Cannot Wakeup computers with amt configuration by the action button

[bennyc-huji]

Describe the bug I configured most of the computers to Intel AMT. When I'm trying to push the Action button, and press Power Off/Wakeup, it does not doing anything. When I open the regular Intel AMT tab on meshcentral\going directly to port 16992 of the computer, I can turn it off or on without any problem.

I want to give the desktop control and the power on/off to supporters and administrators, so I can deny and hide from them the whole tab of the amt settings.

To Reproduce Steps to reproduce the behavior:

1. Open a computer with Intel AMT that configured
2. Click on Actions → WakeUp computer → Ok
3. Nothing happend

Server Software (please complete the following information):

• OS: Debian 11 Bulleye
• Network: LAN, some of the computers on active directory. The networking is been managing by Network-Administrator and Cybersecurity
• Version: 1.0.51
• Node: v18.5.0
• Browser: Mozilla Firefox

Remote Device (please complete the following information):

• Device: [e.g. Laptop]
• OS: [e.g. Windows 10]
• Version: [e.g. 21H2]
• Current Core Version (if known): [HINT: Go to a device then console Tab then type info]

Additional context Add any other context about the problem here.

Your config.json file

{
  "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
  "__comment1__": "This is a simple configuration file, all values and sections that start with underscore (_) are ignored. Edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
  "__comment2__": "See node_modules/meshcentral/sample-config-advanced.json for a more advanced example.",
  "settings": {
    "_cert": "myserver.mydomain.com",
    "_WANonly": true,
    "LANonly": true,
    "_sessionKey": "MyReallySecretPassword1",
    "port": 1555,
    "agentPortTls": false,
    "_autoBackup": {
      "mysqlDumpPath": "mysqldump"
    },
    "_meshScanner": true,
    "_plugins": {
      "enabled": true
    },
    "_log": "/home/mesh/loger/",
    "meshErrorLogPath": "/home/mesh/loger/",
    "mongoDb": "mongodb://127.0.0.1:12027/meshcentral",
    "mongoDbName": "meshcentral",
    "desktopMultiplex": true,
    "amtManager": true,
    "mongoDbBulkOperations": true,
    "autoBackup": {
      "mongoDumpPath": "/usr/bin/mongodump",
      "backupIntervalHours": 12,
      "backupPath": "/k"
    },
    "agentPortBind": "1555"
  },
  "domaindefaults": {
    "newAccountsRights": [
      "nonewgroups",
      "nonewdevices",
      "notools"
    ],
    "desktop": {
      "viewonly": false
    }
  },
  "domains": {
    "": {
      "title": "MESHCENTRAL",
      "title2": "MeshCentral",
      "_minify": true,
      "_newAccounts": true,
      "userNameIsEmail": true,
      "agentConfig": [
        "MeshServer=wss://MeshServer:1555/agent.ashx"
      ]
    },
    "Ekmd": {
      "title": "EKMD-AMT",
      "title2": "Ekmd-AMT",
      "userNameIsEmail": true
    }
  },
  "_letsencrypt": {
    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before trying Let's Encrypt.",
    "email": "myemail@mydomain.com",
    "names": "myserver.mydomain.com",
    "production": false
  }
}

[Ylianst]

interesting, you config.json has your server in LAN mode, but you hard set the agent connection URL using agentConfig for the default domain, but not for the "Ekmd" domain.

The agent port (agentPort) is not set so these two lines should do nothing:

 "agentPortTls": false,
 "agentPortBind": "1555"

Also, the agentPortBind should specify a network interfaces, no a port. It's ignored anyway, but this is not technically correct.

In any case, let me see if I can replicate this.

[Ylianst]

To debug this, first, confirm that Intel AMT is active and there MeshCentral is not showing any red errors on the "Intel AMT" line:

Next, you can go in the "My Server / Trace" tab and enable tracing on the "Intel AMT Manager" like this:

You can then open another tab and select to power off or power on Intel AMT, you should see "performPowerAction" with 2 or 8 depending on power on/off.

Let me know if you see this or not. Thanks.

[bennyc-huji]

the computer is not responding to the action button. only to the vanilla-amt interface. moreover, it does not appear in the tracing list.

[Ylianst]

Ok, that is not sufficient information to do anything. Can you provide the trace?

[bennyc-huji]

The trace contains only computers that are connected to the CIRA, activated or deactivated. Like “CN Attempt Initial Local Contact” All the computers, and nothing alses.

@.*** בני סארט, האגף למחשוב, שלוחת עין־כרם, האוניברסיטה העברית

From: Ylian Saint-Hilaire @.> Sent: Thursday, July 21, 2022 02:32 To: Ylianst/MeshCentral @.> Cc: Benny Saret @.>; Author @.> Subject: Re: [Ylianst/MeshCentral] Cannot Wakeup computers with amt configuration by the action button (Issue #4253)

Ok, that is not sufficient information to do anything. Can you provide the trace?

— Reply to this email directly, view it on GitHubhttps://github.com/Ylianst/MeshCentral/issues/4253#issuecomment-1190870203, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AZ3PPX6JY64PA6DMQOTLE2LVVCD57ANCNFSM53LEAXWA. You are receiving this because you authored the thread.Message ID: @.**@.>>