How to Provision an Endpoint without an Intel® Active Management Technology (Intel® AMT) Certificate

Self-Certificate fails the endpoint provisioning.

The steps below require physical access to the endpoints.

First, uninstall the Intel® EMA agent file. Access the EMA agent installation file with Admin rights and select uninstall.
Go to the Intel® EMA server and stop managing all the desired endpoints.

Then,

1. To prevent possible issues, perform a Full Unprovision of the endpoint from MEBEX BIOS.
2. Go into MEBX, and under Intel® AMT Configuration Network Access State, choose Enable.
3. Change the User Consent in MEBX to NONE. This will allow us to do OOB KVM without any user interaction.
4. Next, review if the Intel® EMA profile (in the EMA Server console) is in CIRA mode and set the desired settings.
5. Enable Intel® AMT Auto-setup and choose the right profile.
6. Choose HBP (Host Base Provisioning), and create your password, disable the randomized password. This will make the adoption easy.
7. Install the Intel® EMA agent files into the endpoint.
8. Now, download the Intel® Endpoint Management Assistant (Intel® EMA) API Sample Scripts in the EMA Server. We will use the adopted scripts to pull the endpoint into EMA.
9. The easy way to adopt a single system is by using the Adopt-AMTSetupBySearch PS script.
10. Run the CLI request or you can do it by using the full command:

    PS> ./Adopt-AMTSetupBySearch.ps1 -emaServerURL EMAServer.demo.com -searchMethod hostnameStart -searchString laptop.

    emaServerURL: FQDN
    searchMethod: hostnameStart
    searchString: endpoint Name

11. The Command will request the credentials of the Intel® EMA Tenant Administrator.
12. The PowerShell script has examples in it for custom scripting purposes.
13. Bring up the Platform Manager and verify if everything went smoothly. Also, verify in the EMA WebUI. The endpoint should have now been adopted in Admin Control Mode (ACM) since that was set up in MEBX, despite the auto-setup specifying HBP.