Friday, May 25, 2012

How to Remotely Control Your PC using Vpro-AMT

I need to show up a demo today from my client hyper-visor machine. Currently we use virtual room to do the demos for remote people, but since we do not have a virtual room client for linux and my Dom0 client is completely closed so I was looking for a way to show the console screen of my machine in the demo.

I was able to achieve it by following steps on HP 8460 p machine:

Intel vPro is a management platform built into Intel processors and other hardware that allows companies to manage their desktops and laptops out-of-band (OOB). That means the computers can be managed no matter if the computer in on or off, and even if the operating system has failed or there is no hard drive present.

Make sure machine has vPro+AMT support in the processor and BIOS.

Once you have AMT capable system,  continue on to configure Intel AMT KVM.

Enable Hardware KVM

The first thing you will need to do is turn on BIOS verbosity. Reboot your computer and enter your BIOS configuration. Look for something labeled firmware verbosity or boot verbosity and make sure it is turned on. Likewise, if there is an option for an AMT setup prompt make sure that is turned on as well.

Restart your computer and just after the BIOS splash screen you should see a second setup screen that looks something like the image below. Push Ctrl+P at this screen to enter the Management Engine BIOS Extension (MBEx) to configure Intel AMT.

If AMT has never been set up on your computer you will be prompted for a password. Enter “admin” for the default password and you will be prompted automatically to create a new password. The new password has to have be exactly 8 characters and contain one upper case letter, one lower case letter, one number, and one symbol. Enter the new password twice to continue.
Note: If “admin” does not work as the default password you can also try “P@ssw0rd” because that is the default password in Intel’s configuration documentation.

Once you are logged into the MEBx, go to Intel Management Engine and then select activate network access.

Type Y to accept the warning that pops up about activating the ME network interface.

Next select network setup and then Intel(R) ME Network Name Settings.

Select host name and put in your computers name. You technically could put in anything you want here but it may cause problems with DNS if the Intel AMT name is different from your computer’s name.

Return to the main menu using the escape key and then go to manageability feature selection. Push Y to continue past the caution message.
Verify that the manageability feature selection is enabled in the lower window and then select SOL/IDER.

From here verify that SOL, IDER, and Legacy Redirection Mode are all enabled.

Return to the previous menu and then select KVM Configuration.  Make sure KVM Feature Selection is enabled.

From here change User Opt-in so that user consent is not required for KVM session.

Then enable remote control of Opt-in policy.

Push escape three times to exit the MEBx menu and push Y when prompted if you are sure you want to leave.

Once you have BIOS things enabled you can use vnc viewer plus client to connect remotely
To find the IP address- when machine boot press CTRL+ALT+F1. This should show the IP address.

You will be prompted for your Intel AMT KVM password.

And a VNC connection will be established with the AMT KVM server.

No comments: