Home > Intel Communities > Open Port IT Community > Intel Premier IT Professional Zone > Discussions
Up to Discussions in Intel Premier IT Professional Zone
1 Replies Last post: Aug 21, 2009 12:57 PM by sean abercrombie  
Ismail Sen
Ismail Sen
3 posts since
Sep 24, 2008  
Currently Being Moderated

Oct 13, 2008 6:49 AM

AMT 2.6.3 client not able out off band provisioning

 

We are using AMT 2.6.3 Clients and cannot do out of Band provisioning.

 

 

We know that we can only psk mode out off Band provisiong and not in Band.

 

 

All settings are set succesfull WS-MAN/AdminUI /SCCM/PPS-PID/MEBX (we are provisioning a lot of clients every day without issues AMT 3.2.1).

 

 

But at this Clients (Notebooks >not able to update to newer version AMT) we see at the Amtopmgr.log that the SCCM connect to the WS-MAN Translator is succesfull, at the translator.log I could see the clients without any error logs but we can't do out of Band provisioning? Verbose logging on WS-MAN translator is enabled! All OOB fixe from Microsoft are installed.

 

 

Here are the logs:

 

 

Amtopmgr.log:

 

 

Incoming Connection from 10.72.127.121:16994. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 2960 (0x0B90)

 

 

Incoming data is - Configuration version: PSK Configuration. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 2960 (0x0B90)

 

 

Count : 0 SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 2960 (0x0B90)

 

 

UUID : 4C4C4544-0037-4810-8047-B9C04F56334A SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 2960 (0x0B90)

 

 

PID : 0000-00O7 SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 2960 (0x0B90)

 

 

AMT Provision Worker: Wakes up to process instruction files SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

Incoming instruction file C:\Program Files (x86)\Microsoft Configuration Manager\inboxes\amtopmgr.box\prov\{6A6866C0-446F-4FCE-86A5-400CE6B7BB8F}.PRV to Provision Worker. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

Found one 'Bare-Metal Provision' task with type 'Machine Resource' and target ID '223' and IP address '172523385'. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

Generate bare metal provision task for AMT device 4C4C4544-0037-4810-8047-B9C04F56334A. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 2960 (0x0B90)

 

 

Waiting for incoming hello message from AMT devices... SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 2960 (0x0B90)

 

 

Target machine 223 is a AMT capable machine. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

Succeed to add new task to pending list. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

AMT Provision Worker: Parsed 1 instruction files SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

AMT Provision Worker: There are 1 tasks in pending list SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

AMT Provision Worker: Send task W-900051.sg.ktsg.ch to completion port SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

Auto-worker Thread Pool: Current size of the thread pool is 1 SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

AMT Provision Worker: 1 task(s) are sent to the task pool successfully. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

STATMSG: ID=7203 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_AMT_OPERATION_MANAGER" SYS=S-30105 SITE=S01 PID=2388 TID=3008 GMTDATE=Wed Sep 10 06:37:21.481 2008 ISTR0="1" ISTR1="0" ISTR2="0" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

Auto-worker Thread Pool: Work thread 5388 started SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

>>>>>>>>>>>>>>>Provision task begin<<<<<<<<<<<<<<< SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Provision target is indicated with SMS resource id. (MachineId = 223 10.72.127.121) SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

AMT Provision Worker: Wait 20 seconds... SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

AMT Provision Worker: Wakes up to process instruction files SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

AMT Provision Worker: Wait 20 seconds... SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 3008 (0x0BC0)

 

 

Found valid basic machine property for machine id = 223. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Warning: Currently we don't support mutual auth. Change to TLS server auth mode. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

The provision mode for device 10.72.127.121 is 1. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Attempting to establish connection with target device using SOAP. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Warning: We don't have an provision certificate with indicated hash either from hello message or client agent. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Attempting to try all provision certificate to connect target device. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Create provisionHelper with (Hash: A3CA17216941A2236DFE307C7EE113C4B75494FC) SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Set credential on provisionHelper... SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Try to use provisioning account to connect target machine 10.72.127.121... SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Error 0x80090304 returned by InitializeSecurityContext during follow up TLS handshaking with server. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

        • Error 0x268b29c returned by ApplyControlToken SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Fail to connect and get core version of machine 10.72.127.121 using provisioning account #0. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Try to use default factory account with MEBX password to connect target machine 10.72.127.121... SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Error 0x80090304 returned by InitializeSecurityContext during follow up TLS handshaking with server. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

        • Error 0x268b29c returned by ApplyControlToken SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Fail to connect and get core version of machine 10.72.127.121 using default factory account with MEBX password. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Try to use default factory account to connect target machine 10.72.127.121... SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Error 0x80090304 returned by InitializeSecurityContext during follow up TLS handshaking with server. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

        • Error 0x268b29c returned by ApplyControlToken SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Fail to connect and get core version of machine 10.72.127.121 using default factory account. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Try to use provisioned account (random generated password) to connect target machine 10.72.127.121... SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Error 0x80090304 returned by InitializeSecurityContext during follow up TLS handshaking with server. SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

        • Error 0x268b29c returned by ApplyControlToken SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Fail to connect and get core version of machine 10.72.127.121 using provisioned account (random generated password). SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Error: Device internal error. Check Schannel, provision certificate, network configuration, device. (MachineId = 223) SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

Error: Can NOT establish connection with target device. (MachineId = 223) SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

>>>>>>>>>>>>>>>Provision task end<<<<<<<<<<<<<<< SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 (0x150C)

 

 

 

 

 

 

 

 

Translator.log:

 

 

Using Basic Authentication $$<WSTRANS><Tue Sep 16 10:11:10.417 2008 W. Europe Daylight Time><thread=5> ActiveThreads 1 $$<WSTRANS><Tue Sep 16 10:11:10.433 2008 W. Europe Daylight Time><thread=5>

 

 

http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_SoftwareIdentity.Get() $$<WSTRANS><Tue Sep 16 10:11:10.480 2008 W. Europe Daylight Time><thread=5> Using Discovery Routing $$<WSTRANS><Tue Sep 16 10:11:10.495 2008 W. Europe Daylight Time><thread=5> proxy target is psk://10.72.127.103:16993/ $$<WSTRANS><Tue Sep 16 10:11:10.542 2008 W. Europe Daylight Time><thread=5> dns:w-900051.sg.ktsg.ch $$<WSTRANS><Tue Sep 16 10:11:10.573 2008 W. Europe Daylight Time><thread=5> Non-factory account $$<WSTRANS><Tue Sep 16 10:11:10.699 2008 W. Europe Daylight Time><thread=5> Using psk 0000-00O7 $$<WSTRANS><Tue Sep 16 10:11:10.699 2008 W. Europe Daylight Time><thread=5>

 

 

GetCoreVersion() $$<WSTRANS><Tue Sep 16 10:11:10.714 2008 W. Europe Daylight Time><thread=5> proxy target is psk://10.72.127.103:16993/ $$<WSTRANS><Tue Sep 16 10:11:10.745 2008 W. Europe Daylight Time><thread=5> dns:w-900051.sg.ktsg.ch $$<WSTRANS><Tue Sep 16 10:11:10.745 2008 W. Europe Daylight Time><thread=5> Using factory account $$<WSTRANS><Tue Sep 16 10:11:10.745 2008 W. Europe Daylight Time><thread=5> Using pki $$<WSTRANS><Tue Sep 16 10:11:10.745 2008 W. Europe Daylight Time><thread=5>

 

 

GetCoreVersion() $$<WSTRANS><Tue Sep 16 10:11:10.745 2008 W. Europe Daylight Time><thread=5> proxy target is https://10.72.127.103:16993/ $$<WSTRANS><Tue Sep 16 10:11:10.761 2008 W. Europe Daylight Time><thread=5> dns:w-900051.sg.ktsg.ch $$<WSTRANS><Tue Sep 16 10:11:10.761 2008 W. Europe Daylight Time><thread=5> Non-factory account $$<WSTRANS><Tue Sep 16 10:11:10.761 2008 W. Europe Daylight Time><thread=5>

 

 

GetCoreVersion() $$<WSTRANS><Tue Sep 16 10:11:10.777 2008 W. Europe Daylight Time><thread=5> Discovery failed for https://10.72.127.103:16993/ $$<WSTRANS><Tue Sep 16 10:11:10.839 2008 W. Europe Daylight Time><thread=5>

 

 

fault() $$<WSTRANS><Tue Sep 16 10:11:10.870 2008 W. Europe Daylight Time><thread=5> Request from "::1:53625" for "[https://s-30105.sg.ktsg.ch/wstrans/dsc/eoi20/10.72.127.103/wsman]" $$<WSTRANS><Tue Sep 16 10:11:10.949 2008 W. Europe Daylight Time><thread=5>

 

 

 

 

 

 

 

 

Any Suggestions?

 

 

 

 

thanks

 

 

Ismail

 

 

Average User Rating
(0 ratings)




sean abercrombie  
sean abercrombie
22 posts since
Jul 1, 2008
Currently Being Moderated
1. Aug 21, 2009 12:57 PM in response to: Ismail Sen
Re: AMT 2.6.3 client not able out off band provisioning

Hello Ismail Sen - I was reviewing older posts and saw your issue with AMT 2.6.3 no provisioning, my first question is, what ISV console are you using? - it appears to be Microsoft but not sure if its SMS or SCCM. The reason I am asking is there was an error in your log that caught my eye - Error 0x268b29c returned by ApplyControlToken SMS_AMT_OPERATION_MANAGER 9/10/2008 8:37:21 AM 5388 - please let me know is your using SCCM as there is a possilbe fix, but it is specific to SCCM only. If any one else is having issues with either AMT 2.2 desktop or AMT 2.5/2.6 mobile on SCCM let us know.

Report Abuse

More Like This

  • Retrieving data ...