Greetings:

 

 

So my first, and I do realize a bit naive question (due to obvious security concerns) is; is it possible to override this by the use of the PowerShell module?

 

This is not an option available via the vPro Powershell Module

 

 

My second question is more straight forward. Most of our computer has not factory set a custom password for admin. Is it possible to change the password by the use of the PowerShell module?

 

 

No, this functionality is also not built into the PS Module, however, take a look at this link and it may assist you in creating a script:

 

https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm?turl=HTMLDocuments/WS-Management_Class_Reference/AMT_SetupAndConfigurationService.htm%23SetMEBxPassword

 

 

Hopefully is it also possible to set credentials without prompting...(?)

 

From the .pdf included in the download:

 

Section 3.3:

 

 

 

3.3 Configuring a Profile for the Windows PowerShell Module for

 

Intel vPro Technology

 

Microsoft states "A well-designed profile can make it even easier to use Windows

 

PowerShell and to administer your system". This holds true for administering Intel vPro

 

technology enabled devices. A well-designed PowerShell profile can make that task

 

even easier.

 

Please view the link below from Microsoft for more information about PowerShell

 

profiles:

 

http://msdn.microsoft.com/en-us/library/bb613488(v=vs.85).aspx

 

 

 

3.3.1 Setting Up a Profile for Intel vPro Technology

 

Below is an example of a profile you can put in

 

%my documents%/WindowsPowerShell/Microsoft.PowerShell_profile.ps1.

 

function vPro

 

{

 

Import-Module IntelvPro

 

}

 

Once you have created this profile, you can type vPro from within PowerShell to load

 

the module. 3.3.2Using Intel® AMT Credential Secure StorageIntel AMT credentials can be securely stored in a PowerShell encrypted string using theWrite-AMTCredential cmdlet. This allows the privileged administrator to store theIntel AMT required credentials without the credentials being exposed in plain text forany user to view.Once credentials are stored once with Write-AMTCredential (see section 5.10.4) a laterPowershell session can read them with Read-AMTCredential without exposing them.To set your profile to load the module and set the Intel AMT credentials when you typevPro in a PowerShell session, change your profile as follows:

 

function vPro

 

{

 

Import-Module IntelvPro

 

New-Variable -Name AmtCred -Value (Read-AmtCredential)

 

}

 

Intel vPro Technology Module for Microsoft Windows PowerShell

 

16 3.3.3Making Everything Load AutomaticallyTo make the module load and the $AmtCred variable set (store first once with WriteAMTCredential (see section 5.10.4)) every time a PowerShell session is started modifythe profile to include the following (not in a function block):

 

Import-Module IntelvPro

 

New-Variable -Name AmtCred -Value (Read-AmtCredential) 3.3.4Easily Mounting an AMTSystem PowerShell DriveTo easily mount an AMTSystem Powershell Drive add the following function to theprofile:

 

function mount-AMTDrive

 

{

 

Param([string]$HostName,

 

[System.Management.Automation.PSCredential]$AMTCredential)

 

process{

 

New-PSdrive -scope global -name $HostName -psprovider amtsystem

 

-root \ -computername $HostName -credential $AMTCredential

 

}

 

}

 

Now mounting an AMTSystem Powershell drive by typing:

 

Mount-AMTDrive $HostName

 

The drive name will be $HostName and is listed when typing:

 

PSDrive

 

NOTE

 

The New-PSDrive cmdlet does not accept ~ / \ . : characters. It is recommended to

 

use the Hostname instead of an IP address

 

 

Forgive the formatting.

 

 

Regards,

 

Michael