Use the General tab of the Out of Band Management Properties dialog box to configure information such as the Active Directory container in which to publish, the MEBx password, the option to automatically register an alias of ProvisionServer in DNS, the AMT provisioning certificate, and the issuing certification authority (CA) and certificate template to use when the out of band service point requests a Web server certificate for each computer that it provisions.

Note
The information in this topic applies only to Configuration Manager 2007 SP1 and later.

This dialog box contains the following elements.

Active Directory container

Displays the selected container (or OU) name and path for publishing AMT-based computers during the Configuration Manager provisioning process.
Important
If the site will publish AMT-based computers from more than one domain, the same container (or OU) path and name will be used for each domain, even though it is not displayed here.
The container (or OU) must be created outside Configuration Manager, and the site server computer must have appropriate permissions to publish AMT-based computers to it. If you delete the container (or OU) in Active Directory Domain Services, you will not be notified here that the container (or OU) no longer exists and you must specify the new container (or OU) to use. For more information about creating and configuring the container or OU, see How to Prepare Active Directory Domain Services for Out of Band Management.There is no default for this setting.Use Browse to navigate the Active Directory forest and select the container or OU.
MEBx Account

Specifies the account in the Management Engine BIOS extension (MEBx) that is used for the initial authenticated access to manage AMT-based computers. For more information, see About the MEBx Account.Specify your choice of password for the MEBx Account that Configuration Manager will configure in AMT during provisioning.Click Set to specify the password. The password is case sensitive and must be at least 8 characters, with a maximum of 32 characters, together with at least one each of an uppercase, a lowercase, a numeric, and a symbol character. Symbol characters include ! @ # $ % ^ & * and exclude : (colon) “ ” (double quotes) _ (underscore).
Allow out of band provisioning

Applies only to Configuration Manager 2007 SP2. Select this only if you must provision out of band. Out of band provisioning incurs the security risks of elevation of privileges, impersonation, and information disclosure. You can find more information about these security risks in Out of Band Management Security Best Practices and Privacy Information. For additional information to help you choose between in-band provisioning and out of band provisioning, see Choose Between In-Band Provisioning and Out of Band Provisioning.This option is not selected by default.
AMT provisioning port (TCP)

Specifies the TCP port number used when the out of band service point communicates with AMT-based computers for out of band provisioning. This number must match the value that is configured in the BIOS extensions of the AMT-based computers. Consult your computer manufacturer for more information.The default TCP port number is 9971. Values can range from 1–65535.
Register ProvisionServer as an alias in DNS

Selecting this option results in the site server registering an alias (CNAME) DNS record of ProvisionServer for the out of band service point. This option might be appropriate if you are provisioning new computers out of band. For more information, see the following topics:
Important
Do not enable this option if the out of band service point is not yet installed.
This option is not selected by default.
Provisioning certificate

Displays the file that contains the exported AMT provisioning certificate that the out of band management component automatically installs in the site database and on the out of band service point and that will be used to provision computers for AMT.Click Browse to select the exported provisioning certificate, and specify the password that was configured during the certificate export process. If you see an error indicating that the certificate is not a valid AMT provisioning certificate, verify that it has a .pfx extension and that the exported certificate has all the requirements listed in the topic Certificate Requirements for Out of Band Management.
Note
If Browse is disabled, check that you are running the Configuration Manager console directly from the site and not connected to it from a parent site. Configuration Manager prevents you from configuring the AMT provisioning certificate for a child primary site from a parent site because this would result in overwriting the AMT provisioning certificate in the parent site.
The certificate will be installed in the out of band service point's local certificate store when this site system role is installed. If the out of band service point is already installed, it periodically checks the certificate configured in the out of band management component and installs it if it is not already installed.For more information about creating and preparing the AMT provisioning certificate, see the following topics: There is no default for this setting.
Certificate template

Displays the Microsoft enterprise CA certificate template that the site server uses when requesting Web server certificates on behalf of AMT-based computers. Click Select to choose the template to use. For more information about creating the Web server certificate template for AMT provisioning, see the following topics: For more information about certificate usage with out of band management, see About Certificates for Out of Band Management.There is no default for this setting.
OK

Saves the changes and exits the dialog box.
Cancel

Exits the dialog box without saving any changes.
Apply

Saves the changes and remains in the dialog box.
Help

Opens the help topic for this dialog box.

See Also