 |
Add a Remote Access Policy
The following steps describe how to set a Remote Access policy, used to establish a secure tunnel between a management console and the Intel AMT platform.
1. Retrieve the instance of AMT_RemoteAccessService, where the “Name” key equals “Intel(r) AMT Remote Access Service”.
2. Invoke AMT_RemoteAccessService.AddRemoteAccessPolicyRule with the following parameters:
Parameter | Value |
Trigger | The event that will trigger the establishment of the remote connection to the MPS. Valid values: 0 – User Initiated 1 – Alert 2 – Periodic |
TunnelLifeTime | Defines the tunnel’s lifetime in seconds. A value of 0 means that the tunnel should stay open until it is closed by the CloseRemoteAccessConnection method or when a different policy with a higher priority needs to be processed. |
ExtendedData | Set only for periodic policy. Defines the idle periods of the connection. The extended data can be in one of two formats: periodic interval or daily interval. The input values must be converted to base64 format. Periodic interval: UINT32 0 UINT32 interval in seconds
Daily interval: UINT32 1 UINT32 Hour in the day (0-23) UINT32 Minutes in the hour (0-59)
|
MPServer | EPRs of one or two MPSs used to open the connection using this policy. Use the EPR that was returned when creating each MPS (see Add a Management Presence Server). The first MPS reference is the primary MPS, while the second is used as a backup if it is not possible to establish a connection with the first MPS. |
|
If successful, the method returns a handle to the new Remote Access policy. |
Note:
Click here for a snippet demonstrating this step
You can execute this snippet by inserting it into the execution template found here.
$extendedData = "AAAAAAAAABk=" # = 25 seconds in base 64 with network order.
$remoteAccessServiceRef = $wsmanConnectionObject.NewReference("SELECT * FROM AMT_RemoteAccessService WHERE Name='Intel(r) AMT Remote Access Service'")
$inputObject = $remoteAccessServiceRef.CreateMethodInput("AddRemoteAccessPolicyRule")
$inputObject.SetProperty("Trigger", "2")
$inputObject.SetProperty("TunnelLifeTime", "0")
$inputObject.SetProperty("ExtendedData", $extendedData)
# $mpServerRef is an EPR to the AMT_ManagementPresenceRemoteSAP object created by the 'Add a Management Presence Server' use case.
$inputObject.SetProperty("MpServer", $mpServerRef)
$outputObject = $remoteAccessServiceRef.InvokeMethod($inputObject)
$returnValue = $outputObject.GetProperty("ReturnValue")
if($returnValue -like "0")
{
$policyRule = $outputObject.GetProperty("PolicyRule")
}
Instance Diagram
Classes Used in This Flow
SDK Sample
Located at:<SDK_root>\Windows\Intel_AMT\Samples\WS-Management\RemoteAccessAdmin
See Also: |
Copyright © 2006-2012, Intel Corporation. All rights reserved. |