1. Manuals
  2. Brands
  3. HP Manuals
  4. Desktop
  5. dc7900 - Convertible Minitower PC
  6. Setup and configuration manual

HP dc7900 - Convertible Minitower PC Setup And Configuration Manual

Vpro setup and configuration for the dc7900p business pc with intel vpro processor technology
Hide thumbs Also See for dc7900 - Convertible Minitower PC:
Table of Contents

Advertisement

Quick Links

See also: Troubleshooting Manual , Illustrated Parts & Service Map
vPro Setup and Configuration for the dc7900 Business PC
with Intel vPro Processor Technology
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
AMT Setup and Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
AMT System Phases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
SMB Mode - AMT Setup and Configuration with MEBx . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
SMB Mode - AMT Setup and Configuration Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Intel AMT WebGUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Connecting with the Intel AMT WebGUI - SMB Example . . . . . . . . . . . . . . . . . . . . . . . . . 13
Setup and Configuration Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Setup and Configuration Server Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Enterprise Mode Setup and Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Enterprise Mode - AMT Setup and Configuration Steps . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Provisioning Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Legacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
IT TLS-PSK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
OEM TLS-PSK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
USB Drive Key Set Up and Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
USB Drive Key Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Remote Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Remote Configuration: Bare-Metal vs. Delayed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Remote Configuration Time-outs in HP Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Remote Configuration Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
MEBx and Hashes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
List of Supported CA Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Return to Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Full Return to Factory Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Appendix A: Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Appendix B: Power / Sleep / Global States Explained . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Appendix C: Wake-On-ME Explained . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
1

Advertisement

Table of Contents
loading

Related Manuals for HP dc7900 - Convertible Minitower PC

Summary of Contents for HP dc7900 - Convertible Minitower PC

  • Page 1: Table Of Contents

    vPro Setup and Configuration for the dc7900 Business PC with Intel vPro Processor Technology Introduction ............2 AMT Setup and Configuration .

  • Page 2: Introduction

    AMT 5.0. By default, AMT shipping on the HP Compaq dc7900 Business PC will be inactive. It must be set up and configured in the system before it can be used. The setup and configuration process is also known as pro- visioning.

  • Page 3: Amt Setup And Configuration

    AMT Setup and Configuration AMT must be set up and configured in a system before it can be used. AMT setup involves the necessary steps to enable AMT such as setting up the system for AMT mode and enabling network connectivity. This setup is generally performed only once in the lifetime of a system.
  • Page 4 Space BIOS Prerequisite This white paper is for use with HP Compaq dc7900 Business PCs. The HP Compaq dc7900 Business PC uses the 786G1 BIOS family. For best performance and to take advantage of AMT 5.0 features, make sure HP Compaq dc7900 PCs have a BIOS revision of at least version 1.08 and a ME firmware of at least 5.0.1.1 1 1 1 and a MEBx of at...

  • Page 5: Smb Mode - Amt Setup And Configuration Steps

    SMB Mode - AMT Setup and Configuration Steps When going through the options in the MEBx for the first time (Factory phase), the default settings are in place. This white paper details HP-recommended settings for options, some of which may be the same as the default selection.
  • Page 6 Select Y. ME platform configuration allows IT personnel to configure ME features such as AMT/ASF selection, power options, firmware update capabilities, and so on. Figure 2 Intel ME Platform Configuration screen Select Intel ME State Control, and then select Enabled. Default Setting = Enabled, Recommended Setting = Enabled This option enables or disables the ME and is used for diagnostic purposes.
  • Page 7 Default Setting = Intel AMT, Recommended Setting = Intel AMT This option sets the platform management mode: None, Intel AMT, or ASF. By default, HP Compaq dc7900 Business PCs are set to Intel AMT, and ASF is an available option.
  • Page 8 Select Intel ME Power Control. Figure 4 Intel ME Power Control Screen a. Select Intel ME ON in Host Sleep States, and then select Desktop:ON in S0, S3, ME WoL in S3, S4-5, OFF After Power Loss. Default Setting = Desktop: ON in S0, Recommended Setting = Desktop: ON is S0, S3, ME WoL in S3, S4-5, OFF After Power Loss This option sets the ME power policy when the system is in a sleep state (Sx) and when returning from a G3 power loss.
  • Page 9 “Appendix B: Power / Sleep / Global States Explained” on page 34 for an explanation of sleep/ power states. “Appendix C: Wake-On-ME Explained” on page 35 for an explanation of Wake-On-ME/ ME WoL. b. Select Return to the previous menu. Return to previous menu to exit the MEBx Setup and save ME configuration.
  • Page 10 This option is a toggle, and the next time you access it you are prompted with the opposite setting. b. Select DHCP Disable, and then select Y. Default Setting = DHCP Enabled, Recommended Setting = User Dependent You can use DHCP if it is available. If you use DHCP, then steps 15c through 15g are not necessary.
  • Page 11 Select Provision Model. a. Change to Intel AMT 1.0 Mode, and then select N. Default Setting = Intel AMT 3.0 Mode, Recommended Setting = Intel AMT 3.0 Mode This option is a toggle, and the next time you access it you are prompted with the opposite setting.
  • Page 12 This option determines if the local MEBx password can be modified from a remote console. Option Effect Default Password Only This option will allow the MEBx password to be remotely modi- fied only if it is the default "admin" password. During Setup and Configuration This option will allow the MEBx password to be remotely modi- fied only during Setup and Configuration of the AMT platform.

  • Page 13: Intel Amt Webgui

    Intel AMT WebGUI The Intel AMT WebGUI is a Web browser-based interface for limited remote system management. The WebGUI is often used as a test to determine if AMT Setup and Configuration was performed properly on a system. A successful remote connection between a remote system and the host system running the WebGUI indicates proper AMT Setup and Configuration on the remote system.
  • Page 14 Type the user name and password. The default username is admin and the password is what you set during AMT Setup in the MEBx. Figure 6 Intel AMT WebGUI Screen Review system information and/or make any necessary changes. NOTE: You can change the MEBx password for the remote system in the WebGUI. Changing the password in the WebGUI or a remote console results in two passwords.

  • Page 15: Setup And Configuration Server

    Setup and Configuration Server A Setup and Configuration Server (SCS) is an application that executes over a network performing AMT Setup and Configuration. It is required for Enterprise mode setup and configuration. In a PSK Setup and Configuration, both the AMT client system and the SCS must share a set of Provision- ing ID (PID) and Provisioning Passphrase (PPS).

  • Page 16: Enterprise Mode Setup And Configuration

    Enterprise Mode Setup and Configuration Enterprise mode is for large corporate customers. An SCS is required for Enterprise mode Setup and Con- figuration. The SCS is also known as a Provisioning Server as seen in the MEBx. Enterprise Mode - AMT Setup and Configuration Steps The AMT Setup portion for Enterprise mode is the same as SMB mode.
  • Page 17 Select Intel AMT Configuration. The Intel AMT Configuration screen includes numerous options, which are available by scrolling down the menu. Figure 7 Intel AMT Configuration Screen Figure 8 Intel AMT Configuration Screen Continued Select Host Name, and then type a host name Default Setting = HPSystem, Recommended Setting = User Dependent Spaces are not accepted in the host name.
  • Page 18 Select TCP/IP. a. Select Disabling Network Interface, and then select N. Default Setting = Network Interface Enabled, Recommended Setting = Network Interface Enabled If network is disabled, then all remote AMT capabilities are disabled and TCP/IP settings will not be necessary. This option is a toggle, and the next time you access it you are prompted with the opposite setting.
  • Page 19 This option shows the current provisioning TLS mode. The three options are: None, PKI, and PSK. This option is only for display, no changes can be made here. b. Select Provisioning Record. Default Setting = Not Present This option shows provision record data of the system. The provisioning record for a system with PSK provisioning will include the following information: •...
  • Page 20 d. Select Provisioning Server FQDN. i. Enter Provisioning Server FQDN Default Setting = None, Recommended Setting = Network Dependent ii. Enter Port. Default Setting = 0, Recommended Setting = 9971 This option is used in Enterprise mode when an Intel AMT Setup and Configuration (Provisioning) Server is available.
  • Page 21 Skip Un-Provision. This option returns the system to factory defaults. See the Return to Default sec- tion for more information about unprovisioning. Skip VLAN. Default Setting = Disabled, Recommended Setting = User Dependent This option enables or disables VLAN support. If VLAN is enabled, then the VLAN tag must be provided (1-4094).
  • Page 22 This option sets the timeout value for Wake-On-ME. The default timeout value is 1 from the factory and is in units of a minute. A value of 0 means the Wake-On-ME feature is disabled and the ME will not go to sleep when not being used in a non- active system.
  • Page 23 • New PPS and PID (for future Setup and Configuration) • TLS certificates • Private keys • Current date and time • HTTP Digest credentials • HTTP Negotiate credentials You can set other options depending on S&CS implementation. The system goes from In-Setup phase to Operational phase, and AMT is fully operational. Once in the Operational phase, you can remotely manage the system and you can provide the system to end- users for regular use.

  • Page 24: Provisioning Methods

    Provisioning Methods There are three methods of provisioning a system with Enterprise mode: • Legacy • IT TLS-PSK • OEM TLS-PSK Legacy If you want TLS, execute legacy method of AMT set up and configuration on an isolated network separate from the corporate network.

  • Page 25: Usb Drive Key Set Up And Configuration

    Alternatively, the customer can provide HP with their own Administrator password, PID, and PPS to use for the order, which HP will use to bring the systems into the In-Setup phase. In the second stage, the customer receives the In-Setup systems and the PID, PPS, and password informa- tion.

  • Page 26: Usb Drive Key Requirements

    The system BIOS displays a message that automatic setup and configuration will occur. a. The first available record in the Setup.bin is read into memory. The process: i. Validates the file header record. ii. Locates the next available record. iii. Invalidates current record so it cannot be used again. b.

  • Page 27: Remote Configuration: Bare-Metal Vs. Delayed

    Remote Configuration Time-outs in HP Systems The HP Compaq dc7900 Business PCs are shipped out of the factory in Bare-Metal mode with the ME set to broadcast Hello messages for 255 hours when the ME is active and the system is connected to a net- work.

  • Page 28: Remote Configuration Prerequisites

    Remote Configuration Prerequisites RCFG requires certain prerequisites before it can be used. • Both the AMT system and the SCS must be on a DHCP server. The SCS must have the name of Pro- visionserver, or if not, it must have an alias in DNS, and be on the same domain as the AMT sys- tem.
  • Page 29 Figure 1 1 Intel Remote Configuration Screen Select Remote Configuration Enable/Disable. Default Setting = Enabled, Recommended Setting = Enabled This option enables or disables remote configuration. Skip Manage Certificate Hashes. This option shows the hashes in the system, including the name of the hash and whether it is active. If no hashes are in the system, then an option to add one is available.

  • Page 30: List Of Supported Ca Certificates

    List of Supported CA Certificates The following list provides supported Certificate Authorities and certificates. Not all certificates are popu- lated in certain configurations. • VeriSign Class 3 Primary CA-G1 • End Date: 8/1/2028 • SHA1 Fingerprint: 74 2C 31 92 E6 07 E4 24 EB 45 49 54 2B E1 BB C5 3E 61 74 E2 •...

  • Page 31: Return To Default

    Return to Default Return to Default is also know as Unprovisioning. An AMT Setup and Configured system can be unprovi- sioned. It is done through the AMT Configuration Screen and the Un-Provision option. Figure 12 Intel AMT Unprovisioning Screen Depending on how the system was previously provisioned, one or both unprovisioning options may appear.

  • Page 32: Full Return To Factory Defaults

    All AMT settings can be returned to the factory default by clearing CMOS. This includes resetting the password to the default “admin”. This is a behavior change from the HP Compaq dc7800p Business PC, where a CMOS change only clears the AMT settings and the password.
  • Page 33 Why does a new password set with the WebGUI cannot be used locally in the MEBx? A password set with the WebGUI is a remote password and will only work when accessing the MEBx remotely. It does not work with the MEBx locally. The local password must be used to locally access the MEBx.

  • Page 34: Appendix B: Power / Sleep / Global States Explained

    Appendix B: Power / Sleep / Global States Explained A computer can be in one of several power states under the Advanced Configuration and Power Interface (ACPI) specification. These power states are also known as Sleep (Sx) states or Global (Gx) states. •...

  • Page 35: Appendix C: Wake-On-Me Explained

    Appendix C: Wake-On-ME Explained Wake-On-ME, also known as ME WoL, is a feature that allows the ME to go into a low power state when it is not used. There are three conditions that must be met for Wake-On-ME to function. •...

This manual is also suitable for:

Compaq dc7900

Table of Contents