Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2823 Discussions

Problems while, PXE Booting on INTEL AMT provisioned machines

zkhan5
Beginner
2,578 Views

Hi guys,

We have configured an environment with Intel SCS and intel vpro enabled clients. We have successfully created policies and have distributed these to our clients. All of the funtions/settings are working as expected, we are using the following policy

Profile Name: KerberosProfile

Profile Type: Intel AMT

Network Settings

FQDN will be the same as the Primary DNS FQDN

IP will be taken from DHCP

Active Directory Integration

Active Directory OU:OU=AMT Objects,DC=Demo,DC=local

Access Control List (ACL)

User 1: administrator

User Type: Digest

User has both remote and local access to the realms listed below

Realms: Redirection, PT Administration, Hardware Asset, Remote Control, Storage, Event Manager, Storage Administration, Agent Presence Local, Agent Presence Remote, Circuit Breaker, Network Time, General Info, Firmware Update, EIT, Local User Notification, Endpoint Access Control, Endpoint Access Control Administrator, Event Log Reader, User Access Control

User 2: Demo.LOCAL\AMT-Admins

User Type: Active Directory

User has both remote and local access to the realms listed below

Realms: Redirection, PT Administration, Hardware Asset, Remote Control, Storage, Event Manager, Storage Administration, Agent Presence Local, Agent Presence Remote, Circuit Breaker, Network Time, General Info, Firmware Update, EIT, Local User Notification, Endpoint Access Control, Endpoint Access Control Administrator, Event Log Reader, User Access Control

User 3: adminkvm

User Type: Digest

User has both remote and local access to the realms listed below

Realms: Redirection, PT Administration, Hardware Asset, Remote Control, Storage, Event Manager, Storage Administration, Agent Presence Local, Agent Presence Remote, Circuit Breaker, Network Time, General Info, Firmware Update, EIT, Local User Notification, Endpoint Access Control, Endpoint Access Control Administrator, Event Log Reader, User Access Control

User 4: Demo.LOCAL\Domain Users

User Type: Active Directory

User has local access to the realms listed below

Realms: Redirection, PT Administration, Hardware Asset, Remote Control, Storage, Event Manager, Storage Administration, Agent Presence Local, Agent Presence Remote, Circuit Breaker, Network Time, General Info, Firmware Update, EIT, Local User Notification, Endpoint Access Control, Endpoint Access Control Administrator, Event Log Reader

Transport Layer Security (TLS)

Server authentication used for remote interface

Server Authentication Certificate Properties:

...

0 Kudos
7 Replies
Anonymous
Not applicable
1,174 Views

Please note the Intel® vPro™ Expert Center discussion forums are not officially monitored by Intel.

To directly engage with experts to log and track support issues related to Intel® vPro™ Technology platforms please contact the Intel® Business Support portal: https://bizsupport.intel.com/ https://bizsupport.intel.com/

Bruno_Domignues
Employee
1,174 Views

Sean,

I have an equivalent environment in my lab and it's working, both on 802.1x and "unprotected" network. Can you tell me about your AMT versions, brands/model?

Best Regards!

-Bruno Domingues

0 Kudos
zkhan5
Beginner
1,174 Views

Hei Bruno,

We have tried on the following clients

1) Dell Latitude E7440

AMT version 9.5.14

AMT SKU Intel(R) Full AMT Managebility

SystemDataversion 9.0.0

BIOS revision A09

2) Dell Latitude E7440

AMT version 9.5.14.14.1724

Mbex v 9.0.0.0025

BIOS revision A09

 

3) Dell 9010

AMT version 9.0.31

 

4) HP Elitedesk

I shall provide the details, we have tried updating to newest version of BIOS and Mbex

 

Best regards,

Sean

 

0 Kudos
zkhan5
Beginner
1,174 Views
0 Kudos
idata
Employee
1,174 Views

Hi Sean,

I found that I have similar problem like you. Do you have any update of this issue?

Jan

0 Kudos
idata
Employee
1,174 Views

Hi Sean,

I started using workaround - instead of booting using PXE I'm using IDER for Windows PE loading. If you want to load image quicker, you can load small Linux image which can load bigger Win PE image. So, when you are using iAMT and 802.1x together, be sure that PXE boot is dead for good.

Jan

0 Kudos
OOlup
Beginner
1,174 Views

Hi Sean,

I'd like to confirm the same problem.

Being knocking my head against the wall for some time now. :-)

Any progress, beside JanCS workaround.

One thing I'd like to add is, that sometimes the BOOT.WIM is loaded and started, but in some unknown moment network interface loses connection with dhcp and image loading stops and error's out.

Oliwer

0 Kudos
Reply