Intel AMT Features > Remote Access > Use Cases > Add a Management Presence Server
CollapseAll image

Add a Management Presence Server

The following steps describe how to set a Management Presence Server (MPS), used to establish a secure tunnel between a management console and the Intel AMT platform.

1.  Retrieve the instance of AMT_RemoteAccessService, where the “Name” key equals “Intel(r) AMT Remote Access Service”.

2.  Invoke AMT_RemoteAccessService.AddMpServer with the following parameters:

Parameter

Value

AccessInfo

IP address or FQDN, of the MPS, used in the Remote Access connection (maximum length 256)

AccessInfoFormat

     3 – If the provided AccessInfo is an IPv4 address.

     4 – If the provided AccessInfo is an IPv6 address.

     201 – If the provided AccessInfo is FQDN.

Port

MPS listener port for ME connections

AuthMethod

     1 – Mutual Authentication

     2 – Username/Password Authentication

Certificate

Used if Mutual Authentication is selected. Enter a certificate handle of a valid client certificate in the Intel AMT certificate store. Any client certificate can be used, only the MPS must have a root certificate.

Username

A Username to be used for the connection with the MPS if Username/Password authentication is used. Limited to a maximum length of 16 alphanumeric characters (A-Z, a-z, and 0-9). Actual use and other limitations depend on a user-defined DLL. SeeMPS Authentication Interface.

Password

A Password to be used for the connection with the MPS if Username/Password authentication is used. Limited to a minimum length of 8 characters and a maximum length of 16 characters (See Valid Usernames and Passwords for a description of password limitations). Actual use and other limitations depend on a user-defined DLL. See MPS Authentication Interface.

CN

A certificate Common Name (CN) used when the AccessInfo is an IP address. This CN will be checked against the CN in the MPS certificate when a connection with that MPS is established.

 

 Note:

If successful, the method returns a reference to the new instance of MPS. This reference will be used when adding a Remote Access policy to the Intel AMT platform (see Add a Remote Access Policy).

 

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.

  

$remoteAccessServiceRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_RemoteAccessService WHERE Name='Intel(r) AMT Remote Access Service'")

$inputObject =$remoteAccessServiceRef.CreateMethodInput("AddMpServer")

$inputObject.SetProperty("AccessInfo","mpsDemo.intel.com")

$inputObject.SetProperty("InfoFormat","201")

$inputObject.SetProperty("Port","111"

$inputObject.SetProperty("AuthMethod","2")

$inputObject.SetProperty("Username","myUser")

$inputObject.SetProperty("Password","P@ssw0rd")

$outputObject =$remoteAccessServiceRef.InvokeMethod($inputObject)

$returnValue =$outputObject.GetProperty("ReturnValue")

if($returnValue -like "0")

{

    # The $mpServerRef is an EPR to the new AMT_ManagementPresenceRemoteSAP object.

    $mpServerRef =$outputObject.GetProperty("MpServer").Ref

}

 

 

Instance Diagram

Classes Used in This Flow

SDK Sample

If there is a sample demonstrating this flow, it is included in the SDK installation file. See SDK Installation Layout for details.  

Copyright © 2006-2022, Intel Corporation. All rights reserved.