Syncing the AMT hostname with the computer hostname

Syncing the AMT hostname with the computer hostname

At times we have the need to change the computername of a system. Does anyone have any suggestions for an automated method to update the AMT hostname to match theWindows computername?

Thanks

12 posts / 0 new
Last post
For more complete information about compiler optimizations, see our Optimization Notice.

Ha yes, that's a good question. As a lead in, if the name of the computer is different in the management engine (ME) and the OS, often times, it will cause the computer to have a different DNS name when it's awake and asleep. This can cause a lot of problems, especialy if you rely on the name to find the computer. Also, the computer's name can only be changed remotly, not locally.

I am a bit at a loss for a good answer. You could have a local agent check in with a server and say, hey, I am here, here is my platform GUID. The server would have to push the that GUID into the local agent, and when a agent claims to have a GUID that does not match the computer's reverse DNS name, the server would have to log into AMT and, checked the GUID again and reset the name if needed.

I am not familiar with SCS, if someone is, I would like to how SCS handles this situation.

Thanks,
Ylian (Intel AMT Blog)

We are also using the SMS Add-On which complicates the issue even more. When the computername changes, you can no longer manage the AMT from the SMS console. And, you also can't re-discover the system. If you go into the SCS console you can't even re-provision the system. I would imagine if the client could send an update to SCS with the UUID and the new comptuername, that would fix it. So I guess I was hoping someone already has a method to do this.

Well, since I got no takes with the first question how about this. Does anyone have a script or tool that will allow you to do a partial unprovision operation from the Windows client? This will allow me to do a RCT to re-provision which will correct the AMT hostname.

Thankis

Hi Frank,

We experienced similar problems and could find no readily available solution to this. In the end i had to write an agent that performs a WMI scan against all AMT clients that are registered with the SCS. If it detects that the windows FQDN and the FQDN in the SCS are not the same it updates the provisioning information for that client on the SCS and forces a reprovision.

There a few problems with this method however; WMI is disabled on many networks, its not very fast and it generates a lot of excess network traffic.

I too would like to know what innovative solutions the other members oftheAMT community have come up with around this problem, regardless of what management tool they use.

Would you be able to post sample code for your agent?

Hi,

I can't give you the entire program as it is very deeply integrated in to our product, but i can give you some WMI sample code


using System;
using System.Collections.Generic;
using System.Text;

using System.Management;

namespace WMITest
{
class Program
{
static void Main(string[] args)
{
ManagementScope scope = new ManagementScope();
ConnectionOptions options = new ConnectionOptions();
ObjectQuery uuidQuery = new ObjectQuery("SELECT UUID FROM Win32_ComputerSystemProduct");
ObjectQuery computerQuery = new ObjectQuery("SELECT * FROM Win32_ComputerSystem");
ManagementObjectSearcher searcher = new ManagementObjectSearcher();

try
{
options.Authority = "ntlmdomain:vmdaliot.com";
options.Username = "administrator";
options.Password = "";
options.Impersonation = ImpersonationLevel.Impersonate;

scope.Options = options;
scope.Path = new ManagementPath("\myAmtClientrootcimv2");
scope.Connect();

searcher.Scope = scope;
searcher.Query = uuidQuery;

ManagementObjectCollection queryCollection = searcher.Get();

foreach (ManagementObject m in queryCollection)
{
Console.WriteLine("Computer UUID = {0}", m["UUID"]);
}


searcher.Scope = scope;
searcher.Query = computerQuery;

queryCollection = searcher.Get();

foreach (ManagementObject m in queryCollection)
{
Console.WriteLine("Computer Domain = {0}", m["Domain"]);
Console.WriteLine("Computer Name = {0}", m["Name"]);
}


}
catch (Exception ex)
{
Console.WriteLine("Exception: [{0}], [{1}]", ex.Message, ex.InnerException);
}

Console.ReadKey();
}
}
}

Wouldn't it be possible for each client to do this on their own? For example, shouldn't the client be able to compare its hostname with the internal AMT hostname via some sort of automated script and then if they are different send a request to SCS to reprovision the system?Under this method,all of the traffic is gone and the WMI is local. But my overall problem isn't the WMI code, its the code to talk to AMT and SCS.

Another trick that can be used to solve this problem is to subscribe to Intel AMT Alerts and upon receiving an alert, perform a reverse-DNS, connect to AMT and check that everything matches. If it does not, update the settings or issue a partial-unprovision. In this case, you don't need the discovery anymore. Of couse, having an in-band agent to help is also great, you can store the computer's UUID into the OS and if something gets out of sync, you can get the UUID off of the OS agent and use that with known data to re-connect to AMT andupdate the settings.

Ylian (Intel AMT Blog)

It is possible to get host name using GeneralInfoService (Intel AMT SOAP interface) and computer name using GetComputerName (Win32 API). If the names are different then call SetComputerNameEx to set the computer name on the Intel AMT system. It works for us. There is one disadvantage in this method. The Intel AMT system requires to reboot after calling SetComputerNameEx API to set the name.

Yes. I imagine that is possible. However, I wouldn't want to changte the comptuername to match the AMT. I want to correct the AMT host name to match the computername.

You can do it from a remote system. Get computer name of an Intel AMT system by IP address using Winsock API (gethostbyaddr). Get and set Intel AMT host name using Network Administration Service of SOAP interface.

Leave a Comment

Please sign in to add a comment. Not a member? Join today