Skip navigation
1 2 3 Previous Next

Intel vPro Expert Center Blog

1,193 posts

We installed Intel Unite on a "HP Slice for Meeting Rooms" (which was designed for Skype for Business) and installed Intel Unite. After restart we keep getting error ID666666 from Unite. I understand that Unite only works for specifically designed VPro systems but the HP Slice for Meeting Rooms is exactly that. Thanks for helping

My kids are being asked this and many other questions for the first time. As you might guess, both of my children are the celebrated/feared/derided millennials, who are, and in my case will soon be, entering the workplace in huge numbers. In fact, millennials now make up the majority of the country’s workforce. One in three U.S. employees are 18- to 34-year-olds, and while time will tell how they’ll reshape our workplace culture (and they certainly will), I’ve got a good idea of what they expect in workplace technology.

 

Technology Matters

It’s not really a surprise that a recent joint Dell and Intel study found that employers risk losing millennial employees if their technology isn’t up to snuff. An overwhelming eight in 10 respondents in this age group said that technology in the workplace would influence their decision about whether or not to take a job. Alarmingly, two in five said poor technology would make them likely to quit their job!

 

Now, this is a generation that used personal computers before they could talk. As a result, millennials are not intimidated by technology, and they are very adept at using and communicating (incessantly!) with it. While millennials are particular about their tech, they aren’t the only ones. In the study, one in four respondents overall, including Gen Xers (35- to 54-year-olds) and baby boomers (55 years and older), said they were likely to quit a job that didn’t provide them with technology that met their standards.

I don’t think this expectation is unreasonable. These days, workers really depend on their laptops and computers to keep productivity going. We telecommute, multitask with numerous compute-intensive apps open on our desktops, call in to meetings, and share presentations in virtual conference rooms — all these activities require the best-performing computers that also offer mobility.

Getting back to the original question, how would your company respond if it were sitting in the interview seat? What is your company’s five-year roadmap for how technology will boost innovation, collaboration, productivity, etc., while helping your team stay motivated, be proactive and work to their fullest potential?

Let us know in the comments section!

Download the Dell Intel Future Workforce Study key findings

screenshot.jpg

I am excited to announce the release of Intel® Manageability Commander.  Built from the widely used MESHCommander application, Intel® Manageability Commander will make it significantly easier to take advantage of Intel® AMT out of band hardware management features provided on Intel® vPro™ platforms.

 

Intel® Manageability Commander can be installed both a stand alone application and on your Microsoft System Center Configuration Manager* (SCCM) server to integrate Out of Band management features in Microsoft SCCM current build 1511 and later.

 

Install_103.PNG

 

Top features of Intel® Manageability Commander:

  • Discover, diagnose and manage Intel® AMT configured PCs remotely
  • View and solve user PC and Operating System issues via integrated KVM remote control (Keyboard, Video, Mouse)
  • Integrate with Microsoft SCCM current build version 1511 and later
    • When SCCM deployments are configured to wake systems, the Intel® Manageability Commander SCCM wake service will perform an Intel® AMT secure power on
    • Collections in SCCM can be manually powered on using the Intel® Manageability Commander SCCM console extension
    • Intel® Manageability Commander can be launched on a per system basis from the SCCM right click system context menu to get access to all of the supported Intel® AMT features directly from SCCM

 

status2.png

 

KVM_blue.PNG

 

Additional Intel® Manageability Commander features include:

  • View and modify network settings of Intel® AMT.  If the PC has a wireless interface, users can add multiple wireless profiles to connect to Intel® AMT using the wireless interface
    • Configure Intel® AMT security features such as System Defense, Audit Log, and Access Control List
    • Display Intel® AMT events and filter events by keyword
    • Enable or disable Intel® AMT features on a configured system directly from Intel® Manageability Commander’s user interface. Any text that is shown in a blue color can be clicked on and used to change that setting

     

    To add Intel® AMT discovery and configuration task sequences, you can also install the Intel® SCS Add-on for Microsoft System Center Configuration Manager.

     

    For more information on Intel® Manageability Commander, go to http://www.intel.com/content/www/us/en/support/software/manageability-products/intel-manageability-commander.html

     

    Legal Notices

    © 2016 Intel Corporation. Intel, Intel® vPro™ and the Intel logo are trademarks of Intel Corporate in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others.  Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer.

    While working with the new SCCM version, I noticed that I was missing some Intel AMT Integration that I used to have, and decided to look into it and made a right click menu to get back some of the functionality. After building this plugin, options for restarting, power on\off, and KVM should show under a vPro Tab on the right click menu.

     

    Installation of PowerShell AMT 1:1 Reboots from SCCM Console

    1. Close SCCM Console
    2. Download and install vPro Powershell Module on SCCM Server (Download Intel® vPro™ Technology module for Windows* PowerShell) 1.PNG
    3. On SCCM Server go to C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\XmlStorage\Extensions\Actions\2.PNG
      1. Create folder 3fd01cd1-9e01-461e-92cd-94866b8d1f39

        This folder title is a GUID that translates to where the menu will pop up (there are different GUIDs for other locations)

      2. Inside Folder create xml file – IntelvProExt.xml
        3.PNG
      3. Edit file to include following

    <ActionDescription

                    class="Group"

                    DisplayName="Intel vPro"

                    MnemonicDisplayName="Intel vPro"

                    Description="Contains commands for Intel vPro hardware">

                    <ShowOn>

                                    <string>DefaultHomeTab</string>

                                    <string>ContextMenu</string>

                    </ShowOn>

                    <ActionGroups>

    <ActionDescription

                                                    class="Executable"

                                                    DisplayName="PowerShell Reboot"

                                                    MnemonicDisplayName="PowerShell Reboot"

                                                    Description="Sends a forced PowerShell Reboot"

                                                    RibbonDisplayType="TextAndSmallImage">

                                                    <ShowOn>

                                                                    <string>ContextMenu</string>

                                                                    <string>DefaultHomeTab</string>

                                                                    <string>DefaultContextualTab</string>

                                                    </ShowOn>

                                                    <Executable>

                                                                    <FilePath>C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe</FilePath>

                                                                    <Parameters>Invoke-AMTForceBoot ##SUB:Name##.vprodemo.com -tls -operation reset -device harddrive</Parameters>

                                                    </Executable>

                                    </ActionDescription>

                                   

                    </ActionGroups>

    </ActionDescription>

    1. d. Save and Close File
    2. e. Restart SCCM Console
    3. Right click menu will now have Intel vPro menu with PowerShell Reboot Options

     

    From here we have a basic powershell reboot for AMT systems. should look something like this

    5.PNG

     

     

    After having reboots taken care of I figured I would expand this menu a bit and get some more functionality baked in.

     

    1. To Add KVM options with RealVNC Viewer Plus - This will take advantage of the AMTKVM options for Out of Band KVM

                                  <ActionDescription

                                                    class="Executable"

                                                    DisplayName="Start KVM"

                                                    MnemonicDisplayName="Start KVM"

                                                    Description="Starts a KVM session with Intel hardware"

                                                    RibbonDisplayType="TextAndSmallImage">

                                                    <ShowOn>

                                                                    <string>ContextMenu</string>

                                                                    <string>DefaultHomeTab</string>

                                                                    <string>DefaultContextualTab</string>

                                                    </ShowOn>

                                                    <Executable>

                                                                    <FilePath>C:\Program Files (x86)\RealVNC\VNCViewerPlus\vncviewerplus.exe</FilePath>

                                                                    <Parameters>-uri kvm://##SUB:Name##</Parameters>

                                                    </Executable>

                                    </ActionDescription>

     

    1. To add Reboots\Power Down\Power On via AMTSDK – REQUIRES AMTSDK (https://software.intel.com/en-us/amt-sdk/download)
      1. Extract files needed to C:\AMT (or location of your choosing – make sure to adjust location in descriptions) from .\AMTSDK\Windows\Intel_AMT\Bin and .\AMTSDK\Windows\Intel_AMT\Bin Ws-Management\C++
        1. CPPCimFramework.dll
        2. CPPCimFrameworkUntyped.dll
        3. RemoteControlTyped.exe

    7.PNG

                                       <ActionDescription

                                                    class="Executable"

                                                    DisplayName="Power On"

                                                    MnemonicDisplayName="Power On"

                                                    Description="Sends a Power On Command"

                                                    RibbonDisplayType="TextAndSmallImage">

                                                    <ShowOn>

                                                                    <string>ContextMenu</string>

                                                                    <string>DefaultHomeTab</string>

                                                                    <string>DefaultContextualTab</string>

                                                    </ShowOn>

                                                    <Executable>

                                                                    <FilePath>C:\AMT\RemoteControlTyped.exe</FilePath>

                                                                    <Parameters>-p On -host ##SUB:Name## -krb -tls</Parameters>

                                                    </Executable>

                                    </ActionDescription>

                                   

                                    <ActionDescription

                                                    class="Executable"

                                                    DisplayName="Reboot"

                                                    MnemonicDisplayName="Reboot"

                                                    Description="Sends a Reboot Command"

                                                    RibbonDisplayType="TextAndSmallImage">

                                                    <ShowOn>

                                                                    <string>ContextMenu</string>

                                                                    <string>DefaultHomeTab</string>

                                                                    <string>DefaultContextualTab</string>

                                                    </ShowOn>

                                                    <Executable>

                                                                    <FilePath>C:\AMT\RemoteControlTyped.exe</FilePath>

                                                                    <Parameters>-p powercycle -host ##SUB:Name## -krb -tls</Parameters>

                                                    </Executable>

                                    </ActionDescription>

                                                                   

                                    <ActionDescription

                                                    class="Executable"

                                                    DisplayName="Power Off"

                                                    MnemonicDisplayName="Power Off"

                                                    Description="Sends a Power Off Command"

                                                    RibbonDisplayType="TextAndSmallImage">

                                                    <ShowOn>

                                                                    <string>ContextMenu</string>

                                                                    <string>DefaultHomeTab</string>

                                                                    <string>DefaultContextualTab</string>

                                                    </ShowOn>

                                                    <Executable>

                                                                    <FilePath>C:\AMT\RemoteControlTyped.exe</FilePath>

                                                                    <Parameters>-p Off -host ##SUB:Name## -krb -tls</Parameters>

                                                    </Executable>

                                    </ActionDescription>

                                   

                                    <ActionDescription

                                                    class="Executable"

                                                    DisplayName="Graceful Reboot (AMT 9+ only)"

                                                    MnemonicDisplayName="Graceful Reboot (AMT 9+ only)"

                                                    Description="Sends a graceful reboot command (AMT 9+ only)"

                                                    RibbonDisplayType="TextAndSmallImage">

                                                    <ShowOn>

                                                                    <string>ContextMenu</string>

                                                                    <string>DefaultHomeTab</string>

                                                                    <string>DefaultContextualTab</string>

                                                    </ShowOn>

                                                    <Executable>

                                                                    <FilePath>C:\AMT\RemoteControlTyped.exe</FilePath>

                                                                    <Parameters>-p gracefulreset -host ##SUB:Name## -krb -tls</Parameters>

                                                    </Executable>

                                    </ActionDescription>

                                   

                                    <ActionDescription

                                                    class="Executable"

                                                    DisplayName="Graceful Shutdown (AMT 9+ only)"

                                                    MnemonicDisplayName="Graceful Shutdown (AMT 9+ only)"

                                                    Description="Sends a graceful shutdown command (AMT 9+ only)"

                                                    RibbonDisplayType="TextAndSmallImage">

                                                    <ShowOn>

                                                                    <string>ContextMenu</string>

                                                                    <string>DefaultHomeTab</string>

                                                                    <string>DefaultContextualTab</string>

                                                    </ShowOn>

                                                    <Executable>

                                                                    <FilePath>C:\AMT\RemoteControlTyped.exe</FilePath>

                                                                    <Parameters>-p gracefuloff -host ##SUB:Name## -krb -tls</Parameters>

                                                    </Executable>

                                    </ActionDescription>

     

    At the end we have something like this

    6.PNG

     

     

    Enjoy the right-click menu

    Have a SE7210TP1-E server board and since I added a nvidia ge force 6200  pci graphics card the system reserved 1 gig of ram for it self.

     

    Question is WHY?

    Have 4 gig ram onboard, if I unplug graphics card I have 4 gig system ram available again. WHY?

     

    The onboard graphics card is a ATI rage 2 xl chipset with 8 meg ram.

    The onboard graphics cant handle video data of today anymore.

    john262

    Intel 7260 Bluetooth issues

    Posted by john262 Jan 14, 2016

    I had the same issues as many that posted: No Bluetooth connectivity, Bluetooth showing the yellow triangle in device manager, etc.I even purchased a Bluetooth dongle which showed as functioning properly in device manager most of the time. Sometimes the yellow triangle showed up with that also. To remedy this issue with the dongle, I would disable it, then enable it and the yellow triangle would disappear. But, I still could not connect any Bluetooth devices to my PC. They would pair, but not be able to connect.I discussed this issue with tech support of my PC manufacturer and he agreed with my theory that the cause was probably Windows 10 and I would likely have to wait for a future update. Believe me. I tried everything I saw on blogs to fix this and nothing worked. Then on a whim, I decided to uninstall everything related to the Wi-Fi card and Bluetooth. I used Revo Uninstaller Pro (there's a free version). It does a better job of removing everything associated with the program you want removed than Programs and Features in Control Panel. When I restarted the PC after uninstalling, I noticed that I still had connection to my router and the yellow triangle on Intel Wireless Bluetooth in device manager disappeared. I did not use the driver disc that came with the card. I immediately attempted to connect my Soundblaster Jam headset to the PC and, what do you know, it worked! It has worked for the last two days, knock on wood. Maybe, my solution would be helpful to others.

    Cyberthreats, unfortunately, never take a holiday. In fact, with each passing day, attacks become more numerous, organized, powerful, and, with the explosion in smart devices and cloud-based systems, more opportunistic.

     

    No wonder 50 percent of the 182 IT professionals who participated in Computerworld’s Forecast 2016 survey said they plan to increase spending on security technologies in the next 12 months. Security ran a close second after cloud computing as the most important technology project currently underway at their organizations.

     

    Security’s ‘Perfect Storm’


    Mike Seawright, director of security business development at Intel, discussed these challenges in Secure Your Business, our latest webinar in the Business Devices Webinar Series. Not only are IT security professionals facing increasing complexity with more devices and the shift to cloud computing, but they must act quickly, as organizations can be compromised in mere minutes, while utilizing limited staffing and budget resources.

     

    The latest devices with Intel vPro technology offer a solid first line of defense in preventing threats. Built on Intel’s security technologies, each successive generation delivers evolutionary security capabilities. Intel Core vPro processors feature remote capabilities that allow scarce IT staff resources to maximize their efficiency in protecting compute devices across the enterprise.


    What Aspects of Security Are Most Important?


    Unfortunately, there is no easy strategy to take in IT security. “Security is complicated—sorry folks!” Mike said. To be truly secure, he explained, IT departments need to defend all areas against modern attacks: identity, platform, data, and applications.


    However, Mike explained, a whopping half of all security breaches stem from identity and authentication gaps, so stronger authentication is a key part of security. Fortunately, Intel and Microsoft work collaboratively to combat security threats with user-friendly features and technologies such as True Key by Intel Security, Microsoft Credential Guard, and Intel Identity Protection Technology Multifactor Authentication.


    These and other multifaceted defensive tactics and tools were explained in the hour-long webinar, which included a Q&A session. Here is a sample of what webinar participants had on their minds:


    Q: I have health care clients. Do you have a security checklist?

     

    Mike: Our health care team has a presentation you could use for this. Send me a note at michael.seawright@intel.com.

     

    Q: Does True Key update itself?

     

    Mike: True Key is like most software in that some portions will update automatically if that setting is applied. But then as we have major releases, it will usually require a user update.

     

    Q: Are there any encryption key "manager" apps available for SMBs or partners that are acting as the IT department for multiple SMBs?

     

    Mike: The McAfee ePolicy Orchestrator does a nice job of this. Another vendor to look at would be Venafi.

     

    If you missed the webinar, you can listen in to the on-demand version available now and hear other questions and answers as well as download the presentation slides.

     

    Ask a Question, Win a Tablet


    This month, the lucky winners of a new Intel-based tablet and a new set of SMS Audio BioSport Smart Earbuds are Ed Goad of MeteorComm and D. Komnick of Advanced Business Technology Services, respectively. Congrats to both! And, if you didn’t win this time, you’ll have another chance to ask questions and win at the next webinar, which is sure to be a popular one: Introducing 6th Gen Intel Core vPro.

     

    If you’ve already registered for the Business Devices Webinar Series, you’re all set: just click on the link in the reminder email you’ll receive a day or two before the event. But if you need to register, you can join our next webinar by clicking here.

     

      With the latest Intel Core vPro processor-based devices, more businesses big and small can set and reach their New Year’s resolution to make their entire enterprise more secure.

    By the time a couple is married 21 years, they’ve had their share of disagreements, unlocked the mysteries of the other, and, happily, come to the realization that they’re better together than not.

     

    Such is the double-decade partnership between Intel and Microsoft, which has persevered through tech booms and busts. The “Better Together: Windows 10 and Intel Core vPro Processor-based Devices” webinar glimpsed into the future with the Intel Core vPro processor and Microsoft OS, Windows 10. We saw how they work together to raise the bar in enterprise computing, with much excitement from end users, IT and business decision makers, and OEMs.

     

    Windows 10 fully supports the Intel vPro pillars of strength—productivity, security, and manageability—with a familiar Windows 7-based user interface and numerous new dynamic features. For example, for better productivity, Microsoft host expert Stephen Rose explained how a device used as a PC with a keyboard and mouse can switch for optimal tablet use. Windows 10 responds automatically by adjusting window size for touch-based actions and biometrics.


    Sixth-gen Intel Core vPro processor-based devices “are the most manageable, most productive, and most secure platform for enterprise,” webinar Intel technology expert Greg Reiff said. Intel Core vPro has enabled the creation of more streamlined form factors that are 50 percent thinner, 50 percent lighter than devices more than four years old, and use much less power.


    With the newest features in Windows 10, users and IT departments can build more security around their data and devices. Features such as Intel Virtualization Technology prevent unauthorized software from being loaded, and Intel SSD Pro Series Data Protection guards data off-network. These features on the back end support the mission on the front end to “kill the password,” according to Rose, by “moving away from what you know [passwords] to what you have; things like your face (detected via Intel RealSense and Microsoft Hello), fingerprints, and wearables.”


    Webinar attendees were clamoring to know more, asking many questions during the interactive Q&A. Here’s a sample:


    Q: Can you add biometric devices to older PCs that run Windows 10?


    Steve Forsberg (Intel host expert): You could attach an external RealSense camera if your older hardware does not have an infrared camera integrated.


    Q: Are the new Intel Q170 chipset machines shipping now?


    Greg Reiff (Intel host expert): Some are shipping but not as enterprise Intel Core vPro platforms [those are scheduled for release soon].


    Q: Is the Microsoft Surface Pro 4 tablet available through distribution?


    Stephen Rose (Microsoft host expert): Yes. We have a wide variety of resellers including Dell, CDW, and others.


    Q: Is the process/recommendation of upgrading the UEFI published somewhere?


    Greg Reiff: Upgrading a platform’s BIOS to UEFI is OEM-specific. Each OEM should have an upgrade guide on their support site under drivers > firmware > download. If vPro is enabled, we have best practices documents on www.intel.com.


    As with all webinars in the Business Devices Webinar Series, participants were entered into a drawing for an Intel-based tablet or a set of SMS Audio BioSport smart earbuds. Congratulations to tablet winner Kent Liu of Williams-Sonoma and to Andy Yu of American Portwell Technologies for scoring the cool earbuds!


    Our next webinar is happening December 9, 10 a.m. PST. Be sure to attend, because it’s all about security: what the key risks are, how to manage them, and ways to prepare with the latest solutions from our top technology experts.


    If you’ve already registered for the Business Devices Webinar Series, click on the link in the reminder email you’ll receive a day or two before the event. If you need to register, we’d love to have you join our next session by clicking here.


    The “Better Together: Windows 10 and Intel Core vPro Processor-based Devices” webinar can be watched anytime on demand if you missed it. For more on how Windows 10 and the latest Intel technology can help businesses overcome their challenges, read this recent white paper.


    It’s exciting to see how ongoing collaboration between Intel and Microsoft continues to advance better, more efficient, and more amazing experiences in the world of enterprise computing.

    With ePO Deep Command v2.4 you can activate Intel AMT v7+ out of the box without using Intel RCS or the need of purchasing configuration certificate. You can even put the Systems into Admin Control Mode. Please refer to the blog post.

    hero16.jpg

    Coming soon, now I am in testing step....

    jb2559

    Graphics Driver issue

    Posted by jb2559 Aug 25, 2015

    I recently upgraded from Windows 7 to Windows 10 and now when my grandson tries to play Minecraft he gets an error message that the graphics driver needs updated.  I determined that it currently has a Intel Driver and I ran the Intel Driver Utility and it came back and said no drivers were needed.  I thought I would try and manually download a driver but when I went to the list of Intel drivers there was not one for Windows 10.  Only Windows 7 and Vista.  I tried to download that one and received an error message that my computer did not meet the minimum requirements.  Has anyone else run into a similar issue and if so how did you resolve it?

    Tmowreader

    Multiple Alarms Feature

    Posted by Tmowreader Jul 9, 2015

    Hello, I am trying to remotely configure 150ish PC's with multiple AMT Alarms.  I can see from this webpage that AMT 8.0 and later supports the Multiple Alarm Feature, and all of our machines are 8.1 or newer.  I have successfully created individual alarms on multiple machines at once using the Intel vPro PowerShell GUI.  (Very hand tool BTW.)  I assume however that the tool was built before the ability to have multiple alarms as the option to set them does not exist in the GUI.  When I run a Get-Help command on Set-AMTAlarmclock I don't see a reference to the "ElementName" filed mentioned in the link above that appears to identify the individual alarms.

     

    I'm fairly new to AMT and PowerShell and would appreciate any guidance you can provide.

     

    I apologize if this is not the correct Forum, I couldn't find another that was more relevant.  I realize this is not related to Intel SCS.

     

    Thank you for your time,

     

     

    Tyler

    Hi,

     

    I am trying to setup an Intel SCS server to deploy AMT profiles to HP Intel vPro PCs.

     

    In order to do this, I need to provision a Certificate, I got one from Comodo, but Intel SCS is asking for a CA Plugin couldn't find this anywhere

    Is only giving me the option to use Domain Internal CA Certificates.

     

    Any help

    An enterprise customer wanted to enable Active Directory integration with Intel AMT on their large Intel vPro client estate. However their security team wanted the permissions for the Intel SCS service account against the Organisational Unit (OU) where Intel AMT computer objects are stored to support Kerberos, to be as restrictive as possible.

     

    As defined in the Intel® Setup and Configuration Software User Guide, permissions for the SCS service account on the OU container are “Create Computer objects”, “Delete Computer objects” and “List content” (the latter seems to be default) and full control on descendant computer objects. The latter was not acceptable so ...

     

    SCS_AD_Perms_OU_Create_Delete.jpgSCS_AD_Perms_OU_List.jpg

    ... to support AMT maintenance tasks such as updating the password of the AD object representing the Intel AMT device and ensuring the Kerberos clock remains synchronised, the following explicit permissions are required on all descendant computer objects within the OU.

    SCS_AD_Perms_Descendant_Change_Password.jpgSCS_AD_Perms_Descendant_Write_All_Properties.jpg

    The customers security team were happier with these permissions and they are now activating their Intel vPro systems to enable the powerful manageability and security capabilities that Active Management Technology, available on Intel vPro Technology platforms provides.

    Take from an original (deleted) post by TerryCutler.

     

    Intel AMT Remote Configuration enables the authentication of the firmware for an initial Intel AMT configuration event.  Remote configuration supports Admin Control Mode configuration of the Intel AMT firmware and is typically done using valid provisioning certificate for the customers environment.

     

    This authentication process has to be completed without user interaction. If the requesting application i.e. Intel SCS is prompted every time access to the private key is required, the autonomy is lost.

     

    When importing the certificate to your target server, if the strong key protection option is selected and grayed out, this indicates a conflicting group policy for cryptography has been applied to the server.

     

    Changing the group policy setting of the server will remove this barrier, so set the System Cryptography policy to the "User input is not required when new keys are stored and used"

    Filter Blog

    By date: By tag: