we are in the process of configuring AMT provisioning using SCCM SP1. sccm agent installed on the client computers and hence followed the documentation relatedto in-band provisioning. tried using a triel certificate from verisign, but i read ont the forum that trial certificate is not going to work so generated the provisioning certifiicate from a local Microsoft CA using the procedure documented. made sure the thumbprint of the local CA's root certificate is added manually to the amt bios of the client computer. using Dell Optiples 755 to test the provisioning. and also configured the sccm as documented. made a template for autoenroll of web server certificates. now after having configured all the steps, we get a status of "Detected" in the sccm console and amt version is shown as 3.2.1. when you look at the logs of the clients the oobmgmt log shows the activity as shown below
]LOG]!><time="09:57:04.097+000" date="01-13-2009" component="oobmgmt" context="" type="1" thread="3736" file="event.cpp:525">
<![LOG[Successfully activated the device.]LOG]!><time="09:57:04.113+000" date="01-13-2009" component="oobmgmt" context="" type="1" thread="3736" file="amtprovisionendpoint.cpp:424">
<![LOG[END]LOG]!><time="09:57:04.128+000" date="01-13-2009" component="oobmgmt" context="" type="1" thread="3736" file="amtprovisionendpoint.cpp:620">
the collection still shows the AMT status as detected in spite of the client log shows successfull. on the client computer i made sure the mebx password and the admin pasword are same. we have a lot of comuters which are vpro enabled and need to configure this option to avail the benefits of this new technology.
suggesions highly appreciated
Do you have your AMT systems in a collection that has automatic out of band provisioning enabled? One thing to also keep in mind is that the provisioning process can take sime time. The client agent has to see that the system is in a collection that enables automatic provisioning, generate the one-time-password and send it off to the server. You can speed this process along by following the steps in this blog entry to force the client to generate the OTP and send it to SCCM.