| SUMMARY: NESTED | FIELD | | METHOD |
| DETAIL: FIELD | METHOD |
Class AMT_GeneralSettings
Used in features: Network Administration , Power Settings , Security Administration , General InfoCompatible with the following Intel AMT Releases: 3.0, 3.2, 4.0, 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0
CIM_ManagedElementCIM_SettingData
- extends CIM_SettingData
class AMT_GeneralSettings
General Information:
This class contains all Intel(R) AMT general
settings.
Qualifiers:
-------------
Version=7.0.0
| Supported Fields Summary | |
|---|---|
string
|
ElementName The user-friendly name for this instance of SettingData . . . |
string
|
InstanceID Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. |
boolean
|
NetworkInterfaceEnabled
Indicates whether the network interface is enabled |
string
|
DigestRealm The Intel(R) AMT device Digest Authentication Realm parameter as defined by RFC 2617. |
uint32
|
IdleWakeTimeout
Defines the minimum time value, in minutes, that Intel(R) AMT will be powered after waking up from a sleep power state, or after the host enters sleep or off state.This timer value will be reloaded whenever Intel(R) AMT is servicing requests . . . |
string
|
HostName Intel(R) AMT host setting. |
string
|
DomainName Intel(R) AMT domain name setting. |
boolean
|
PingResponseEnabled
Indicates whether Intel(R) AMT should respond to ping Echo Request messages. |
boolean
|
WsmanOnlyMode
Indicates whether Intel(R) AMT should block network interfaces other than WS-Management. |
uint32
|
PreferredAddressFamily
Preferred Address Family (IPv4/IPv6). |
uint16
|
DHCPv6ConfigurationTimeout
Defines the Maximum Duration (DHCPv6 MRD for the Solicit Message) in seconds during which the Intel(R) ME FW tries to locate a DHCPv6 server . . . |
boolean
|
DDNSUpdateEnabled
Defines whether the Dynamic DNS Update Client in FW is enabled or not . . . |
boolean
|
DDNSUpdateByDHCPServerEnabled
If the DDNS Update client in FW is disabled then this property will define whether DDNS Update should be requested from the DHCP Server for the shared IPv4 address and shared FQDN . . . |
boolean
|
SharedFQDN Defines Whether the FQDN (HostName.DomainName) is shared with the Host or dedicated to ME . . . |
string
|
HostOSFQDN Intel(R) AMT host OS FQDN . . . |
uint32
|
DDNSTTL Defines the Time To Live value (cachable time) of RRs registered by the FW DDNSUpdateClient . . . |
uint32
|
AMTNetworkEnabled
When set to Disabled, the AMT OOB network interfaces (LAN and WLAN) are disabled including AMT user initiated applications, Environment Detection and RMCPPing . . . |
boolean
|
RmcpPingResponseEnabled
Indicates whether Intel(R) AMT should respond to RMCP ping Echo Request messages. |
uint32
|
DDNSPeriodicUpdateInterval
Defines the interval at which the FW DDNS Update client will send periodic updates for all the RRs registered by FW . . . |
uint32
|
PresenceNotificationInterval
Defines the interval at which the FW will send periodic WS-management events notifications (for the subscribed clients) whenever network settings are changed . . . |
uint32
|
Privacy Level
Defines the Privacy Level setting. Privacy Level defines the values for privacy-related parameters by default and upon ME-unconfigure event.The setting can have the following values: Default: SOL enabled = true, IDER enabled = true, KVM enabled = true, Opt-in can be disabled = true, opt-in configurable remotely = true . . . |
uint32
|
PowerSource The system current power source |
uint32
|
ThunderboltDockEnabled When set to Disabled, a management console cannot communicate with Intel AMT via a Thunderbolt dock. |
uint16
|
OemID The OEM's vendor ID as listed in the Peripheral Component Interconnect Special Interest Group (PCI-SIG) list of member companies. |
| Methods Summary | |
|---|---|
|
Put(Instance) Changes properties of the selected instance |
|
Get(Instance) Gets the representation of the instance |
|
Pull(EnumerationContext,
MaxElements) Pulls instances of this class, following an Enumerate operation |
|
Enumerate()
Enumerates the instances of this class |
|
Release(EnumerationContext)
Releases an enumeration context |
|
AMTAuthenticate([IN]uint8 MC_Nonce[20], [OUT] uint8 Nonce[20],[OUT] string UUID[16],[OUT] string FQDN,[OUT] string FWVersion,
[OUT] uint32 AMTSVN,[OUT] uint32 SignatureMechanism,[OUT] uint8 Signature[512],[OUT] uint16 LengthOfCertificates[4],[OUT] uint8 Certificates[3000]);
Provides authentication of Intel AMT... |
| Field Detail |
|---|
ElementName
public string ElementName
- General Information:
The user-friendly name for this instance of SettingData. In addition, the user-friendly name can be used as an index property for a search or query. (Note: The name does not have to be unique within a namespace.)
Product Specific Usage:
This is a read-only property.
In Intel AMT Release 6.0 and later releases value is 'Intel(r) AMT: General Settings'
Qualifiers:
-------------
Required
Override=ElementName
MaxLen=40
InstanceID 
public string InstanceID
- General Information:
Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class.
Product Specific Usage:
This is a read-only property.
In Intel AMT Release 6.0 and later releases value is 'Intel(r) AMT: General Settings'
Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=256
NetworkInterfaceEnabled
public boolean NetworkInterfaceEnabled
- General Information:
Indicates whether the network interface is enabled
Product Specific Usage:
This is a read-only property.
DigestRealm
public string DigestRealm
- General Information:
The Intel(R) AMT device Digest Authentication Realm parameter as defined by RFC 2617.
Product Specific Usage:
This is a read-only property.
Qualifiers:
-------------
MaxLen=65
IdleWakeTimeout
public uint32 IdleWakeTimeout
- General Information:
Defines the minimum time value, in minutes, that Intel(R) AMT will be powered after waking up from a sleep power state, or after the host enters sleep or off state.This timer value will be reloaded whenever Intel(R) AMT is servicing requests. Note: this setting may not be applicable under some power package definitions.
Product Specific Usage:
The minimum value for this property is 1, maximum is 65535
HostName
public string HostName
- General Information:
Intel(R) AMT host setting.
Product Specific Usage:
In Intel AMT Release 5.1, maximum length was 32 characters.
In Intel AMT Release 6.0 and later releases, maximum length is 63 characters.
Starting from Intel CSME 18.0, the hostname can contain Unicode characters, where each character is encoded as an html entity number, for example U+003C is represented by the ASCII string < or <. Maximum length of the string remains 63 bytes when encoded in UTF-8.
Qualifiers:
-------------
MaxLen=64
DomainName
public string DomainName
- General Information:
Intel(R) AMT domain name setting.
Product Specific Usage:
In Intel AMT Release 5.1, maximum length was 222 characters.
In Intel AMT Release 6.0 and later releases, maximum length is 191 characters.
Qualifiers:
-------------
MaxLen=192
PingResponseEnabled
public boolean PingResponseEnabled
- General Information:
Indicates whether Intel(R) AMT should respond to ping Echo Request messages.
Product Specific Usage:
Additional Notes:
1) 'PingResponseEnabled' is a required field for the Put command.
WsmanOnlyMode
public boolean WsmanOnlyMode
- General Information:
Indicates whether Intel(R) AMT should block network interfaces other than WS-Management.
Product Specific Usage:
By default AMT enables both WS-Management and legacy interfaces. If set to true, only WS-Management will be enabled.
Additional Notes:
1) 'WsmanOnlyMode' is a required field for the Put command.
PreferredAddressFamily
public uint32 PreferredAddressFamily
- General Information:
Preferred Address Family (IPv4/IPv6).
Product Specific Usage:
Preferred Address Family (IPv4/IPv6) used for controlling outbound traffic such as events and user initiated traffic.
For such traffic, the preferred addressing family will be attempted first, but other considerations also apply, depending on the traffic and the destination.
Qualifiers:
-------------
ValueMap={0, 1, 2..}
Values={IPv4, IPv6, Reserved}
DHCPv6ConfigurationTimeout
public uint16 DHCPv6ConfigurationTimeout
- General Information:
Defines the Maximum Duration (DHCPv6 MRD for the Solicit Message) in seconds during which the Intel(R) ME FW tries to locate a DHCPv6 server. 0 - means try forever. The default value for this property is 0.
DDNSUpdateEnabled
public boolean DDNSUpdateEnabled
- General Information:
Defines whether the Dynamic DNS Update Client in FW is enabled or not. (The default value for this property is disabled)
DDNSUpdateByDHCPServerEnabled
public boolean DDNSUpdateByDHCPServerEnabled
- General Information:
If the DDNS Update client in FW is disabled then this property will define whether DDNS Update should be requested from the DHCP Server for the shared IPv4 address and shared FQDN. (The default value for this property is enabled)
SharedFQDN
public boolean SharedFQDN
- General Information:
Defines Whether the FQDN (HostName.DomainName) is shared with the Host or dedicated to ME. (The default value for this property is shared - TRUE).
Product Specific Usage:
Available in Release 6.0 and later releases.
HostOSFQDN
public string HostOSFQDN
- General Information:
Intel(R) AMT host OS FQDN. This value of host FQDN is needed for the case that FW is set with a dedicated FQDN - this allows the SW to correlate the FW name with the Host name.
Product Specific Usage:
Available in Release 6.0 and later releases.
Qualifiers:
-------------
MaxLen=256
DDNSTTL
public uint32 DDNSTTL
- General Information:
Defines the Time To Live value (cachable time) of RRs registered by the FW DDNSUpdateClient. Units are seconds. (The default value for this property is 15 minutes).
Product Specific Usage:
Maximum value is 2147483647 (2^31-1) - according to RFC2181
AMTNetworkEnabled
public uint32 AMTNetworkEnabled
- General Information:
When set to Disabled, the AMT OOB network interfaces (LAN and WLAN) are disabled including AMT user initiated applications, Environment Detection and RMCPPing. Since OOB networking is disabled, there will not be an option to enable it back remotely.
Qualifiers:
-------------
ValueMap={0, 1, 2..}
Values={Disabled, Enabled, Reserved}
RmcpPingResponseEnabled
public boolean RmcpPingResponseEnabled
- General Information:
Indicates whether Intel(R) AMT should respond to RMCP ping Echo Request messages.
DDNSPeriodicUpdateInterval
public uint32 DDNSPeriodicUpdateInterval
- General Information:
Defines the interval at which the FW DDNS Update client will send periodic updates for all the RRs registered by FW. Should be set according to corporate DNS scavenging policy. Units are minutes. Can be : either 0, or 20 and over. A value of 0 disables periodic update. (The default value for this property is 24 hours - 1440 minutes).
PresenceNotificationInterval
public uint32 PresenceNotificationInterval
- General Information:
Defines the interval at which the FW will send periodic WS-management events notifications (for the subscribed clients) whenever network settings are changed. Units are minutes. A value of 0 disables periodic events. The default value for this property is 0 (notifications are disabled). The minimal allowed value is 15 minutes.
Privacy Level
public uint32 PrivacyLevel
- General Information:
Defines the Privacy and Security Level setting. Privacy Level defines the values for privacy/security-related parameters by default and upon ME-unconfigure event. The setting can have the following values:
Default:
SOL enabled = true, IDER enabled = true, KVM enabled = true, Opt-in can be disabled = true, opt-in configurable remotely = true. From Intel ME 8: Also Client Control Mode allowed=true and RCFG enabled=true.
Enhanced:
SOL enabled = true, IDER enabled = true, KVM enabled = true, Opt-in can be disabled = false, opt-in configurable remotely = true. From Intel ME 8: Also Client Control Mode allowed=true and RCFG enabled=true.
Extreme:
SOL enabled = false, IDER enabled = false, KVM enabled = false, Opt-in can be disabled = false, opt-in configurable remotely = false. From Intel ME 8: Also Client Control Mode allowed=false and RCFG enabled = false.
Product Specific Usage:
This is a read-only property.
Qualifiers:
-------------
ValueMap={0, 1, 2, 3..}
Values={Default, Enhanced, Extreme, Reserved}
PowerSource
public uint32 PowerSource
- General Information:
The system current power source
Product Specific Usage:
This is a read-only property.
Qualifiers:
-------------
ValueMap={0, 1, 2..}
Values={AC, DC, Reserved}
ThunderboltDockEnabled
public uint32 ThunderboltDockEnabled
- General Information:
When set to Disabled, a management console cannot communicate with Intel AMT via a Thunderbolt dock.
Product Specific Usage:
Available in Release 15.0 and later releases.
Values: 0=Disabled, 1=Enabled. Default: Enabled.
OemID
public uint16 OemID
- General Information:
The OEM's vendor ID as listed in the Peripheral Component Interconnect Special Interest Group (PCI-SIG) list of member companies.
Product Specific Usage:
Available in Release 16.1 and later releases.
| Method Detail |
|---|
Put
public Put([IN]AMT_GeneralSettings Instance)
- Permission Information:
Permitted realms: ADMIN_SECURITY_ADMINISTRATION_REALM, ADMIN_SECURITY_LOCAL_APPS_REALM, ADMIN_SECURITY_RCS_ADMIN_REALM, ADMIN_SECURITY_EVENT_MANAGER_REALM
General Information:
Changes properties of the selected instance
Product Specific Usage:
Additional Info:
1) The InstanceID and ElementName properties must be included in any representation of AMT_GeneralSettings, but cannot be modified:
2) Several permissions can call this method.
The ADMINISTRATION realm can change all properties.
The RCS_ADMIN realm can change the IdleWakeTimeout and RmcpPingResponseEnabled properties.
The LOCAL_APPS realm can change the RmcpPingResponseEnabled property.
The EVENT_MANAGER realm can change the PresenceNotificationInterval property (version 6.1 and above).
Get
public Get([OUT]AMT_GeneralSettings Instance)
- Permission Information:
Permitted realms: ADMIN_SECURITY_ADMINISTRATION_REALM, ADMIN_SECURITY_GENERAL_INFO_REALM, ADMIN_SECURITY_USER_ACCESS_CONTROL_REALM, ADMIN_SECURITY_LOCAL_APPS_REALM, ADMIN_SECURITY_RCS_ADMIN_REALM, ADMIN_SECURITY_EVENT_MANAGER_REALM
General Information:
Gets the representation of the instance
Product Specific Usage:
Additional Notes:
1) 'Get' in Intel AMT Release 3.2 is permitted only to 'ADMIN_SECURITY_ADMINISTRATION_REALM' and 'ADMIN_SECURITY_GENERAL_INFO_REALM'.
2) 'Get' in Intel AMT Release 5.0 and earlier releases is not permitted to 'ADMIN_SECURITY_LOCAL_APPS_REALM'.
Pull
public Pull([IN]String EnumerationContext, [IN]String MaxElements)
- Permission Information:
All users permitted to use method, only instances to whom the user has permissions will be returned
General Information:
Pulls instances of this class, following an Enumerate operation
Enumerate
public Enumerate()
- Permission Information:
All users permitted to use method
General Information:
Enumerates the instances of this class
Release
public Release([IN]String EnumerationContext)
- Permission Information:
All users permitted to use method
General Information:
Releases an enumeration context
AMTAuthenticate
public AMTAuthenticate([IN]uint8 MC_Nonce[20], [OUT] uint8 Nonce[20],[OUT] string UUID[16],[OUT] string FQDN,[OUT] string FWVersion, [OUT] uint32 AMTSVN,[OUT] uint32 SignatureMechanism,[OUT] uint8 Signature[512],[OUT] uint16 LengthOfCertificates[4],[OUT] uint8 Certificates[3000]);
- Permission Information:
Permitted realms: ADMIN_SECURITY_GENERAL_INFO_REALM, ADMIN_SECURITY_ADMINISTRATION_REALM
General Information:
Provides authentication of Intel AMT to assure that the TLS session is to an authentic Intel AMT firmware application executing on the Intel CSME. In addition it also provides device identity attestation. The flow for verifying the Intel AMT firmware is documented in the section on On-Die Certificate Authority (ODCA) certificates that are bound to unique fuses in the device and provide device identity attestation to the console. Enables verifying the health of Intel AMT firmware by checking for Intel AMT firmware certificate revocation.
Qualifiers:
-------------
ValueMap={"0", "1"}
Values={ "PT_STATUS_SUCCESS", "PT_STATUS_INTERNAL_ERROR" }
Parameters:
-------------
MC_Nonce
Description: 20-byte nonce created by user Qualifiers: Required, In
Nonce
Description: 20-byte nonce created by Intel AMT firmware
Qualifier: OUT
UUID
Description: 16 bytes containing the system UUID
Qualifier: OUT
FQDN
Description: The null-terminated system name configured when Intel AMT is provisioned. Null for unprovisioned system
Qualifier: OUT
FWVersion
Description: Intel AMT firmware version of the system
Qualifier: OUT
AMTSVN
Description: The SVN (Security Version Number) of the Intel AMT application
Qualifier: OUT
SignatureMechanism
Description: Signature mechanism used for the hash and signing
Qualifiers: OUT
ValueMap { "0","1..65535" }
values { "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","Reserved" }
Signature
Description: Signature over Hash(Hash(AMT TLS Server Cert/ CIRA MPS Cert) || MCNonce || Nonce || FQDN || UUID || FWVersion || AMTSVN || DigestRealm || SignatureMechanism)
Qualifier: OUT
LengthOfCertificates
Description: A 4-element array containing the lengths of the certificates stored in the Certificates field in sequential order
Qualifier: OUT
Certificates
Description: The On-Die Certificate Authority certificate chain used for signing the TLS certificate
Qualifier: OUT
| SUMMARY: NESTED | FIELD | METHOD |
| DETAIL: FIELD | METHOD |
|
Copyright © 2006-2022, Intel Corporation. All rights reserved. |