You are here: Using the Configurator > Configuring Systems (Unified Configuration)

Configuring Systems

Command ConfigAMT
Description

Configures Intel AMT with settings in a configuration profile (XML file). Configured systems are reconfigured. For more information, see Unified Configuration Process.

 

Note:
If you run ConfigAMT on a new system locally (in the host-based configuration), the Intel® Management Engine BIOS Extension (MEBX) password will not be reset from the default password, "admin," while the system is in admin control mode. Therefore, you must run ConfigViaRCSOnly after running ConfigAMT locally, to set the MEBX password. See Configuring Systems using the RCS.
Syntax

ACUConfig.exe [global options] ConfigAMT <filename>

[/DecryptionPassword <password>] [/AbortOnFailure]

[/AdminPassword <password>] [/LongRandomPassword]

[/ADOU <ADOU path>][/NetworkSettingsFile <file>]

{[/FileToRun <filename>] [/FileHash <SHA256 hash>]

[/FileUser <username>] [/FilePassword <password>]}

Parameters

[global options]

See CLI Global Options

<filename>

The XML file containing the configuration parameters for this Intel AMT system
/DecryptionPassword <password> Mandatory if any of the files that the Configurator will use are encrypted (see File Encryption)
/AbortOnFailure

If configuration fails, put the Intel AMT device in the “Not Provisioned” mode. This parameter is applicable only for systems that were unconfigured when the command started (during reconfiguration this parameter is ignored).

Warning: A full unconfiguration will occur and as a result, any certificate hashes and PKI DNS suffix manually entered into the MEBX will be deleted.

/AdminPassword <password>

The current password of the default Digest admin user defined in the Intel AMT device. This parameter is NOT necessary if any of these are true:

  • The device is in an unconfigured state
  • The XML profile contains the Digest admin password
  • The user account running the Configurator is a Kerberos account that is configured in the Intel AMT device with administrator permissions
/LongRandomPassword The /LongRandomPassword is used by the ACUConfig.exe as a flag so that ACUConfig will ignore the password set in the profile and instead generate a random long (32 char) password and set it as the admin password for that platform. If the user wants to know what password was set, then he must use the /filetorun tag in order to run a script, the seventh "%7" parameter of this script will be the password that was generated by the acuconfig.exe. It is recommended that this flag only be used alongside the /filetorun flag, and for the script to execute a report to RCS command so that this password gets stored in the database. Otherwise the user will not know what password was used and his platform won't unconfigure.
/ADOU <ADOU path> The path to the Active Directory Organizational Unit (ADOU) containing the AD object of configured systems. If this parameter is supplied, the Configurator will delete the existing AD object representing the system. A new AD object is created in the ADOU defined in the configuration profile.
/NetworkSettingsFile <file> The path to a file that contains the network settings (FQDN and/or IP) to put in the Intel AMT device. Only use this parameter if you defined the source for at least one of these settings as a dedicated network settings file. For more information, see Defining IP and FQDN Settings.

/FileToRun

/FileHash

/FileUser

/FilePassword

The Configurator can use these parameters to run a script after the command has completed successfully. For more information, see Scripts Run by the Configurator.