions were applied to that and the child objects. Check out the SP1 Help File Article: "How to Prepare Active Directory Domain Services for Out of Band Management" on the proper configuration.

--Matt Royer

Bill,

Unlike Bare Metal provisioning within SCCM where you need to provide the Hostname, FQDN, and UUID of the vPro client you are trying to provision and then awaiting a matching UUID hello packet from the vPro Client to initiate the provisioning... Agent Based provisioning pulls the required information (Hostname, FQDN, etc) from the OS and passes that to the Out of Band Service point to provision the vPro Client along with the One Time Password (extra security message used only for provisioning).

--Matt Royer

I am having similar issues to those experienced in this thread and need to ask for your assistance to find a resolution

The following is occurring in my environment

• Running SCCM SP1 with OOB mgmt configured

• Using Internal CA with PKI infrastructure

• MachineA has been provisioned via SCCM for the AMT device (v3.2.1) Provisiong took place after applying the CA cert root hash on the AMT device.

• In my SCCM console, I can use the power control to reboot, power on and power off the device successfully.

• I am unable to use the OOB mgmt console. I have turned on verbose logging on the OOB console and have similar logs to the log previously posted.

• There is an account for the AMT device in AD that was generated during the provisioning process

• Certs appear to be working properly. My CA shows a cert requested from the SCCM oob server, issued to machinea.domain.com. The template used was SCCM AMT web server cert.

• I did notice that in the AMT bios settings the hostname reads machinea not machinea.domain.com. When I attempt to change the host name to machinea.domain.com, I receive a rejected response.

Please let me know if and where I am overlooking the resolution. We are in the process of signing a PO for the purchase of 500 new HP DC7800P and need to confirm these machines are capable of integrating with SCCM completely

Thank you for your help in advance

Matt M

OOBconsole.log

69/24/2008 7:54:07 AM :GetAMTPowerState fail with result:0x80070035

19/24/2008 7:54:11 AM :User disconnect

19/24/2008 7:54:11 AM :Closing SOL terminal...

19/24/2008 7:54:11 AM :SOL terminal closed

19/24/2008 7:54:11 AM :status message Type:Audit, ID:0x000000004000765D, User:CBB\mamason, Machine:D6257B, Target:T6257T add to queue, waiting for report.

49/24/2008 7:54:17 AM :Executing WQL: 'SELECT * FROM SMS_Site WHERE ReportingSiteCode = '''

49/24/2008 7:54:17 AM :ResultObject: '2da39d8f-3f4d-46aa-994e-093b91d0f454'

49/24/2008 7:54:17 AM :Executing static method SMS_Identification.GetProviderVersion()

49/24/2008 7:54:17 AM :No method parameters specified

49/24/2008 7:54:17 AM :Executing static method SMS_SiteControlFile.GetSessionHandle()

49/24/2008 7:54:17 AM :No method parameters specified

49/24/2008 7:54:17 AM :SCF session handle {a0c4e582-d2c8-4e03-8499-b04ef9b09a4e} successfully aquired

49/24/2008 7:54:17 AM :Executing static method SMS_SiteControlFile.RefreshScf()

49/24/2008 7:54:17 AM :Refresh of SCF successful

49/24/2008 7:54:17 AM :Initializer '{3F32691E-24B1-4b1e-9915-37B633F39392}', will no be run, unsupported application type

49/24/2008 7:54:17 AM :Executing static method SMS_StatusMessage.RaiseRawStatusMsg()

49/24/2008 7:54:17 AM :Success report status message Type:Audit, ID:0x000000004000765C, User:domain\user1, Machine:D6257B.

49/24/2008 7:54:17 AM :Executing static method SMS_StatusMessage.RaiseRawStatusMsg()

49/24/2008 7:54:17 AM :Success report status message Type:Audit, ID:0x0000000040007665, User:domain\user1, Machine:D6257B.

49/24/2008 7:54:17 AM :Executing static method SMS_StatusMessage.RaiseRawStatusMsg()

49/24/2008 7:54:17 AM :Success report status message Type:Audit, ID:0x000000004000765D, User:domain\user1, Machine:D6257B.

49/24/2008 7:54:17 AM :Executing static method SMS_SiteControlFile.ReleaseSessionHandle()

49/24/2008 7:54:17 AM :SCF session handle {a0c4e582-d2c8-4e03-8499-b04ef9b09a4e} has successfully released

49/24/2008 7:54:17 AM :IMR_RemoveClient with clientID=0 success.

19/24/2008 7:54:17 AM :IMR_RemoveAllClients success.

19/24/2008 7:54:17 AM :OOBConsole exit

GetAMTPowerState fail with result:0x80070035

GetAMTPowerState fail with result:0x80070035

Thank you for the response.

I have verified that the system account for the Primary site server does have full control to the OU where the AMT objects are being creating. No change in results.

Please let me know if there are additional items that I can do to resolve this issue.

Is there a support number that specializes in AMT provisioning and SCCM integration.