Hello,
I am newbie at bios mod.
There are many Dell Optiplex 790 in my room, some boxes does not be activated at AMT (no prompt for "CTRP + P" ) and others are activated.
I need to mod amt at inactivated one to improve monitoring/manage them since SOL/Web UI to control power/inventory are much useful.
As first step I have tried to dump SPI image but got error as below. It seems that fptw.exe stops dumping at section 8192K.
–Result–
C:\Users\Public\AMT\Intel ME System Tools v7 r1\Flash Programming Tool\Windows>fptw.exe -d spi01.bin
Intel (R) Flash Programming Tool. Version: 7.1.50.1166
Copyright (c) 2007-2011, Intel Corporation. All rights reserved.
Platform: Intel(R) Q65 Express Chipset Revision: B2
Reading HSFSTS register… Flash Descriptor: Valid
— Flash Devices Found —
W25Q64BV ID:0xEF4017 Size: 8192KB (65536Kb)
- Reading Flash [0x800000] 8192KB of 10240KB - 80% complete.
Error 51: An attempt was made to read beyond the end of flash memory
–End–
Instead, I got ME image successfully as below.
–Result–
C:\Users\Public\AMT\Intel ME System Tools v7 r1\Flash Programming Tool\Windows>fptw.exe -d me01.bin -me
Intel (R) Flash Programming Tool. Version: 7.1.50.1166
Copyright (c) 2007-2011, Intel Corporation. All rights reserved.
Platform: Intel(R) Q65 Express Chipset Revision: B2
Reading HSFSTS register… Flash Descriptor: Valid
— Flash Devices Found —
W25Q64BV ID:0xEF4017 Size: 8192KB (65536Kb)
- Reading Flash [0x600000] 6124KB of 6124KB - 100% complete.
Writing flash contents to file "me01.bin"…
Memory Dump Complete
FPT Operation Passed
–End–
However I got another error with ME Analyzer on ME image about invalid padding.
–Result–
-------[ ME Analyzer v1.16.3 ]-------
Database r95
File: me01.bin
Family: ME
Version: 7.1.70.1198
Release: Production
Type: Region, Extracted
SKU: 5MB
Date: 2012-10-26
Size: 0x4FD000
Platform: CPT/PBG
Latest: No
Blist 1: <= 7.0.10.1203
Blist 2: <= 7.1.13.1088
Warning: File size exceeds firmware, unneeded padding!
–End–
Unfortunately I am almost in stuck with two unexpected issue.
Should I seek for other method/tool or can someone give me advise?
Thank you!
First, make sure you have the latest Dell BIOS applied which should update you to version 7.1.91.3272. You only need to dump, modify and reflash the ME region so attach your dump and I will upload the equivalent image with AMT enabled. The warning at MEA is fine, unneeded/extra padding is not harmful.
plutomaniac,
Thank you for prompt reply and letting me know MEA warning.
I am easy to hear that it is not harmful.
I will post result after applying bios update.
Cheers!
Not to hijack a thread, but I’m also interested in activating features of the ME on my Optiplex 790. Mine has the latest BIOS version, and is currently configured with “Standard” manageability features. I’d like to unlock the “Full” featureset, primarily KVM redirection.
Here’s the output of MEInfo
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
C:\Intel ME System Tools v7 r1\MEInfo\Windows64>MEInfoWin64.exe
Intel(R) MEInfo Version: 7.1.50.1166
Copyright(C) 2005 - 2011, Intel Corporation. All rights reserved.
Intel(R) Manageability and Security Application code versions:
BIOS Version: A19
MEBx Version: 7.0.0.63
Gbe Version: 1.3
VendorID: 8086
PCH Version: 4
FW Version: 7.1.91.3272
UNS Version: 7.1.70.1205
LMS Version: 7.1.70.1205
MEI Driver Version: 7.1.70.1198
Wireless Hardware Version: Not Available
Wireless Driver Version: Not Available
FW Capabilities: 20585574
Intel(R) Standard Manageability - PRESENT/ENABLED
Intel(R) Anti-Theft Technology - PRESENT/ENABLED
Intel(R) Capability Licensing Service - PRESENT/ENABLED
Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Intel(R) Standard Manageability State: Enabled
CPU Upgrade State: Upgrade Capable
Cryptography Support: Enabled
Last ME reset reason: Power up
Local FWUpdate: Enabled
BIOS and GbE Config Lock: Enabled
Host Read Access to ME: Disabled
Host Write Access to ME: Disabled
SPI Flash ID #1: C22017
SPI Flash ID VSCC #1: 20052005
SPI Flash ID #2: C22015
SPI Flash ID VSCC #2: 20052005
SPI Flash BIOS VSCC: 20052005
BIOS boot State: Post Boot
OEM Id: 00000000-0000-0000-0000-000000000000
Link Status: Link up
System UUID: <redacted>
MAC Address: <redacted>
IPv4 Address: 192.168.<redacted>
IPv6 Enablement: Disabled
Privacy Level: Default
Configuration state: Completed
Provisioning Mode: PKI
Capability Licensing Service: Enabled
Capability Licensing Service Status: Permit info not available
OEM Tag: 0x00000000
Here's the output of dumping SPI, as it differs slightly.
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
C:\Intel ME System Tools v7 r1\Flash Programming Tool\Windows64>fptw64.exe -d O7
90ME.bin -me
Intel (R) Flash Programming Tool. Version: 7.1.50.1166
Copyright (c) 2007-2011, Intel Corporation. All rights reserved.
Platform: Intel(R) Q65 Express Chipset Revision: B2
Reading HSFSTS register... Flash Descriptor: Valid
--- Flash Devices Found ---
MX25L6405D ID:0xC22017 Size: 8192KB (65536Kb)
MX25L1605A ID:0xC22015 Size: 2048KB (16384Kb)
- Reading Flash [0x600000] 6124KB of 6124KB - 100% complete.
Writing flash contents to file "O790ME.bin"...
Memory Dump Complete
FPT Operation Passed
O790ME.zip (3.19 MB)
Hi,
I actually updated Bios and got succeeded. However Intel Management Engine is still detected as 7.1.70.1198.
Please see attached for current status.
Also I tried to get SIP and ME image for verification from same model box whose ME is activated and working fine (Without VNC).
ME was fine but same read error at 8192K block. I recognized that this read block happens regardless ME is activated or disables.
Any way, I uploaded dump data by executing "fptw.exe -d me01.bin -me".
Hopefully this image can be modified with AMT/ME enabled.
Thank you and have fresh Monday!
Sorry, I missed to attached ME firm.
I uploaded data again with changing file extension from bin to zip
Cheers,
me01.zip (3.22 MB)
I have modded my ME image according to following guide.
[Guide] Clean dumped or extracted Intel Engine region images of Initialization data
I suppose every step done fine till step of “fptw.exe -greset” and my 790 box had rebooted successfully.
I also tried fptw.exe -rewrite -me -f MYME01mod.bin though, my fptw.exe said NO OPTION for -rewrite.
After searching several thread, I did “fptw.exe -f MYME01mod.bin -me”. Before command was initialized, fptw.exe said waring about file size miss match but I executed and clear CMOS.
As a result, I can see “ME in recovery state” during booting now, still no option for MEBx or “CTRL + P”.
It seems that I have still something incomplete or missing.
@ itcollection & Kasm279:
It seems that Optiplex 790 uses Intel Q65 PCH which does not support AMT. So you cannot enable it on that system.
plutmaniac,
This SKU information is great but enough to give up more greater feature.
O.K. let’s leave VNC server function behind.
For me, VNC is too much, getting Web UI or SOL available it works. Hopefully to make TLS session enabled would be preferred.
I will perform following procedure again and compare with previous try step by step in my labo tomorrow and repot again.
If you find any fault in steps, please let me know.
- Modify ME dump by fpt/fptw/fptw64.exe.
- Set “support jumper” enable
- Execute fpt/fptw/fptw64.exe -greset
- Aply modded ME image by fpt/fptw/fptw64.exe with “-f XXX.bin -me” option
- Clear CMOS and recover jumpers.
- Check if I can enter into MEBx menu.
Thank you and good night,
From itcollection @ GMT + 9:00
Shame, I was really hoping to get KVM on this machine. Oh well.
@ itcollection:
Leave the firmware as it is or restore back to your original ME dump in case you made changes for some reason. The procedure is the same: jumper on, fpt -me -f, fpt -greset, jumper off. When the jumper is on the ME is in recovery state and its firmware can be reflashed.
plutomaniac,
Here is today’s result.
I tried 3 type of procedure and use 2 type of images, modded image based on AMT disabled and AMT available image(not full function, just Standard Manageability features) from active system.
- Get ME region dump > Mod image (case of disable AMT dump) > jumper on + fpt -me -f > fpt -greset > Jumper off
- Get ME region dump > Mod image (case of disable AMT dump) > jumper on + fpt -me -f > fpt -greset > Jumper off > Clean CMOS (jumper of RTCRST ON)
- Get ME region dump > Mod image (case of disable AMT dump) > jumper on + fpt -me -f > fpt -greset > Jumper off > fpt -greset > Clean CMOS (jumper of RTCRST ON) ← I referred at post #32 of Optiplex 7010 and VPro/AMT/ME (3)
>> Every try failed, very sad.
I am wondering if there is some trick hiding out of SPI/ME region or this model(Dell Optiplex790) is locked totally for AMT feature after shipping…
By the way, I have found there is some gap in size between AMT disabled image and alive one even though I get them from same dump command “fptw.exe -d XXX.bin -me”.
You can see more larger gap after extract from zip, hope found method to improve.
Thank you!
ME Region_AMTalive.zip (3.05 MB)
ME Region_original-AMTdisabled.zip (3.19 MB)