Can anyone help, please?
I’ve recently set up four new (although second hand) machines for a charity. They’re all the same model (Sandy Bridge-era HP units with corporate vPro features), they all have the latest UEFI and AMT firmware (7.1.92.3273), and have all been configured the same way (except for IP addresses).
On three machines, Intel AMT works perfectly. The internal HTTP servers listen on port 16992, and Intel AMT KVM works perfectly too.
On the fourth machine, I can configure it by going into the Ctrl+P BIOS extension, and the settings are stored correctly, but beyond that AMT doesn’t seem to work. It doesn’t seem to be listening on port 16992 and AMT KVM doesn’t seem to be listening either. I’ve tried unconfiguring and reconfiguring AMT, I’ve tried a full BIOS reset, including removing the CMOS battery, but nothing I do seems to solve the problem.
Does anyone know what I can do to diagnose and fix the fault?
Cheers!
@Mister_Terry - Does this system have 2 pin jumper on the board itself labeled FD, FDO, ME, Service etc? Please link to stock BIOS package. You will probably need to re-write ME region of the BIOS using FPT and the Clean ME guide
Download Intel ME System Tools from this page in section "C"
Inside find MEinfoWin and run MEInfoWin.exe -verbose - and MEInfoWin.exe -fwsts
Post images of complete output from both commands.
@Lost_N_BIOS
Thanks for your response!
There’s no jumper marked any of those things - the only jumper on the board is marked E49 and documented as removing BIOS passwords. There’s also a button that clears CMOS. (I tried both of those, just in case they were to have an effect.)
Here’s the link to the stock BIOS.
Here’s the output of MEInfoWin64 -verbose:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
Intel(R) MEInfo Version: 7.1.50.1166
Copyright(C) 2005 - 2011, Intel Corporation. All rights reserved.
Platform stepping value is 4
FW Status Register1: 0x1E000245
FW Status Register2: 0x69000006
CurrentState: Normal
ManufacturingMode: Disabled
FlashPartition: Valid
OperationalState: M0 with UMA
InitComplete: Complete
BUPLoadState: Success
ErrorCode: No Error
ModeOfOperation: Normal
ICC: Valid OEM data, ICC programmed
SMBIOS Table Data
Starting address: 0
Table Size in Bytes: 0 ( 0x0 )
Number of Table Entries: 0 ( 0x0 )
Virtual mapping of complete Table: 2 4kB Pages
PMXUtil: Error during PMX Call: PMxDrv!MAPPHYS - Bad Input Parameters
SM BIOS table entry point structure not found
SMBIOS Table Data
Starting address: 0
Table Size in Bytes: 0 ( 0x0 )
Number of Table Entries: 0 ( 0x0 )
Virtual mapping of complete Table: 2 4kB Pages
PMXUtil: Error during PMX Call: PMxDrv!MAPPHYS - Bad Input Parameters
SM BIOS table entry point structure not found
Error 1002: Failed to retrieve Intel (R) ME FW Version
Error 9458: Communication error between application and Intel(R) ME module (FW Update client)
Error 9459: Internal error (Could not determine FW features information)
Here's the output from MEInfoWin64 -fwsts:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Intel(R) MEInfo Version: 7.1.50.1166
Copyright(C) 2005 - 2011, Intel Corporation. All rights reserved.
FW Status Register1: 0x1E000245
FW Status Register2: 0x69000006
CurrentState: Normal
ManufacturingMode: Disabled
FlashPartition: Valid
OperationalState: M0 with UMA
InitComplete: Complete
BUPLoadState: Success
ErrorCode: No Error
ModeOfOperation: Normal
ICC: Valid OEM data, ICC programmed
I also ran the two MEInfo commands on one of the machines that works, and it was precisely the same response, byte-for-byte.
Thanks again
@Mister_Terry - Are you 100% certain no other 2 pin jumpers? If yes, OK. Do you have Intel ME drivers installed on the working and none working machines? Those last three errors on the working machines make it look like no ME drivers installed.
Do you have flash programmer, like CH341A or other? Can you please link me to the download drivers/BIOS page for this system.
Have you already tried re-installing latest BIOS update, and any ME updates you see on the manufacturer download page? If not, do that now and see if it changes things.
The LAN port is functioning correctly other than this on the problem machine correct?
@Lost_N_BIOS
Thanks for your response, and sorry it’s taken a couple of days to get back to you.
I’m 99.9% certain there aren’t any other 2 pin jumpers - I carefully looked over the board, plus there’s nothing documented. (They’re machines made for an enterprise target market, so the documentation is comprehensive.) I’ll have a chance to physically access the machine at the weekend, though, so I’ll take another look just to be on the safe side.
I remotely re-installed the latest BIOS and ME firmware, and it didn’t make any difference. Yes, the LAN port appears to be functioning perfectly otherwise. It’s very strange.
You were right about the ME drivers not being installed. I’ve installed them and re-run MEInfo. I did the same for one of the working machines with precisely the same specification, and it produced the same result (other than a different MAC address and IP address). I’ve also tried re-installing the latest BIOS and ME firmware, but it hasn’t had an effect. The last thing I can think of trying the CMOS reset button on the motherboard again, which is also supposed to fully reset Intel AMT, but I’m starting to think there’s some kind of very obscure hardware problem going on here. I don’t have a flash programmer, unfortunately.
Here’s the new output from MEInfo:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
Intel(R) MEInfo Version: 7.1.50.1166
Copyright(C) 2005 - 2011, Intel Corporation. All rights reserved.
Platform stepping value is 4
FW Status Register1: 0x1E000245
FW Status Register2: 0x69000006
CurrentState: Normal
ManufacturingMode: Disabled
FlashPartition: Valid
OperationalState: M0 with UMA
InitComplete: Complete
BUPLoadState: Success
ErrorCode: No Error
ModeOfOperation: Normal
ICC: Valid OEM data, ICC programmed
SMBIOS Table Data
Starting address: 0
Table Size in Bytes: 0 ( 0x0 )
Number of Table Entries: 0 ( 0x0 )
Virtual mapping of complete Table: 2 4kB Pages
PMXUtil: Error during PMX Call: PMxDrv!MAPPHYS - Bad Input Parameters
SM BIOS table entry point structure not found
SMBIOS Table Data
Starting address: 0
Table Size in Bytes: 0 ( 0x0 )
Number of Table Entries: 0 ( 0x0 )
Virtual mapping of complete Table: 2 4kB Pages
PMXUtil: Error during PMX Call: PMxDrv!MAPPHYS - Bad Input Parameters
SM BIOS table entry point structure not found
Get ME FWU info command...done
Get ME FWU version command...done
Get ME FWU feature state command...done
Get ME FWU platform type command...done
Get ME FWU feature capability command...done
Get ME FWU OEM Id command...done
FW Capabilities value is 0xDFE5C47
Feature enablement is 0xDFE5C47
Platform type is 0x1412
Intel(R) Manageability and Security Application code versions:
BIOS Version: Not available
MEBx Version: Not available
Gbe Version: 1.3
VendorID: 8086
PCH Version: 4
FW Version: 7.1.92.3273
UNS Version: Not Available
LMS Version: Not Available
MEI Driver Version: 11.0.5.1189
Wireless Hardware Version: Not Available
Wireless Driver Version: Not Available
FW Capabilities: 234773575
Intel(R) Active Management Technology - PRESENT/ENABLED
Intel(R) Standard Manageability - NOT PRESENT
Intel(R) Anti-Theft Technology - NOT PRESENT
Intel(R) Capability Licensing Service - PRESENT/ENABLED
Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Intel(R) AMT State: Enabled
Get iCLS permit information command...done
Command response status indicates permit not found
Get iCLS CPU allowed feature information command...done
CPU Upgrade State: Upgrade Capable
Cryptography Support: Enabled
Last ME reset reason: Global system reset
Local FWUpdate: Enabled
Get flash lockdown status...done
BIOS and GbE Config Lock: Enabled
Get flash master region access status...done
Host Read Access to ME: Disabled
Host Write Access to ME: Disabled
SPI Flash ID #1: C22017
SPI Flash ID VSCC #1: 20052005
SPI Flash BIOS VSCC: 20052005
Protected Range Register Base #0 0x7F0
Protected Range Register Limit #0 0x7FF
Protected Range Register Base #1 0x0
Protected Range Register Limit #1 0x0
Protected Range Register Base #2 0x0
Protected Range Register Limit #2 0x0
Protected Range Register Base #3 0x0
Protected Range Register Limit #3 0x0
Protected Range Register Base #4 0x0
Protected Range Register Limit #4 0x0
BIOS boot State: Post Boot
OEM Id: 00000000-0000-0000-0000-000000000000
Get Intel(R) AMT state command...done
Link Status: Link up
Get system UUID command...done
System UUID: 80542800-1ef3-11e0-0000-3cd92b6a2aa5
Get LanInterfaceSettings command for wired interface...done
MAC Address: 3c-d9-4f-61-1d-b7
IPv4 Address: 192.168.30.10
Get LanInterfaceSettings command for wireless interface...done
Command response reports interface doesn't exist
Get IPv6InterfaceStatus command for wired interface...done
Command response reports interface was disabled
IPv6 Enablement: Disabled
Get IPv6InterfaceStatus command for wireless interface...done
Command response reports interface doesn't exist
Get privacy level info command...done
Privacy Level: Default
Get provisioning state command...done
Configuration state: Completed
Get Provisioning Tls Mode command...done
Provisioning Mode: PKI
Capability Licensing Service: Enabled
Get iCLS permit information command...done
Command response status indicates permit not found
Get iCLS permit information command...done
Command response status indicates permit not found
Get iCLS CPU allowed feature information command...done
Get iCLS PCH allowed feature information command...done
Get iCLS PCH allowed feature information command...done
Get iCLS PCH allowed feature information command...done
Get iCLS PCH allowed feature information command...done
Capability Licensing Service Status: Permit info not available
Get ME FWU OEM Tag command...done
OEM Tag: 0x00000001
These jumpers are rarely/never documented even on enterprise stuff, that’s why I asked you to be sure too. So yes, please look in person not at any documentations or manuals etc.
Looks proper and OK to me, but that doesn’t always mean it is (BIOS or ME) either could still be messed up in some tiny way. Best and only way to fix this other than what you’ve tried is a flash programmer, order CH341A and SOIC8 test clip cable (If BIOS is soldered and 8 pin), costs around $5 total on ebay with China shipping, but you can get locally or faster shipping from more expensive sellers on ebay and amazon or other similar places. Be careful with ebay sellers and saying they are local to you, many China sellers do that now, so just because it costs more and says its in your country does not mean it is (Check negatives and neutrals for comments regarding that if you look at this kind of listing)
plutomaniac - do you see anything I’m missing above, all looks good and should be working correct?
I see nothing wrong at the log. On the Engine firmware side of things, the most you can do is a cleanup via [Guide] Clean Dumped Intel Engine (CS)ME/(CS)TXE Regions with Data Initialization but that’s usually for fixing issues and I don’t see something wrong in this case, at least on the surface. If even that doesn’t help, then the problem should be at the BIOS/MEBx/NVRAM. Don’t forget to always do “fpt -greset” via Flash Programming Tool at these Corporate/5MB platforms when you perform Engine-related firmware changes (cleanup, upgrade, MEBx) etc so that the Engine co-processor can reset its state.
Thanks, I guess we should try the manual reflash of everything via FPT after a cleanup, then try reset.
@Mister_Terry - can you bring this system home with you for a few days so we can work on it, or no?
Thanks for your help @Lost_N_BIOS and @plutomaniac , and apologies for taking a long time to respond again.
I never did get the chance to access the machine in question at the weekend, but this week I’ve had reports that it’s mysteriously crashed and failed to POST a couple of times (even though I did a full barrage of CPU, RAM and PSU tests on it before it was deployed), so I’m now running on the assumption that there’s an obscure hardware fault. As a consequence, I’ll simply be able to swap out the machine for a replacement.
It’s a shame that whatever the problem is / was will remain a mystery, though!
Thanks again.
@Mister_Terry - thanks for update, yes, I guess we’ll never know if you are swapping it out (unless you keep the system?)
Hi,
I have exactly the same problems on one Lenovo M93p now. I have been using Intel AMT on this system for a long time now. I tried to log into it this pc’s AMT web config the other day and my request would just time out. I tried everything remotely and locally. With browser or Meshcommander or vPro Management tools.
I made double sure that I’m using the correct IP/FQDN. I can enter ME Setup in BIOS just fine and also the settings are saved. And apart from the Intel AMT isuses, the pc runs just fine on windows 10.
My trouble shooting so far:
-trying a static IP instead of DHCP
-tested Shared or unique IP/FQDN
-Updateing ME/BIOS to the latest version available.
-Unprovisoning
-CMOS Clearing.
Nothing appears to help. Intel AMT just wont start listening on the AMT Ports. I have other Lenovo M93p and M92p and Asus systems running just fine with AMT. And also this one pc has been running fine for until now.
What could be the problem here?
When you updated ME FW, did the version actually change? Mainly asking if you can actually see MW FW version correctly (not N/A or 0.0.0.0) on BIOS main page, or with HWINFO64 etc, ME FW might be corrupted.
Yeah the versions are shown correctly. Apart from not having access to the Intel AMT configuartion via the AMT ports, there is no indication that AMT is not working. I can go into BIOS change the settings and all. But still no access to the AMT ports.
LAN is confirmed working? I don’t use AMT, so have no experience with this, does using that also use the BIOS PXE boot modules (like Boot from LAN)? If yes, and you updated the BIOS, maybe this is broken in new BIOS, try going back to old BIOS and see if that helps.
MEInfoWin -verbose show anything funky looking? Show image or text of that report and MEInfoWin -fwsts
Maybe Plutomaniac can see the issue
Could you give us the results of MEManuf* -verbose and MeInfo* -verbose?
The PC your trying to connect FROM is still able to connect to other AMT PCs?
Can you ping the AMT IP address of the non-working AMT Interface?
Yes the LAN Port works just fine. The Windows 10 install running on that buggy PC works flawless. Also any Linux Live CD works fine with the LAN hardware and gets IP and internet. Right now I only have problems connection to ME. Everything else works just fine.
And Yes the PC that I try to connect FROM can connect to other PC’s in the same network just fine.
I do not get a PING reply from the buggy PC.
Here is the MEInfo output:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
Intel(R) MEInfo Version: 9.1.45.3000
Copyright(C) 2005 - 2017, Intel Corporation. All rights reserved.
Intel(R) Manageability and Security Application code versions:
BIOS Version: FBKTC5AUS
MEBx Version: 10.0.0.0007
Gbe Version: 1.2
VendorID: 8086
PCH Version: 4
FW Version: 9.0.2.1345 H
LMS Version: Not Available
MEI Driver Version: 11.0.0.1166
Wireless Hardware Version: 2.0.70
Wireless Driver Version: 15.16.0.2
FW Capabilities: 0x4DFE5967
Intel(R) Active Management Technology - PRESENT/ENABLED
Intel(R) Anti-Theft Technology - PRESENT/ENABLED
Intel(R) Capability Licensing Service - PRESENT/ENABLED
Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Service Advertisement & Discovery - PRESENT/ENABLED
Intel(R) AMT State: Enabled
TLS: Enabled
Last ME reset reason: Global system reset
Local FWUpdate: Enabled
BIOS Config Lock: Enabled
GbE Config Lock: Enabled
Host Read Access to ME: Disabled
Host Write Access to ME: Disabled
SPI Flash ID #1: 20BA17
SPI Flash ID VSCC #1: 20052005
SPI Flash ID #2: 20BA16
SPI Flash ID VSCC #2: 20052005
SPI Flash BIOS VSCC: 20052005
BIOS boot State: Post Boot
OEM Id: 4c656e6f-766f-0000-0000-000000000000
Link Status: Link up
System UUID: b1343c57-5256-11e3-81b0-22196dcc1200
MAC Address: fc-4d-d4-d3-41-78
IPv4 Address: 192.168.188.24
IPv6 Enablement: Disabled
Privacy/Security Level: Default
Configuration state: Completed
Provisioning Mode: PKI
Capability Licensing Service: Enabled
OEM Tag: 0x00000000
Slot 1 Board Manufacturer: Unused
Slot 2 System Assembler: Unused
Slot 3 Reserved: Unused
M3 Autotest: Disabled
C-link Status: Enabled
Wireless Micro-code Mismatch: No
Wireless Micro-code ID in Firmware: 0x088E
Wireless LAN in Firmware: Intel(R) Centrino(R) Ultimate-N 6235
Wireless Hardware ID: 0x088F
Wireless LAN Hardware: Intel(R) Centrino(R) Ultimate-N 6235
Localized Language: English
Independent Firmware Recovery: Disabled
Please post report (and you can use [spoiler] tags) , both of these commands
MEInfoWin -verbose
MEInfoWin -fwsts
Maybe then plutomaniac will spot some issue
Have you ran a ME reset? If not, try that and see if it helps >> FPTw.exe -greset
Is this IP- address static or via DHCP? You didn’t configure the Wireless interface, did you?
You should be able to ping the interface as the firmware says "Link up" (provided the IP configuration is correct). In case you configured the interface for DHCP it somewhere/somehow got its IP- address?
I have tried both static and DHCP. In both cases i have the same result. The Pv4 Address: 192.168.188.24 was assigned via DHCP by my router like with most other devices. The router only recognizes the IP obtained from Windows for this faulty PC.
Normally if I set a different IP for AMT and Windows, my router will list both IP’s and I can AMT into the PC via the AMT IP. But with this faulty PC, I never see an IP for the AMT interface shared IP or not. It used to work up to a few weeks ago though.
I don’t have physical access to the device right now, so I cant run verbose.
You should be able to run all those we asked of you remotely, unless you meant you can’t run anything on the system since you can’t connect to it?
MEInfoWin -verbose
MEInfoWin -fwsts
MEManufWin -verbose