Hoping someone here can help me out with a problem I'm having with provisioning our HP dc 7800 vPro pc's.
Here's the detail.
SCCM SP1, the dc7800's are on bios 1.24 and mBex firmware 3.2.1, we're using an internally issued provisioning cert as I'm still effectively piloting vPro at the moment so I was hoping to avoid buying a cert before I was sure of everything. So basically here's what I'm doing, take one fresh PC, update bios and then update mbex to 3.2.1, login to mbex and add the hash of our provisioning cert, also required to change mbex password. I'm planning on using the in band provisioning method for the time being. I have correctly set the mbex password in the OOBM component configuration and I'm confident I have everything else set up correctly as two of my PC's have managed to provision. Trouble is I can't seem to get the remaining PC's to provision even though they have beenh through the exact same setup process. They are showing as AMT Status: Detected rather than not provisioned which from what I've read means that SCCM knows they are ATM capable but is unable to login to the mbex to take the process any further. I have checked and double checked passwords both on the mbex's and in the OOBM Provisioning Setting tabs and I'm positive they match.
When the provisioning attempt takes place I can see it in the antopmgr.log
I can see it attempt the account I've put the details for and I get these messages;
Warning: Currently we don't support mutual auth. Change to TLS server auth mode.
The provision mode for device wks188.eicltd.com is 1.
Attempting to establish connection with target device using SOAP.
Warning: We don't have an provision certificate with old recorded hash.
Create provisionHelper with (Hash: 8571F29DFEB197A0D034C3EFC6E319EF*****)
Set credential on provisionHelper...
Try to use provisioning account to connect target machine wks188.eicltd.com...
Attempting to try all provision certificate to connect target device.
Failed to send TLS client hello message to server with errorcode=0x2733.
Error 0x6feb95c returned by ApplyControlToken
Fail to connect and get core version of machine wks188.eicltd.com using provisioning account #0.
Then it tries with the default account and we get the same messages, then it tries with a randomly generated password account.
Then at the end of the attempts I get this message;
Error: Device internal error. Check Schannel, provision certificate, network configuration, device. (MachineId = 331).
Error: Can NOT establish connection with target device. (MachineId = 331)
At a bit of a loss as to what to try from here as I've tried everything I can find and every line of investigation i can see!
Any help would be really apopreciated!