This message was posted on behalf of Intel Corporation
There is a method to disable AMT in HP BIOS using one of their tools. You can pull down the tool here:
On the page, there is also an HP BCU User Guide link, you can use this for reference.
1. You'll need to verify the settings on each of the computers because the verbiage in the BIOS differs from model to model. You can run the tool and do a "get" command on each of the models to find out the correct verbiage.
2. Once you find the correct verbiage, you would remotely call WMI to disable AMT on the system. You can use powershell to do this.
An example (this was for an unconfiguration):
$HP_Bios = Get-WmiObject -Namespace root\hp\instrumentedBIOS -Class HP_BiosSettingInterface
$HP_Bios.SetBiosSetting('Unconfigure AMT on next boot', 'Apply')
$HP_Bios.SetBiosSetting('Show Unconfigure ME Confirmation Prompt', 'Disable')
An example for AMT for this specific model (800G2)$HP_Bios = Get-WmiObject -Namespace root\hp\instrumentedBIOS -Class HP_BiosSettingInterface
$HP_Bios.SetBiosSetting('Active Management (AMT)', 'Disable')
Question on this solution. If we do this, what is to stop someone from re-enabling it using the default admin password?
If that is a risk, then how can we change the default admin password in a script as well?