I am doing a POC before possible live implementation. This POC will dictate whether we purchase vPro on all future devices world wide, so there is a fair amount riding on this. My test devices are a selection of four laptops and desktops with different AMT versions.
I am highly experienced in SCCM. I am using a 2012 R2 single server environment, which has no issues. I have a domain with a CA (Server 2012 R2, so its an enterprise CA as far as we care here).
I have gone through the setup and everything seems fine, no issues reported in the SCCM logs regarding the health of the OOB or the Enrolment service points. One issue I did resolve (which appeared because there is no mention in any of the guides i have read, is i needed to bind the provisioning cert with the IIS default website. Following that the OOBSP setup fine.
Basically the errors I am receiving are all to do with authentication during the initial provisioning. All devices are showing as Not Supported or Detected.
Here is a relevent section of log:
AMT Discovery Worker: Wakes up to process instruction files SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Wait 3600 seconds... SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Wakes up to process instruction files SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Reading Discovery Instruction C:\Program Files\Microsoft Configuration Manager\inboxes\amtopmgr.box\disc\{88ED1AA6-A9CF-4645-924D-FFA1665C9DBF}.RDC... SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Execute query exec AMT_GetThisSitesNetBiosNames NULL, '16777219', 'S01' SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: CSMSAMTDiscoveryWorker::RetrieveInfoFromResource - Found machine MEDIA1 (Media1.Home.local), ID: 16777219 IP: 192.168.0.61 from Resource 16777219. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Execute query exec AMT_GetAMTMachineProperties 16777219 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
Discovery will use ip resolved from netbios: SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
192.168.0.61 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Execute query exec AMT_GetProvAccounts SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Finish reading discovery instruction C:\Program Files\Microsoft Configuration Manager\inboxes\amtopmgr.box\disc\{88ED1AA6-A9CF-4645-924D-FFA1665C9DBF}.RDC SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Parsed 1 instruction files SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Send task Media1.Home.local to completion port SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
General Worker Thread Pool: Current size of the thread pool is 1 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
General Worker Thread Pool: Work thread 3120 started SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Discover MEDIA1 using IP address 192.168.0.61 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
AMT Discovery Worker: 1 task(s) are sent to the task pool successfully. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
DoPingDiscoveryForAMTDevice succeeded. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
STATMSG: ID=7203 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_AMT_OPERATION_MANAGER" SYS=SCCM2012.Home.local SITE=S01 PID=2464 TID=8160 GMTDATE=Fri Jan 30 20:38:54.557 2015 ISTR0="1" ISTR1="0" ISTR2="0" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: There are 1 tasks in pending list SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Wait 20 seconds... SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Wakes up to process instruction files SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: There are 1 tasks in pending list SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
AMT Discovery Worker: Wait 20 seconds... SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 8160 (0x1FE0)
Error 0x80090325 returned by InitializeSecurityContext during follow up TLS handshaking with server. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
**** Error 0x3b68b200 returned by ApplyControlToken SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
DoSoapDiscovery failed with user name: admin. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Flag iWSManFlagSkipRevocationCheck is set. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
session params : https://Media1.Home.local:16993 , 2011001 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
ERROR: Invoke(get) failed: 80020009argNum = 0 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Description: A security error occurred SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Error: Failed to get AMT_SetupAndConfigurationService instance. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
DoWSManDiscovery failed with user name: admin. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Start Kerberos Discovery SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Flag iWSManFlagSkipRevocationCheck is set. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
session params : https://Media1.Home.local:16993 , 2484001 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
ERROR: Invoke(get) failed: 80020009argNum = 0 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Description: A security error occurred SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Error: Failed to get AMT_SetupAndConfigurationService instance. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
DoKerberosWSManDiscovery failed. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Flag iWSManFlagSkipRevocationCheck is set. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
session params : https://192.168.0.61:16993 , 2015001 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
ERROR: Invoke(get) failed: 80020009argNum = 0 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Description: A security error occurred SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Error: Failed to get AMT_SetupAndConfigurationService instance. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
DoWSManDiscovery failed with user name: admin. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
Discovery to IP address 192.168.0.61 succeed. AMT status is 1. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
CSMSAMTDiscoveryTask::Execute, discovery to MEDIA1 succeed. AMT status is 1. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
CSMSAMTDiscoveryTask::Execute - DDR written to C:\Program Files\Microsoft Configuration Manager\inboxes\auth\ddm.box SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
CStateMsgReporter::DeliverMessages - Queued message: TT=1201 TIDT=0 TID='Unspecified' SID=10 MUF=0 PCNT=1, P1='Media1.Home.local' P2='' P3='' P4='' P5='' SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
CStateMsgReporter::DeliverMessages - Created state message file: C:\Program Files\Microsoft Configuration Manager\inboxes\auth\statesys.box\incoming\bbo4n48o.SMX SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
General Worker Thread Pool: Succeed to run the task Media1.Home.local. Remove it from task list. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
General Worker Thread Pool: Work thread 3120 has been requested to shut down. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
General Worker Thread Pool: Work thread 3120 exiting. SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 3120 (0x0C30)
General Worker Thread Pool: Current size of the thread pool is 0 SMS_AMT_OPERATION_MANAGER 30/01/2015 20:38:54 404 (0x0194)
AMT Discovery Worker: Wakes up to process instruction files SMS_AMT_OPERATION_MANAGER 30/01/2015 20:39:14 8160 (0x1FE0)
AMT Discovery Worker: Wait 3600 seconds... SMS_AMT_OPERATION_MANAGER 30/01/2015 20:39:14 8160 (0x1FE0)
I presume its the default MEBx password thats the issue? The devices have been reset to defaults, in SCCM you cant set the password to be 'admin'.
Any ideas?