6

Using the Configurator

This chapter describes how to use the Configurator.

For more information, see:

•

About the Configurator

•

CLI Syntax

•

Configurator Log Files

•

CLI Global Options

•

Verifying the Status of an Intel AMT System

•

Discovering Systems

•

Configuring Systems

•

Configuring a System Using a USB Key

•

Maintaining Configured Systems

•

Unconfiguring Intel AMT Systems

•

Running Scripts with the Configurator

Intel

®

AMT Configuration Utility User Guide 78

Chapter 6 • Using the Configurator

About the Configurator

The Command Line Interface (CLI) of the Configurator component lets you automatically do tasks on multiple Intel AMT systems. The Configurator can be run locally on the Intel AMT system using a script or a batch file.

The Configurator (ACUConfig.exe) is located in the Configurator folder.

Note: The Configurator folder also contains dll files that are necessary for the

Configurator to operate.

CLI Syntax

The Configurator CLI is not case-sensitive. To view a list of the available CLI commands, type ACUConfig (with no parameters) and press <Enter>.

Note: This guide only includes commands related to the configuration methods that are supported by the Configuration Utility. The syntax and descriptions of the commands in this guide include only the parameters that are supported by the Configuration Utility.

For information about the full list of commands and parameters, supported by Intel SCS refer to the Intel(R)_SCS_8.2_User_Guide.pdf

This is the general syntax:

ACUConfig.exe [global options] command [command arguments and options]

To view syntax of a specific command, type the command name followed by “/?”.

These conventions are used in the command syntax of the examples:

• Optional parameters are enclosed in square brackets [ ]

• User defined variables are enclosed in angled brackets < >

• Mutually exclusive parameters are separated with a pipe |

• Where necessary, braces { } are used to group elements together to eliminate ambiguity in the syntax.

Note: The CLI does not support passwords that start with a forward slash (/).

Intel

®

AMT Configuration Utility User Guide 79

Chapter 6 • Using the Configurator

Configurator Log Files

The Configurator records errors and other log messages in two locations:

• In the Windows Event Viewer Application log of the Intel AMT system.

• In a log file. By default:

• A new log file is created each time you run the Configurator. You can use the

/KeepLogFile global option to change this default.

• The log file is saved in the folder where the Configurator is located, and has this format:

ACUlog_HostName_YYYY-MM-DD-HH-MI-SS.Log

For example: ACUlog_ComputerX_2010-05-01-11-05-57.log.

You can use the /Output File global option to change the default name and location of the log file.

CLI Global Options

You can use any of these global options with the CLI commands:

• /LowSecurity — Disables authentication of the ACU.dll digital signature.

For more information, see “Digital Signing of Files” on page 6.

• /Verbose — Creates a detailed log

• /KeepLogFile — Appends the current log to the existing log file

• /Output {Console | File <logfile> | Silent} — Defines where errors and other log messages will be recorded:

• Console — Shows log messages only on the console screen

• File <logfile> — Lets you change the default name and location of the log file. Supply the full path and name for the log file in the <logfile> parameter

• Silent — Do not record any log messages (console or log file)

Note: To save log messages to a file and also display them on the console screen, use the /Output parameter twice.

For example: /Output File <logfile> /Output Console.

Intel

®

AMT Configuration Utility User Guide 80

Chapter 6 • Using the Configurator

Verifying the Status of an Intel AMT System

Command

Description

Syntax

Parameters

[global options]

Status

Provides details about the status of the Intel AMT system

ACUConfig.exe [global options] Status

See

“CLI Global Options” on page 80.

Discovering Systems

Command

Description

Syntax

SystemDiscovery

Gets data from the Intel AMT device and the host platform of the system. The data is saved in an XML file and/or in the registry of the system. The data can then be collected by third-party hardware and software inventory applications.

Intel SCS also includes a standalone System Discovery utility that you can use for this task instead of the Configurator. The utility contains only the

SystemDiscovery command. The utility is located in the SCS_Discovery folder.

The data is saved in the registry of each system at:

• 32-bit and 64-bit operating systems: HKLM\SOFTWARE\Intel\

Setup and Configuration Software\SystemDiscovery

• In addition, on 64-bit operating systems: HKLM\SOFTWARE\Wow6432Node\

Intel\Setup and Configuration Software\SystemDiscovery

For information about the data format, see the “System Discovery Data Format” section of the SCS_Discovery\Intel(R)_SCS_8.2_Discovery.pdf.

For information about how to collect this data from the systems, refer to the documentation of your hardware/software inventory application.

Note: On systems that do not have Intel AMT, this command gets data from the host platform only.

ACUConfig.exe [global options] SystemDiscovery

{ [<filename>] | [/NoFile] } [/NoRegistry] [/AdminPassword <password>]

Parameters

[global options]

See “CLI Global Options” on page 80

Intel

®

AMT Configuration Utility User Guide 81

Chapter 6 • Using the Configurator

<filename>

/NoFile

/NoRegistry

/AdminPassword

<password>

By default, the name of the XML file is the FQDN of the system and it is saved in the same folder as the Configurator. You can change this default name and location by supplying the <filename> parameter.

Example:

SCSDiscovery.exe SystemDiscovery C:\MyXMLFile.xml

This example creates an XML file named “MyXMLFile” in the root of C. In

addition, a log file is created (see “Configurator Log Files” on page 80).

Do not save data in an XML file. If you use this parameter, do not use the

<filename> parameter

Do not save data in the registry of the system

The current password of the default Digest admin user defined in the Intel AMT device. The SystemDiscovery command gets some of the data about Intel AMT using the WS-Man interface. To use this interface, administrator permissions in

Intel AMT are necessary. Without administrator permissions, this data cannot be retrieved and a warning message will be recorded in the log. This parameter is

NOT necessary if one of these are true:

• The device is in an unconfigured state

• The user account running the Configurator is a Kerberos account that is configured in the Intel AMT device with administrator permissions

Configuring Systems

Command

Description

Syntax

Note: The CLI does not support passwords that start with a forward slash (/).

ConfigAMT

Configures the Intel AMT system with settings in a configuration profile (XML file). Configured systems are reconfigured.

ACUConfig.exe [global options] ConfigAMT <filename>

[/DecryptionPassword <password>] [/AbortOnFailure]

[/AdminPassword <password>] [/ADOU <ADOU path>]

[/NetworkSettingsFile <file>]

{ [/FileToRun < filename>] [/FileHash <SHA256 hash>]

[/FileUser <username>] [/FilePassword <password>] }

Intel

®

AMT Configuration Utility User Guide 82

Chapter 6 • Using the Configurator

Parameters

[global options]

<filename>

/DecryptionPassword

<password>

/AbortOnFailure

/AdminPassword

<password>

/ADOU <ADOU path>

/NetworkSettingsFile

<file>

/FileToRun

/FileHash

/FileUser

/FilePassword

See

“CLI Global Options” on page 80

The XML file containing the configuration parameters for this

Intel AMT system

Mandatory if any of the files that the Configurator will use are

encrypted (see “File Encryption” on page 5)

If configuration fails, put the Intel AMT device in the “Not

Provisioned” mode. This parameter is applicable only for systems that were unconfigured when the command started (during reconfiguration this parameter is ignored).

The current password of the default Digest admin user defined in the

Intel AMT device. This parameter is NOT necessary if one of these are true:

• The device is in an unconfigured state

• The XML profile contains the Digest admin password

• The user account running the Configurator is a Kerberos account that is configured in the Intel AMT device with administrator permissions

The path to the Active Directory Organizational Unit (ADOU) containing the AD object of configured systems. If this parameter is supplied, the Configurator will delete the existing AD object representing the system. A new AD object is created in the ADOU defined in the configuration profile.

The path to a file that contains the network settings (FQDN and/or IP) to put in the Intel AMT device. Only use this parameter if you defined the source for at least one of these settings as a dedicated network settings

file. For more information, see “Defining IP and FQDN Settings” on page 75.

The Configurator can use these parameters to run a script after the

ConfigAMT command has completed successfully. For more information, see

“Running Scripts with the Configurator” on page 91.

Intel

®

AMT Configuration Utility User Guide 83

Chapter 6 • Using the Configurator

Configuring a System Using a USB Key

Command

Description

Syntax

Note: The CLI does not support passwords that start with a forward slash (/).

ConfigViaUSB

Creates a file containing configuration settings. When the Intel AMT system is rebooted with a USB key containing this file, Intel AMT is

configured on the system. For more information, see “SMB/Manual

Configuration” on page 3.

The Configurator does not restrict the size of USB key you can use. But, the computer BIOS must fully support the selected USB key and be able to do a reboot from it.

Note:

• The settings you can define are limited. If additional settings are required, they must be performed by a third-party application.

• This command puts the Intel AMT device in the Admin Control mode

(see

“Control Modes” on page 7).

• You can use this option to define certain KVM parameters not available in Client Control.

ACUConfig.exe [global options] ConfigViaUSB

{/NewMEBxPass <password>} [/CurrentMEBxPass <password>]

[/OutputFile <filename>] [/PowerPackage <guid>] {{/UsingDhcp}|

{/HostName <host_name> /DomainName <domain_name>

/LocalHostIp <ip> /SubnetMaskIp <subnet_mask>

[/GatewayAddrIp <ip> ] [/DnsAddrIp <ip>]

[/SecondaryDnsAddrIp <ip>]}} [/EnableKVM <false | true>]

[/EnableUserConsent <none | kvm_only | all_redirection>]

[/EnableRemoteITConsent <false | true>]

Parameters

[global options]

/NewMEBxPass

<password>

/CurrentMEBxPass

<password>

/PowerPackage <guid>

See

“CLI Global Options” on page 80

The new password to put in the Intel MEBX (see “Password Format” on page 4). This parameter is mandatory, even if the Intel MEBX password

has already been changed from the default of “admin”.

The current Intel MEBX password. The default password of unconfigured systems is “admin”. This parameter is not required for systems that have the default password.

Power Package GUID (see

“Power Package GUIDs” on page 86)

Intel

®

AMT Configuration Utility User Guide 84

Chapter 6 • Using the Configurator

/OutputFile <filename> The name of the file and the path to the location where you want to save it. If this parameter is not used, by default the file is created in the same folder as the Configurator. The file must be named Setup.bin and must be placed in the root folder of the USB key.

To make sure that Setup.bin is the first file that the BIOS will find during reboot (requirement), format the USB key before creating/copying the file. If the Intel AMT system does not successfully reboot with the USB key you prepared, try this:

• Make sure that the file name starts with a capital “S”

• Format the USB key using FAT16

Note:

• The Setup.bin file is NOT encrypted so make sure that you restrict access to it.

• After configuration the Configurator deletes the data it contains. This means that you must create a new file for each system you want to configure.

• The Configurator overwrites any existing file with the same name without giving a warning.

Sets the DHCP mode to enabled in the Intel MEBX

Intel AMT system hostname (1 – 32 characters)

Intel AMT system domain name (0 – 63 characters)

/UsingDhcp

/HostName <host_name>

/DomainName

<domain_name>

/LocalHostIp <ip> The IP address (IPV4) to set in the Intel MEBX. If you supply this parameter, the /SubnetMaskIp parameter is mandatory (the remaining

IP parameters are optional).

The subnet mask IP address to set in the Intel MEBX /SubnetMaskIp

<subnet_mask>

/GatewayAddrIp <ip>

/DnsAddrIp <ip>

The default gateway IP address to set in the Intel MEBX

The preferred DNS IP address to set in the Intel MEBX

/SecondaryDnsAddrIp <ip> An alternate DNS IP address to set in the Intel MEBX

/EnableKVM <false | true> Enable/Disable support for KVM redirection.

Note: This parameter is mandatory on systems with Intel AMT 6.0 and higher. If you do not supply it, configuration will fail on those systems.

/EnableUserConsent

<none | kvm_only | all_redirection>

Defines for which redirection operations user consent is mandatory.

For more information, see

“User Consent” on page 7.

Note: You can use the “all_redirection” option only on systems with

Intel AMT 7.x and higher.

/EnableRemote ITConsent

<false | true>

Defines if it is permitted to remotely make changes to the user consent setting in the Intel AMT device

Intel

®

AMT Configuration Utility User Guide 85

Chapter 6 • Using the Configurator

Power Package GUIDs

The optional “/PowerPackage” parameter enables you to define power management settings of the Intel AMT device during manual configuration. If not supplied, the default power settings defined by the manufacturer are used. This table gives the GUID values (in Hex 32 character format) per Intel AMT version.

Table 7. Power Package GUIDs

Supported Power Package GUID (Hex 32)

Intel AMT 8.x / 7.x /6.x (mobile)

ON in S0

ON in S0, ME Wake in S3/AC,

S4-5/AC

763997110B56504388709812F391B560

30800DEE09C07843AF287868A2DBBE3A

Intel AMT 8.x / 7.x /6.x (desktop)

ON in S0 944F8312FB104FDC968E1E232B0C9065

ON in S0, ME Wake in S3,S4-5

Intel AMT 5.x (desktop)

7322734623DC432FA98A13D37982D855

ON in S0

ON in S0, S3

ON in S0, S3, S4-5

ON in S0, ME WoL in S3

ON in S0, ME WoL in S3, S4-5

ON in S0, S3, S4-5, OFF After

Power Loss

ON in S0, ME WoL in S3,S4-5,

OFF After Power Loss

944F8312FB104FDC968E1E232B0C9065

A18600AB9A7F4C42A6E6BB243A295D9E

7286ABAC96B448E29B9E9B7DF91C7FD4

7B32CD4D6BBE4389A62A4D7BD8DBD026

7322734623DC432FA98A13D37982D855

C519A4BA6E6F8D4DB227517F7E4595DB

D60BE3ED04C52C46B772D18018EE2FC4

Intel AMT 4.x (mobile)

ON in S0

ON in S0, S3/AC

ON in S0, S3/AC, S4-5/AC

ON in S0, ME Wake in S3/AC

ON in S0, ME Wake in S3/AC,

S4-5/AC

763997110B56504388709812F391B560

26D31C768708C74BBB5F38744315A5FF

530E08DB6C0FD948B2D28958D3F1156E

055DD5B64CA4874DA5A8B47C14DEDA5F

30800DEE09C07843AF287868A2DBBE3A

Intel

®

AMT Configuration Utility User Guide 86

Chapter 6 • Using the Configurator

Maintaining Configured Systems

Command

Description

Syntax

Note: The CLI does not support passwords that start with a forward slash (/).

MaintainAMT

Performs specific maintenance tasks based on settings in the <filename>

XML file. For more information about maintaining Intel AMT, see

“Maintenance Policies for Intel AMT” on page 12.

ACUConfig.exe [global options] MaintainAMT <filename>

<task> [<task>...] [/DecryptionPassword <password>]

[/AdminPassword <password>] [/NetworkSettingsFile <file>]

{ [/FileToRun < filename>] [/FileHash <SHA256 hash>]

[/FileUser <username>] [/FilePassword <password>] }

Parameters

[global options]

<filename>

<task>

/DecryptionPassword

<password>

See

“CLI Global Options” on page 80

The XML file containing the original configuration settings that were used to configure the Intel AMT system. Settings in the XML file not related to the specified maintenance tasks are ignored.

Define at least one of these maintenance tasks:

• SyncAMTTime — Synchronize the clock of the Intel AMT device with the clock of the host. This task is performed automatically when any of the other tasks are performed.

• SyncNetworkSettings — Synchronize network settings of the Intel AMT device as defined in the <NetworkSettings> tag of the <filename> XML file (see

“Defining IP and FQDN Settings” on page 75)

• ReissueCertificates — Reissue the certificates stored in the Intel AMT device. If the device contains 802.1x certificates, the RenewADPassword task is automatically done as well.

• RenewADPassword — Change the password of the Active Directory object representing the Intel AMT system.

• RenewAdminPassword — Changes the password of the default Digest admin user in the Intel AMT device according to the password setting defined in the profile.

• AutoMaintain — Automatically does only the maintenance tasks (listed here) that are necessary for this Intel AMT system. For more information, see

“Automating the Maintenance Tasks” on page 14.

Mandatory if any of the files that the Configurator will use are encrypted

(see “File Encryption” on page 5)

Intel

®

AMT Configuration Utility User Guide 87

Chapter 6 • Using the Configurator

/AdminPassword

<password>

/NetworkSettingsFile

<file>

/FileToRun

/FileHash

/FileUser

/FilePassword

The current password of the default Digest admin user defined in the

Intel AMT device. This parameter is NOT necessary if one of these are true:

• The XML profile contains the Digest admin password

• The user account running the Configurator is a Kerberos account that is configured in the Intel AMT device with administrator permissions

The path to a file that contains the network settings (FQDN and/or IP) to put in the Intel AMT device. Only use this parameter if you defined the source for at least one of these settings as a dedicated network settings file. For more information, see

“Defining IP and FQDN Settings” on page 75.

The Configurator can use these parameters to run a script after the

MaintainAMT command has completed successfully. For more information,

see “Running Scripts with the Configurator” on page 91.

Intel

®

AMT Configuration Utility User Guide 88

Chapter 6 • Using the Configurator

Unconfiguring Intel AMT Systems

Command

Description

Syntax

Note: The CLI does not support passwords that start with a forward slash (/).

Parameters

[global options]

/AdminPassword

<password>

/Full

Unconfigure

Unconfigures Intel AMT features on configured Intel AMT systems.

There are two types of unconfiguration:

• Partial — Removes the configuration settings from the system and disables the Intel AMT features on the system. The PID, PPS, admin

ACL settings, host name, and domain name are not deleted. Note that if the manufacturer defined the SOL and IDE interfaces to be closed by default, then a partial configuration operation will close them and they cannot be reopened without physical access to the Intel MEBX. This is a known Firmware limitation.

• Full — Deletes all the Intel AMT settings from the system and disables the Intel AMT features on the system.

Note:

• Systems in Client Control mode are always unconfigured with a “Full” unconfiguration.

• The default unconfiguration type for systems in Admin Control mode is “Partial”.

ACUConfig.exe [global options] UnConfigure

[/AdminPassword <password>] [/Full] [/ADOU <ADOU path>]

{[/DomainUser <username>] [/DomainUserPassword <password>]}

[/SourceForAMTName <source>] [/NetworkSettingsFile <file>]

See

“CLI Global Options” on page 80

The current password of the default Digest admin user defined in the

Intel AMT device. This parameter is NOT necessary if one of these are true:

• The XML profile contains the Digest admin password

• The user account running the Configurator is a Kerberos account that is configured in the Intel AMT device with administrator permissions

For systems in Admin Control mode, does a full unconfiguration (the default is partial unconfiguration)

Intel

®

AMT Configuration Utility User Guide 89

Chapter 6 • Using the Configurator

/ADOU <ADOU path> During unconfiguration, the Configurator deletes the Active Directory

(AD) object that was created to represent the Intel AMT system. (The object was created by Intel SCS only if AD integration was enabled.) By default, the Configurator uses the settings configured in the Intel AMT device to find the location of the AD Organizational Unit (ADOU) containing the object. In large enterprise networks the search for the

ADOU can take some time.

If you supply this parameter, the Configurator will only look for the object in the Organizational Unit that you define in <ADOU path>.

/DomainUser <username> The name (in the format domain\username) of a domain user with permissions to delete the AD object representing the Intel AMT system.

If you supply this parameter, the AD object is deleted using the credentials of this user. By default, the credentials of the user running the Configurator are used to delete the AD object.

The password of the domain user /DomainUserPassword

<password>

/SourceForAMTName

<source>

Defines how the FQDN (hostname.suffix) for the Intel AMT device is constructed. Valid values:

• DNS — The hostname part of the FQDN is the hostname from the host operating system. The suffix is the “Primary DNS Suffix” from the host operating system. This is the default setting, and is correct for most network environments

• SpecificDNS — The hostname part of the FQDN is the hostname from the host operating system. The suffix is the “Connection-specific DNS

Suffix” of the onboard wired LAN interface.

• AD — The hostname part of the FQDN is the hostname from the host operating system. The suffix is the AD domain of which the host operating system is a member.

• DNSLOOKUP — Takes the FQDN returned by an “nslookup” on the

IP address of the onboard wired LAN interface.

• HOST — Takes the hostname from the host operating system. The suffix is blank.

Note: When this parameter is not supplied, the default source for the

FQDN is “DNS”. However, if the /NetworkSettingsFile parameter is supplied (and FQDN data is included in the file), the FQDN is taken from the file.

/NetworkSettingsFile

<file>

This parameter tells the Configurator to get the IP and/or the FQDN from a dedicated network settings file. For information about the required

XML format, see the NetworkSettings.xml example file located in the

sample_files folder.

Intel

®

AMT Configuration Utility User Guide 90

Chapter 6 • Using the Configurator

Running Scripts with the Configurator

The Configurator includes options that you can use to run scripts. These scripts can be batch files or executables created using scripting languages. Before the script starts to run, the Configurator sends parameter values about the Intel AMT system to the script.

The script can then use these parameter values. For example, you could use a script to send data to your management console about each Intel AMT system after it is configured.

Note: The parameter values are sent as a string. Parameters without values are sent as empty strings. Each parameter value is separated by a space.

Scripts run by the Configurator are only run on Intel AMT systems that support host-based configuration (Intel AMT 6.2 and higher). The script must be put in a location that the Configurator can access from the Intel AMT system. The Configurator can run a script after configuration, reconfiguration, and maintenance operations done with these commands:

• ConfigAMT

• MaintainAMT

This table describes the CLI parameters of these commands used to run scripts.

Table 8. CLI Parameters

Parameter Description

/FileToRun

<filename>

If this parameter is supplied, the Configurator will run this executable file (batch, script, or executable) after the command has completed.

If the /FileToRun parameter is used without the /LowSecurity

global option, the file must be digitally signed (see “Digital

Signing of Files” on page 6). If the file is not signed, the

Configurator will NOT run the CLI command or the file. In addition, if the /LowSecurity parameter is not used, the file must be located in the same folder as the ACUConfig.exe file.

Intel

®

AMT Configuration Utility User Guide 91

Chapter 6 • Using the Configurator

Table 8. CLI Parameters (Continued)

Parameter Description

These additional optional parameters are valid only if /FileToRun was specified:

/FileHash

<SHA256 hash>

When this parameter is supplied, the Configurator runs a hash function on the file supplied in the /FileToRun parameter. The result of the hash function is then compared with the original hash value of the file, supplied in this parameter. If the values of the hashes are different, the Configurator will NOT run the CLI command or the file. (If any change was made to the file, the hash values will not be the same.) Before you can use this option, you must generate a SHA256 hash value from the <filename> file.

The sample_files folder includes an application (SHA256.exe) that you can use to generate the hash value.

For example: SHA256.exe MyFile.bat will return the hash value of MyFile.bat.

The hash value is marked in blue. Copy the value and supply it in the <SHA256 hash> variable.

/FileUser

<username>

/FilePassword

<password>

It is recommended to use this parameter to supply a user with the minimum permissions required to run this file.

Contains the password required to run the file. Valid only if

/FileUser was also specified.

This table describes the parameters and the sequence in which the Configurator sends them to the file that you specify in the /FileToRun parameter.

Table 9. Parameters Sent by the Configurator to the Script

# Description

1 The user defined in the /FileUser parameter*

2 The password defined in the /FilePassword parameter*

3 The hostname defined in the Intel AMT device

4 The FQDN defined in the Intel AMT device

5 The UUID of the Intel AMT device

6 The Intel MEBX password of the Intel AMT device*

7 The password of the default Administrator (“admin”) user in the Intel AMT device*

String Example: fileusername fileuserpassword myhostname myhostname.example.com

88888888-8887-8888-8888-878888888888 mebxpassword adminpassword

(Parameters marked with an asterisk (*) are sent to the script in Base64 format)

Intel

®

AMT Configuration Utility User Guide 92

Chapter 6 • Using the Configurator

What if a Failure Occurs?

Scripts that run after configuration, reconfiguration, and maintenance operations only run if the operation is successful (or completes with warnings).

If a script fails, Intel SCS does not make any changes to the Intel AMT settings set by the operation that ran before the script.

The ConfigAMT command includes a parameter called /AbortOnFailure. This parameter is applicable only for systems that were unconfigured when the command started (during reconfiguration this parameter is ignored). If you supply this parameter, Intel SCS will put the Intel AMT device in the “Not Provisioned” mode (unconfigured) if the post configuration script fails. This means that if the script fails, unconfigured systems that were configured successfully will be automatically unconfigured. Only use this parameter if it is critical that the post configuration script will complete successfully.

Script Runtime and Timeout

The maximum permitted runtime for scripts is 60 seconds. If the script does not complete within 60 seconds, an error is returned. The error is recorded in the log file and will contain an error code (0xC0003EAA) and a description like this:

“The supplied script has not finished in the time-out period defined by Intel

®

SCS”

If your script requires more than 60 seconds to complete, you must make sure that your script returns a success code (0) within 60 seconds. To do this, you can wrap your script with a batch file like this:

Start Myscript.bat %1 %2 ...

Exit 0

If you do this, your script will be responsible to handle any subsequent errors if they are generated by your script. Subsequent script errors will not be recorded in the log.

Parameters Sent in Base64 Format

Some of the parameters sent sent to the script by the Configurator are sent in Base64 format. The number of characters sent in the Base64 value representing the parameter must be divisible by 4. If it is not, additional “=” characters are added to the end of the

Base64 value. For example, if the Base64 value includes only 6 characters two “=” characters are automatically added.

When Base64 values are sent to a batch file, the command line interpreter removes these additional “=” characters. This means that the parameter value cannot be decoded correctly. To solve this problem, add the missing “=” characters to the Base64 value before decoding it.

Intel

®

AMT Configuration Utility User Guide 93