Skip To Main Content
Support Knowledge Base

How to Provision an Endpoint Without an Intel® Active Management Technology (Intel® AMT) Certificate

Content Type: Install & Setup   |   Article ID: 000097538   |   Last Reviewed: 05/12/2025
Description Resolution

Environment

Operating System

Windows 11* Family, Windows Server 2022 Family, Windows Server 2019 family*, Windows® 10 family

Description

Self-Certificate fails the endpoint provisioning.

Resolution

The steps below require physical access to the endpoints:

  1. Unprovison the endpoint from the Intel® EMA server web console. Click on Actions and select Provision AMT devices,
  2. Click on Actions and select Stop managing all the desired endpoints.
  3. Go to the endpoint and stop any previous Intel® EMA agent profile running on the endpoint.
  4. To prevent possible issues, perform a Full Unprovision of the endpoint from MEBX BIOS.
  5. Go into MEBX, and under Intel® AMT Configuration Network Access State, choose Enable.
  6. Change the User Consent in MEBX to NONE. This will allow us to do Out-of-Band (OOB) KVM without user interaction.
  7. Next, review if the Intel® EMA profile (in the EMA Server console) is in CIRA mode and set the desired settings; CCM.
  8. Enable Intel® AMT Auto-setup and choose the right AMT profile.
  9. Choose HBP (Host Base Provisioning), and create your password, disable the randomized password.  This will make the adoption easy.
  10. Install the Intel® EMA agent files into the endpoint.
  11. Now, download the Intel® Endpoint Management Assistant (Intel® EMA) API Sample Scripts in the Intel® EMA Server.  We will use the adopted scripts to pull the endpoint into EMA.
  12. The easy way to adopt a single system is by using the Adopt-AMTSetupBySearch PS script.
  13. Run the CLI request or you can do it by using the full command:

    PS> ./Adopt-AMTSetupBySearch.ps1 -emaServerURL EMAServer.demo.com -searchMethod hostnameStart -searchString laptop.

    emaServerURL: FQDN
    searchMethod: hostnameStart
    searchString: endpoint Name

  14. The Command will request the credentials of the Intel® EMA Tenant Administrator.
  15. The PowerShell script has examples in it for custom scripting purposes.
  16. Bring up the Platform Manager and verify if everything went smoothly.  Also, verify in the Intel® EMA WebUI.  The endpoint should have now been adopted in Admin Control Mode (ACM) since that was set up in MEBX, despite the auto-setup specifying HBP.
Note

After Enabling the Network Access in MEBEX, EMA WebUI and Intel® EMA configuration tool show the endpoint as provisioned in Admin mode by another instance despite the EMA agent file being created in Client Control Mode.

Related Products

This article applies to 1 products.
Intel® Endpoint Management Assistant (Intel® EMA)

Need more help?

Contact support
Contact support