Out of Band Management Properties: General Tab

Applies To: System Center Configuration Manager 2007, System Center Configuration Manager 2007 R2, System Center Configuration Manager 2007 R3, System Center Configuration Manager 2007 SP1, System Center Configuration Manager 2007 SP2

Use the General tab of the Out of Band Management Properties dialog box to configure information such as the Active Directory container in which to publish, the MEBx password, the option to automatically register an alias of ProvisionServer in DNS, the AMT provisioning certificate, and the issuing certification authority (CA) and certificate template to use when the out of band service point requests a Web server certificate for each computer that it provisions.


The information in this topic applies only to Configuration Manager 2007 SP1 and later.

This dialog box contains the following elements.

  • Active Directory container
    Displays the selected container (or OU) name and path for publishing AMT-based computers during the Configuration Manager provisioning process.


    If the site will publish AMT-based computers from more than one domain, the same container (or OU) path and name will be used for each domain, even though it is not displayed here.

    The container (or OU) must be created outside Configuration Manager, and the site server computer must have appropriate permissions to publish AMT-based computers to it. If you delete the container (or OU) in Active Directory Domain Services, you will not be notified here that the container (or OU) no longer exists and you must specify the new container (or OU) to use. For more information about creating and configuring the container or OU, see How to Prepare Active Directory Domain Services for Out of Band Management.

    There is no default for this setting.

    Use Browse to navigate the Active Directory forest and select the container or OU.

  • MEBx Account
    Specifies the account in the Management Engine BIOS extension (MEBx) that is used for the initial authenticated access to manage AMT-based computers. For more information, see About the MEBx Account.

    Specify your choice of password for the MEBx Account that Configuration Manager will configure in AMT during provisioning.

    Click Set to specify the password. The password is case sensitive and must be at least 8 characters, with a maximum of 32 characters, together with at least one each of an uppercase, a lowercase, a numeric, and a symbol character. Symbol characters include ! @ # $ % ^ & * and exclude : (colon) “ ” (double quotes) _ (underscore).

  • AMT provisioning port (TCP)
    Specifies the TCP port number used when the out of band service point communicates with AMT-based computers for out of band provisioning. This number must match the value that is configured in the BIOS extensions of the AMT-based computers. Consult your computer manufacturer for more information.

    The default TCP port number is 9971. Values can range from 1–65535.

  • Provisioning certificate
    Displays the file that contains the exported AMT provisioning certificate that the out of band management component automatically installs in the site database and on the out of band service point and that will be used to provision computers for AMT.

    Click Browse to select the exported provisioning certificate, and specify the password that was configured during the certificate export process. If you see an error indicating that the certificate is not a valid AMT provisioning certificate, verify that it has a .pfx extension and that the exported certificate has all the requirements listed in the topic Certificate Requirements for Out of Band Management.


    If Browse is disabled, check that you are running the Configuration Manager console directly from the site and not connected to it from a parent site. Configuration Manager prevents you from configuring the AMT provisioning certificate for a child primary site from a parent site because this would result in overwriting the AMT provisioning certificate in the parent site.

    The certificate will be installed in the out of band service point's local certificate store when this site system role is installed. If the out of band service point is already installed, it periodically checks the certificate configured in the out of band management component and installs it if it is not already installed.

    For more information about creating and preparing the AMT provisioning certificate, see the following topics:

    There is no default for this setting.

  • OK
    Saves the changes and exits the dialog box.
  • Cancel
    Exits the dialog box without saving any changes.
  • Apply
    Saves the changes and remains in the dialog box.
  • Help
    Opens the help topic for this dialog box.

See Also


About AMT Provisioning for Out of Band Management
About the MEBx Account
Certificate Requirements for Out of Band Management

For additional information, see Configuration Manager 2007 Information and Support.
To contact the documentation team, email SMSdocs@microsoft.com.