1 2 Previous Next 2 Replies Latest reply on Aug 14, 2008 12:30 PM by miroyer

    SCCM 2nd stage provisioning issue

    miroyer

       

      Orginal Question from JeanMc: http://communities.intel.com/thread/1481?start=105&tstart=0

       

       

      Hi there,

       

       

      The status of an intel AMT 3.2.1 system shows provisioned in the SCCM console. I can also open the Out Of Band console by right clicking on the client in the SCCM console. However connection to the client fails. Power control also does not work. I have discovered that the 2nd stage provision on AMT device fails. Extract from log file:

       

       

      Start 2nd stage provision on AMT device XV.bcxhpw.lcl. SMS_AMT_OPERATION_MANAGER 2008/08/11 10:05:51 AM 4872 (0x1308)

      session params : https://xv.bcxhpw.lcl:16993/ , 11001 SMS_AMT_OPERATION_MANAGER 2008/08/11 10:05:51 AM 4872 (0x1308)

      Delete existing ACLs... SMS_AMT_OPERATION_MANAGER 2008/08/11 10:05:51 AM 4872 (0x1308)

      ERROR: Invoke(invoke) failed: 80020009argNum = 0 SMS_AMT_OPERATION_MANAGER 2008/08/11 10:05:53 AM 4872 (0x1308)

      Description: A security error occurred SMS_AMT_OPERATION_MANAGER 2008/08/11 10:05:53 AM 4872 (0x1308)

      Error: Cannot Enumerate User Acl Entries. SMS_AMT_OPERATION_MANAGER 2008/08/11 10:05:53 AM 4872 (0x1308)

      Error: CSMSAMTProvTask::StartProvision Fail to call AMTWSManUtilities::DeleteACLs SMS_AMT_OPERATION_MANAGER 2008/08/11 10:05:53 AM 4872 (0x1308)

       

       

      The PKI infrastructure is in place and I have created the OU for OOBM in AD and granted the SCCM computer account full control in AD. In addition the SCCM AMT Operations Manager component logged the following: Provisioning failed because there is a winhttp proxy.

       

       

      We are running the SCCM Primary site server on a VM in Hyper-V. I had the Out of Band service point configured on the Primary site server. Thinking that this might be a problem (because of the VM environment), I relocated the Out of Band service point role to another Physical W2K8 host with Hyper-V. I.e. the role is running on the physical host system and not in a VM.

       

       

      I attempted the process again, however same result. Hyper-V creates a separate virtual network... not sure whether this is the problem.

       

       

      Any assistance would be appreciated. PS: I have attached the amtopmgr.log file

       

       

        1 2 Previous Next