we are currently impementing AMT Clients (Versions 5.x - 7.x) with SCCM and Microsoft NPS in our 802.1x protected network. Everthing worked as expected (Provisioning OK, TLS OK, Kerberos OK, KVM OK Power Control OK) until now. The 802.1x authentication is failing because of an incorrect domain Name.
For example: Lets say our domain name (DNS) is vpro.com. NETBIOS Name is corpvro. Usually the clients are authentication with PEAP-MS-CHAPv2 using this notation: corpvro\COMPUTERNAME$. If AMT tries to authenticate the notation is: vrpo\COMPUTERNAME$iME. So it is using the DNS Name without the top level domain behind the dot. Now the NPS is saying "domain not exist" Errorcode 7 and drops the authentication attempt. Where could i have made a mistake, everything else is working as is should.
Thank you for your help....
Can you please clarify if you are indicating that you originally provisioned and managed your clients successfully with SCCM in an 802.1x environment and then later authentication broke? Or did you add the MSFT NPS in after originally configuring all of your vPro clients? Has this disjointed name space issue caused any other problems with your infrastructure?