Currently Being Moderated

So you just provisioned a system with the Intel SCS and now you want to change an AMT setting – the quickest and easiest way is using the Intel vPro Technology Module to mount a PowerShell drive provider.

 

A PowerShell Drive provides the ability to map a logical data store just like a physical data store. A good example of a drive provider is the Windows registry and the Certificate stores. Type Get-PSDrive to list the current drives.

 

psdrive.jpg

 

Intel has implemented a drive provider (amtsystem) to expose AMT. A remote vPro client can be mapped with a New-PSdrive command, and the local system is mapped to the HECI PSDrive when the intelvPro module is imported.

 

If you don’t have the Intel vPro PowerShell module yet, download at http://intel.com/go/powershell

To get started using the AMT PowerShell drive provider, the first thing to do is import the IntelvPro Module:

 

Import-Module IntelvPro

 

Let’s map a New-PSDrive to a remote vPro system.  To do so, run the following command from the PowerShell console:

 

New-PSDrive -Name AMT -PSProvider amtsystem -Root "/" -ComputerName vproclient.vprodemo.com -Credential $myPScredential

 

If your AMT client is configured in TLS mode (TLS encrypted traffic over AMT Port 16993), add the –TLS switch to the command.

The name of the drive can be whatever you would like, we have settled on a name of AMT for consistency, but feel free to change this.

 

If you type Get-PSDrive again you will see the PS-Drive with the name (in our case AMT) you gave it.

get-psdrive with AMT mapped.jpg

 

 

Now that the AMT PowerShell Drive is mapped, you can browse and navigate the remote system in a similar fashion as a normal file system drive:

Set-Location AMT:\ (or cd AMT:)
Get-ChildItem (or dir or ls)

 

get-childitem.jpg

/servlet/JiveServlet/downloadImage/38-13732-27908/setlocation.jpg

 

What can we do then with this newly mapped drive? We can perform a Get-Content and pull the AMT Event log:

Get-Content AMT:\logs\EventLog

get-eventlog.jpg/servlet/JiveServlet/downloadImage/38-13732-27910/eventlog.jpg

 

And the same for the AMT Access Monitor (Audit Log):

Get-Content AMT:\logs\AccessMonitor

get-auditlog.jpg/servlet/JiveServlet/downloadImage/38-13732-27911/AccessMonitor.jpg

 

We can enumerate the system Hardware Inventory and dump the data to a file for auditing purposes:

Get-ChildItem -Recurse AMT:\HardwareAssets | Out-File C:\PS\HWInv.txt

 

If that is too much info we could focus on the BIOS:
Get-ChildItem -Recurse AMT:\HardwareAssets\BIOS

get-bios.png/servlet/JiveServlet/downloadImage/38-13732-27912/HWInv.jpg

 

 

To turn IDE-R on:

Set-Item AMT:\Config\Redirection\IderEnabled -value "True"

 

To turn KVM User consent off:

Set-Item AMT:\Config\KVM\ConsentRequired -value “False"

 

To change the AMT hostname:

Set-Item AMT:\Config\etc\Hosts\HostName “NewHostName”

 

Add a new user and give them rights:

New-Item AMT:\Config\ACL\Digest\NewDigestUser -Password P@ssw0rd

Set-ItemProperty AMT:\Config\ACL\Digest\NewDigestUser -Name Privileges -Value RC,REDIR,EVTLOG

newdigestuser.png

 

To check out network settings:

cd AMT:\config\etc\networks

ls

 

List the Power Policy Schemes:

cd AMT:\config\etc\PowerPolicy\Schemes

ls

 

To change a PowerPolicy:

cd amt:\config\etc\PowerPolicy\

Set-Item .\ActiveScheme –value 12834f94-10fb-dc4f-968e-1e232b0c9065

Set-Item .\ActiveScheme –value 46732273-dc23-2f43-a98a-13d37982d855

 

 

6.x/7.0 Desktop

Desktop:

ON in S0; ME Wake in S3, S4-S5

{46732273-DC23-2F43-A98A-13D37982D855}

6.x/7.0 Mobile

Mobile: ON in S0

{11973976-560B-4350-88709812F391B560}

Mobile:

ON in S0; ME Wake in S3/AC, S4-S5/AC

{ee0d8030-c009-4378-af287868a2dbbe3a}

Comments

Filter Blog

By author:
By date:
By tag: