Class AMT_BootSettingData
Used in features: Remote Control
Compatible with the following Intel AMT Releases: 3.0, 3.2, 4.0, 5.0,
5.1, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0
CIM_ManagedElement
CIM_SettingData
CIM_BootSettingData
AMT_BootSettingData
Also see:
CIM_PowerManagementService
class AMT_BootSettingData
- extends CIM_BootSettingData
General Information:
The AMT_BootSettingData class represents
configuration-related and operational parameters for the boot service in the
Intel(R) AMT.
Product Specific Usage:
In order to activate
these settings use CIM_PowerManagementService.RequestPowerStateChange().
Notice that you can't set certain values while others are enabled (for
example: You can't set UseIDER or UseSOL if a CIM_BootSourceSetting is
chosen).
Qualifiers:
-------------
Version=5.1.0
Supported Fields
Summary |
string
|
InstanceID Within the scope of the instantiating Namespace,
InstanceID opaquely and uniquely identifies an instance of this class . .
.
|
string
|
ElementName The
user-friendly name for this instance of SettingData . . .
|
string
|
OwningEntity
OwningEntity identifies the vendor or organization that defines
the contained boot settings.
|
boolean
|
UseSOL When True, Serial
over LAN is used on the next boot cycle.
|
boolean
|
UseSafeMode When a
Hard-drive boot source is chosen (using CIM_BootConfigSetting) and this
property is set to True, the Intel(R) AMT firmware will boot in safe
mode.
|
boolean
|
ReflashBIOS When
True, the Intel(R) AMT firmware reflashes the BIOS on the next boot
cycle.
|
boolean
|
BIOSSetup When True,
the Intel(R) AMT firmware enters the CMOS Setup screen on the next boot
cycle.
|
boolean
|
BIOSPause When True,
the BIOS pauses for user input on the next boot cycle.
|
boolean
|
LockPowerButton
When True, the Intel(R) AMT firmware disables the power button
operation for the system, normally until the next boot cycle.
|
boolean
|
LockResetButton
When True, the Intel(R) AMT firmware disables the reset button
operation for the system, normally until the next boot cycle.
|
boolean
|
LockKeyboard When
True, the Intel(R) AMT firmware disallows keyboard activity during its
boot process.
|
boolean
|
LockSleepButton
When True, the Intel(R) AMT firmware disables the sleep button
operation for the system, normally until the next boot cycle.
|
boolean
|
UserPasswordBypass
When True, the Intel(R) AMT firmware boots the system and
bypasses any user or boot password that might be set in the system.
|
boolean
|
ForcedProgressEvents
When True, the Intel(R) AMT firmware transmits all progress PET
events to the alert-sending device.
|
uint8
|
FirmwareVerbosity
When set to a non-zero value, controls the amount of
information the managed system writes to its local display.
|
boolean
|
ConfigurationDataReset
When True, the Intel(R) AMT firmware resets its non-volatile
configuration data to the managed system's Setup defaults prior to booting
the system.
|
uint8
|
IDERBootDevice
Specifies the device to use when UseIder is set . . .
|
boolean
|
UseIDER When True, IDER
is used on the next boot cycle.
|
boolean
|
EnforceSecureBoot
When True, Secure boot over IDER is enforced on the next boot
cycle, if IDER boot is used. This field is also used in One-Click Recovery. For details, see the section on configuring the platform for the boot.
|
uint16
|
BootMediaIndex
This property identifies the boot-media index for the managed
client (when a boot source is set using the
CIM_BootConfigSetting.ChangeBootOrder method) . . .
|
boolean
|
SecureErase When
True, the BIOS performs secure erase operation.
|
string
|
RSEPassword SSD
password for Remote Secure Erase operation . . .
|
boolean
|
OptionsCleared
Indicates whether the boot options have been cleared by BIOS or
not . . .
|
boolean
|
WinREBootEnabled
Indicates whether ForceWinREBoot is enabled in BIOS
|
boolean
|
UEFILocalPBABootEnabled
Indicates whether ForceUEFILocalPBABoot is enabled in BIOS
|
boolean
|
UEFIHTTPSBootEnabled
Indicates whether ForceUEFIHTTPSBoot is enabled in BIOS
|
boolean
|
SecureBootControlEnabled
Determines whether Intel AMT is privileged by BIOS to disable secure boot for an AMT triggered boot option. If not..
|
uint32
|
BootguardStatus
Enables the console to discover the security level of the BIOS boot flow. . .
|
uint16[2]
|
BIOSLastStatus
Last boot status reported by BIOS . .
.
|
uint 8[]
|
UefiBootParametersArray
TLV parameters array encoded with base64 for configuring boot parameters for One-Click Recovery and Secure Remote Platform Erase ..
.
|
uint 32
|
UefiBootNumberOfParams
Number of parameters in UefiBootParametersArray.
|
boolean
|
RPEEnabled
Indicates whether Secure Remote Platform Erase is enabled by the BIOS.
|
boolean
|
PlatformErase
When set to True, sets the boot option to trigger Secure Remote Platform Erase in the next boot.
|
Methods Summary |
|
Put(Instance) Changes
properties of the selected instance
|
|
Get(Instance) Gets the
representation of the instance
|
|
Pull(EnumerationContext,
MaxElements) Pulls instances of this class, following an
Enumerate operation
|
|
Enumerate()
Enumerates the instances of this class
|
|
Release(EnumerationContext)
Releases an enumeration context
|
InstanceID
public string InstanceID
- General Information:
Within the scope of the instantiating
Namespace, InstanceID opaquely and uniquely identifies an instance of this
class. To ensure uniqueness within the NameSpace, the value of InstanceID
should be constructed using the following "preferred" algorithm:
<OrgID>:<LocalID>
Where <OrgID> and <LocalID>
are separated by a colon (:), and where <OrgID> must include a
copyrighted, trademarked, or otherwise unique name that is owned by the
business entity that is creating or defining the InstanceID or that is a
registered ID assigned to the business entity by a recognized global
authority. (This requirement is similar to the <Schema Name>_<Class
Name> structure of Schema class names.) In addition, to ensure uniqueness,
<OrgID> must not contain a colon (:). When using this algorithm, the
first colon to appear in InstanceID must appear between <OrgID> and
<LocalID>.
<LocalID> is chosen by the business entity and
should not be reused to identify different underlying (real-world) elements.
If the above "preferred" algorithm is not used, the defining entity must
assure that the resulting InstanceID is not reused across any InstanceIDs
produced by this or other providers for the NameSpace of this instance.
For DMTF-defined instances, the "preferred" algorithm must be used with
the <OrgID> set to CIM.
Product Specific Usage:
In
Intel AMT Release 6.0 and later releases value is "Intel(r)
AMT:BootSettingData
0"
Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=35
ElementName
public string ElementName
- General Information:
The user-friendly name for this instance of
SettingData. In addition, the user-friendly name can be used as an index
property for a search or query. (Note: The name does not have to be unique
within a namespace.)
Product Specific Usage:
In Intel AMT
Release 6.0 and later releases value is "Intel(r) AMT Boot Configuration
Settings"
Qualifiers:
-------------
Required
Override=ElementName
MaxLen=45
OwningEntity
public string OwningEntity
- General Information:
OwningEntity identifies the vendor or
organization that defines the contained boot
settings.
Qualifiers:
-------------
Override=OwningEntity
MaxLen=15
UseSOL
public boolean UseSOL
- General Information:
When True, Serial over LAN is used on the
next boot cycle.
Product Specific Usage:
This property can be
set to true only when a boot source isn't set (using
CIM_BootConfigSetting.ChangeBootOrder
method).
Qualifiers:
-------------
Required
UseSafeMode
public boolean UseSafeMode
- General Information:
When a Hard-drive boot source is chosen
(using CIM_BootConfigSetting) and this property is set to True, the Intel(R)
AMT firmware will boot in safe
mode.
Qualifiers:
-------------
Required
ReflashBIOS
public boolean ReflashBIOS
- General Information:
When True, the Intel(R) AMT firmware
reflashes the BIOS on the next boot cycle.
Product Specific
Usage:
This property can be set to true only when a boot source isn't
set (using CIM_BootConfigSetting.ChangeBootOrder
method).
Qualifiers:
-------------
Required
BIOSSetup
public boolean BIOSSetup
- General Information:
When True, the Intel(R) AMT firmware enters
the CMOS Setup screen on the next boot cycle.
Product Specific
Usage:
This property can be set to true only when a boot source isn't
set (using CIM_BootConfigSetting.ChangeBootOrder
method).
Qualifiers:
-------------
Required
BIOSPause
public boolean BIOSPause
- General Information:
When True, the BIOS pauses for user input
on the next boot cycle.
Product Specific Usage:
This property
can be set to true only when a boot source isn't set (using
CIM_BootConfigSetting.ChangeBootOrder
method).
Qualifiers:
-------------
Required
LockPowerButton
public boolean LockPowerButton
- General Information:
When True, the Intel(R) AMT firmware
disables the power button operation for the system, normally until the next
boot cycle.
Qualifiers:
-------------
Required
LockResetButton
public boolean LockResetButton
- General Information:
When True, the Intel(R) AMT firmware
disables the reset button operation for the system, normally until the next
boot cycle.
Qualifiers:
-------------
Required
LockKeyboard
public boolean LockKeyboard
- General Information:
When True, the Intel(R) AMT firmware
disallows keyboard activity during its boot
process.
Qualifiers:
-------------
Required
LockSleepButton
public boolean LockSleepButton
- General Information:
When True, the Intel(R) AMT firmware
disables the sleep button operation for the system, normally until the next
boot cycle.
Qualifiers:
-------------
Required
UserPasswordBypass
public boolean UserPasswordBypass
- General Information:
When True, the Intel(R) AMT firmware boots
the system and bypasses any user or boot password that might be set in the
system.
Qualifiers:
-------------
Required
ForcedProgressEvents
public boolean ForcedProgressEvents
- General Information:
When True, the Intel(R) AMT firmware
transmits all progress PET events to the alert-sending
device.
Qualifiers:
-------------
Required
FirmwareVerbosity
public uint8 FirmwareVerbosity
- General Information:
When set to a non-zero value, controls the
amount of information the managed system writes to its local
display.
Qualifiers:
-------------
Required
ValueMap={0,
1, 2, 3}
Values={System default, Quiet - minimal screen activity, Verbose -
all messages appear on the screen, Screen blank - no messages appear on the
screen}
ConfigurationDataReset
public boolean ConfigurationDataReset
- General Information:
When True, the Intel(R) AMT firmware resets
its non-volatile configuration data to the managed system's Setup defaults
prior to booting the
system.
Product Specific
Usage:
Can be assigned a value only by a user with Administrator rights.
Qualifiers:
-------------
Required
IDERBootDevice
public uint8 IDERBootDevice
- General Information:
Specifies the device to use when UseIder is
set. 0 - Floppy Boot, 1- CD Boot.
Product Specific
Usage:
supported values are 0 and
1.
Qualifiers:
-------------
Required
ValueMap={0,
1}
Values={Floppy Boot, CD Boot}
UseIDER
public boolean UseIDER
- General Information:
When True, IDER is used on the next boot
cycle.
Product Specific Usage:
This property can be set to
true only when a boot source isn't set (using
CIM_BootConfigSetting.ChangeBootOrder
method).
Qualifiers:
-------------
Required
EnforceSecureBoot
public boolean EnforceSecureBoot
- General Information:
When True, Secure boot over IDER is
enforced on the next boot cycle, if IDER boot is used. This field is also used in One-Click Recovery. For details, see the section on configuring the platform for the boot.
BootMediaIndex
public uint16 BootMediaIndex
- General Information:
This property identifies the boot-media
index for the managed client (when a boot source is set using the
CIM_BootConfigSetting.ChangeBootOrder method). For Hard-Drive or CD/DVD boot -
when the parameter value is 0, the default boot-media is booted. When the
parameter value is 1, the primary boot-media is booted; when the value is 2,
the secondary boot-media is booted; and so on. For PXE or diagnostics boot
this property must be
0.
Qualifiers:
-------------
Required
SecureErase
public boolean SecureErase
- General Information:
When True, the BIOS performs secure erase
operation. Note: Customers are recommended to use Secure Remote Platform Erase which is newer and more advanced than this function.
Permission Information:
Required realms:
ADMIN_SECURITY_REMOTE_CONTROL_REALM and ADMIN_SECURITY_SOLIDER_REALM
Qualifiers:
-------------
Required
RSEPassword
public string RSEPassword
- General Information:
SSD password for Remote Secure Erase
operation. This is a write-only field, an empty string is returned when
instance is read. When writing, an empty string or lack of field will be
ignored. The password length is limited to 32 ASCII characters. Note: Customers are recommended to use Secure Remote Platform Erase which is newer and more advanced than Remote Secure Erase.
Permission Information:
Required realms:
ADMIN_SECURITY_REMOTE_CONTROL_REALM and ADMIN_SECURITY_SOLIDER_REALM
Qualifiers:
-------------
MaxLen=32
WinREBootEnabled
public boolean WinREBootEnabled
- General Information:
Indicates whether ForceWinREBoot is enabled in BIOS. This property is read only.
UEFILocalPBABootEnabled
public boolean UEFILocalPBABootEnabled
- General Information:
Indicates whether ForceUEFILocalPBABoot is enabled in BIOS. This property is read only.
UEFIHTTPSBootEnabled
public boolean UEFIHTTPSBootEnabled
- General Information:
ndicates whether ForceUEFIHTTPSBoot is enabled in BIOS. This property is read only.
SecureBootControlEnabled
public boolean SecureBootControlEnabled
- General Information:
Determines whether Intel AMT is privileged by BIOS to disable secure boot for an AMT triggered boot option. If not, BIOSSecureBoot must be set to TRUE. This property is read only.
BootguardStatus
public uint32 BootguardStatus
- General Information:
Enables the console to discover the security level of the BIOS boot flow. This property is read only.
OptionsCleared
public boolean OptionsCleared
- General Information:
Indicates whether the boot options have
been cleared by BIOS or not. This property is read only.
BIOSLastStatus
public uint16[2] BIOSLastStatus
- General Information:
Last boot status reported by BIOS. The first 16-bit word
contains the general BIOS status (0 - Success, 1 - In Progress, 2 - Not
Updated, 0xFFFF - Failed). The second word contains the detailed error status (0 -
Success/In Progress, 1 - General Drive Failure, 2 - Drive
Password/Authentication Failure, 3 - Feature is not supported). This property
is read-only.
In releases prior to the following ones, transitioning to power state CM0 caused Intel AMT to clear BIOSLastStatus with the value 2 (Not Updated) if boot options were not set:
• 14.1.67 (Comet Lake)
• 15.0.42 (Tiger Lake)
• 15.20.5 (Eagle Stream)
• 16.1.25 (Alder Lake, Raptor Lake)
• 16.10.5 (Fishhawk Falls)
In releases posted after the ones listed above,the BIOSLastStatus is cleared by Intel AMT to a value of 2 (Not Updated) when the console triggers new boot options by calling CIM_BootService.SetBootConfigRole with the role IsNextSingleUse.
UefiBootParametersArray
public uint8[] UefiBootParametersArray
- General Information:
TLV parameters array encoded with base64 for configuring boot parameters for One-Click Recovery and Secure Remote Platform Erase. For details of the format, see Transmitting Parameters from the Console to BIOS via Intel AMT.
Permission Information:
Required realms: ADMIN_SECURITY_REMOTE_CONTROL_REALM and ADMIN_SECURITY_SOLIDER_REALM
UefiBootNumberOfParams
public uint32 UefiBootNumberOfParams
- General Information:
Number of parameters in UefiBootParametersArray
RPEEnabled
public boolean RPEEnabled
- General Information:
Indicates whether Secure Remote Platform Erase is enabled by the BIOS.
Note: This command needs to execute over TLS.
PlatformErase
public boolean PlatformErase
- General Information:
When set to True, sets the boot option to trigger Secure Remote Platform Erase in the next boot.
Note: This command needs to execute over TLS.
Permission Information:
Required realms:
ADMIN_SECURITY_REMOTE_CONTROL_REALM and
ADMIN_SECURITY_SOLIDER_REALM
Put
public Put([IN]AMT_BootSettingData Instance)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_REMOTE_CONTROL_REALM,
ADMIN_SECURITY_LOCAL_SYSTEM_REALM
General
Information:
Changes properties of the selected
instance
Product Specific Usage:
The new settings will be
applied only if CIM_BootService.SetBootConfigRole was previously called with
Role=IsNextSingleUse.
The following properties must be included in any
representation of AMT_BootSettingData:
InstanceID (cannot be modified)
ElementName (cannot be modified)
UseSOL
UseSafeMode
ReflashBIOS
BIOSSetup
BIOSPause
LockPowerButton
LockResetButton
LockKeyboard
LockSleepButton
UserPasswordBypass
ForcedProgressEvents
FirmwareVerbosity
ConfigurationDataReset
IDERBootDevice
UseIDER
BootMediaIndex
Sets boot options for the next boot.
If at least one of of the
following fields is set to "true" (for boolean types) or non-zero value (for
uint8 types), and user consent is required but IPS_OptInService.OptInState
value is not 'Received' or 'In Session', an “access denied” fault will be
generated:
UseSOL
UseSafeMode
ReflashBIOS
BIOSSetup
BIOSPause
ConfigurationDataReset
IDERBootDevice
UseIDER
BootMediaIndex
Other properties can be modified regardless of user
consent state.
Get
public Get([OUT]AMT_BootSettingData Instance)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_REMOTE_CONTROL_REALM,
ADMIN_SECURITY_GENERAL_INFO_REALM
General Information:
Gets
the representation of the instance
Pull
public Pull([IN]String EnumerationContext, [IN]String MaxElements)
- Permission Information:
All users permitted to use method, only
instances to whom the user has permissions will be returned
General
Information:
Pulls instances of this class, following an Enumerate
operation
Enumerate
public Enumerate()
- Permission Information:
All users permitted to use
method
General Information:
Enumerates the instances of this
class
Release
public Release([IN]String EnumerationContext)
- Permission Information:
All users permitted to use
method
General Information:
Releases an enumeration
context