Intel just released Version 3.0 of the PowerShell Module for Intel vPro Technology. I am new to the team and I am excited about being asked to be the one talk about it.
The first feature in the 3.0 version of vPSM (Intel vPro PowerShell Module) I would like to talk about is the finished implementation of the amtsystem PowerShell drive provider. We had a beta version of the PS-Drive provider in the 2.0 release, and I am pleased that we have finished the implementation. PowerShell Drives provide the ability to map a logical data store just like a physical data store. A good example of a drive provider is the Windows registry and the Certificate stores.
Intel has implemented a drive provider (amtsystem) to expose AMT. A remote Intel vPro client can be mapped with a New-PSdrive command, and the local system is mapped to the HECI PS-Drive when the intelVpro module is imported.
If you don't have the 3.0 module yet, download at http://software.intel.com/file/34909
To get started using the amtsystem PowerShell drive provider, the first thing to do is import the IntelvPro Module:
The local HECI drive is mapped when the Intelvpro modules loads. Go ahead and list the drives:
Now, change to the HECI drive and list its contents
Get-ChildItem (or dir)
On my un-provisioned system, I only see the config directory. So to see the versions of the different components on my system, I run:
Now, on to the more interesting (and in my mind useful) remote PS-Drive mapping.
Let’s map a New-PSDrive to a remote vPro system. To do so, run the following command from the PowerShell console:
New-PSDrive -Name AMT -PSProvider amtsystem -Root "\" -ComputerName vproclient.vprodemo.com -Credential $myPScredential
If your AMT client is configured in TLS mode (TLS encrypted traffic over AMT Port 16993), add the –TLS switch to the command.
The name of the drive can be whatever you would like, we have settled on a name of AMT for consistency, but feel free to change this.
If you type Get-PSDrive again you will see the PS-Drive with the name (in our case AMT) you gave it. /servlet/JiveServlet/downloadImage/38-13732-27907/PSDrive2.jpg
Now that the AMT PowerShell Drive is mapped, you can browse and navigate the remote system in a similar fashion as a normal file system drive:
Set-Location AMT:\ (or cd AMT:)
Get-ChildItem (or dir) (or ls)
What can we do then with this newly mapped drive? We can perform a Get-Content and display the AMT Event log:
And the same for the AMT Access Monitor (Audit Log):
We can enumerate the system Hardware Inventory and dump the data to a file for auditing purposes:
Get-ChildItem -Recurse AMT:\HardwareAssets | Out-File C:\PS\HWInv.txt
If that is too much info we could focus on the BIOS:
Get-ChildItem -Recurse AMT:\HardwareAssets\BIOS
To turn IDE-R on:
Set-Item AMT:\Config\Redirection\IderEnabled -value "True"
To turn KVM User consent off:
Set-Item AMT:\Config\KVM\UserConsent -value “False"
To change the AMT hostname:
Set-Item AMT:\Config\etc\Hosts\HostName “NewHostName”
Add a new user and give them rights:
New-Item AMT:\Config\ACL\Digest\NewDigestUser -Password P@ssw0rd
Set-ItemProperty AMT:\Config\ACL\Digest\NewDigestUser -Name Privileges -Value RC,REDIR,EVTLOG
Then let us check the properties:
Please do not hesitate to give me your feedback and ideas for examples you would like to me cover.