CollapseAll image

Add a Digest User

The following steps describe how to add a new Digest user, given a username and password.

1.  Retrieve the value of the AMT_GeneralSettings.DigestRealm property:

a. Retrieve the instance of AMT_GeneralSettings, where the “InstanceID” key equals “Intel(r) General Settings”.

b. Retrieve the DigestRealm property.

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.

  

function GetDigestRealm

{

    $generalSettingsRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_GeneralSettings WHERE InstanceID='Intel(r) AMT: General Settings'")

    $generalSettingsInstance =$generalSettingsRef.Get()

    $digestRealm =$generalSettingsInstance.GetProperty("DigestRealm")

    return$digestRealm

}

 

 

2.  Compute DigestPassword by using the MD5 Hashing function:

DigestPassword = Base64 (MD5 (username + “:” + AMT_GeneralSettings.DigestRealm + “:” + plaintextPassword) );

3.  Retrieve the instance of AMT_ AuthorizationService, where the “Name” key equals “Intel(r) AMT Authorization Service”

4.  Invoke AMT_AuthorizationService.AddUserAclEntryEx with the following parameters:

Parameter

Value

DigestUsername

Username of the new user

DigestPassword

Digest password computed in step 2

AccessPermission

Access Permissions identifying if the user will have local or network access or both

Realms

A list of Realms to which the user will have access

 

5.  The method returns an Output Parameter Handle on successful completion that identifies the new user for subsequent references.

Click here for a snippet demonstrating this step

See Snippet Functions for the ConvertToBase64 and ComputeMD5 functions.

 See the snippet above for the GetDigestRealm function.

You can execute this snippet by inserting it into the execution template found here.

  

$authorizationServiceRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_AuthorizationService WHERE Name='Intel(r) AMT Authorization Service'")

$digestRealm = GetDigestRealm

$digestPassword = ComputeMD5 "myUser" "P@ssw0rd" $digestRealm

$digestPasswordInBase64 = ConvertToBase64 $digestPassword

$inputObject =$authorizationServiceRef.CreateMethodInput("AddUserAclEntryEx")

$inputObject.SetProperty("DigestUsername","myUser")

$inputObject.SetProperty("DigestPassword",$digestPasswordInBase64)

$inputObject.SetProperty("AccessPermission","2") # 2 = any access permission.

$inputObject.AddProperty("Realms","2") # 2 = Redirection realm.

$outputObject =$authorizationServiceRef.InvokeMethod($inputObject)

$returnValue =$outputObject.GetProperty("ReturnValue")

if($returnValue -like "0")

{

    $handle =$outputObject.GetProperty("Handle")

}

 

 

Instance Diagram

Not applicable

Classes Used in This Flow

SDK Sample

If there is a sample demonstrating this flow, it is included in the SDK installation file. See SDK Installation Layout for details. 

See Also:

   Intel AMT Users and Permissions/Realms

   Valid Usernames and Passwords

   Realm Names and Realm Shortcuts

Copyright © 2006-2022, Intel Corporation. All rights reserved.