using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Management.Automation;
using System.Management.Automation.Provider;
using System.Management.Automation.Runspaces;
using System.Security.Principal;
using System.DirectoryServices;
using System.Diagnostics;
using System.Security.Cryptography.X509Certificates;
using Intel.Management.Wsman;
using System.Security;
namespace Intel.Management.PSModule.Amt
{
///
/// Base class for Amt command
///
public class AmtCmd : PSCmdlet
{
public AmtCmd()
: base()
{
_host = "localhost";
}
[Parameter(Mandatory = false, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Hostname, FQDN, or IP Address")]
public string ComputerName
{
get { return _host; }
set { _host = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Amt Client Certificate")]
public String CertificateName
{
get { return _certName; }
set { _certName = value; }
}
[Parameter(
Position = 2,
ValueFromPipeline = true,
ValueFromPipelineByPropertyName = true)]
[CredentialAttribute]
public PSCredential Credential
{
get { return _credential; }
set { _credential = value; }
}
[Parameter(Mandatory = false,
HelpMessage = "Use Transport Layer Security")]
public SwitchParameter TLS
{
get { return _useTls; }
set { _useTls = value; }
}
[Parameter(Mandatory = false,
HelpMessage = "Accept Self-Signed certificate (skips any certificate checks)")]
public SwitchParameter AcceptSelfSignedCert
{
get { return _acceptSelfSignedCertificate; }
set { _acceptSelfSignedCertificate = value; }
}
[Parameter(Mandatory = false,
HelpMessage = "treat the Password as a Digest Master")]
public SwitchParameter AsMaster
{
get { return _asMaster; }
set { _asMaster = value; }
}
protected override void ProcessRecord()
{
_conn=ConnectionManager.ActiveSession;
if (_conn == null)
{
//sending null to the connection and after then set the certificate.
_conn= CredentialManager.GetConnection(_host, _credential, _useTls, _acceptSelfSignedCertificate, _asMaster, null, null);
if(!string.IsNullOrEmpty(_certName)) //Set the certificate by inserted certificate name.
_conn.Options.SetClientCertificateByCertificateName(_certName);
}
}
protected WsmanConnection _conn;
protected PSCredential _credential;
protected string _host;
protected bool _useTls;
protected bool _acceptSelfSignedCertificate = false;
protected bool _asMaster;
protected string _certName;
}
[Cmdlet("Enter", "AmtSession", SupportsShouldProcess = true)]
public class EnterSessionCmd : PSCmdlet
{
[Parameter(Mandatory = true, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Wsman connection object")]
public Intel.Management.Wsman.WsmanConnection Connection
{
get { return _conn; }
set { _conn = value; }
}
protected override void ProcessRecord()
{
ConnectionManager.ActiveSession = _conn;
}
WsmanConnection _conn;
}
[Cmdlet(VerbsCommon.New, "AmtSession", SupportsShouldProcess = true)]
public class NewSessionCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
WriteObject(_conn);
}
}
[Cmdlet(VerbsCommon.Get, "AmtSession", SupportsShouldProcess = true)]
public class GetSessionCmd : PSCmdlet
{
public GetSessionCmd()
: base()
{
}
protected override void ProcessRecord()
{
if (ConnectionManager.ActiveSession!=null)
WriteObject(ConnectionManager.ActiveSession);
}
}
[Cmdlet("Exit", "AmtSession", SupportsShouldProcess = true)]
public class ExitSessionCmd : PSCmdlet
{
public ExitSessionCmd()
: base()
{
}
protected override void ProcessRecord()
{
ConnectionManager.ActiveSession = null;
}
}
///
/// Gets a new Amt Connection
///
[Cmdlet(VerbsCommon.New, "AmtConnection", SupportsShouldProcess = true)]
public class GetConnectionCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
WriteObject(_conn);
}
}
///
/// Gets the Product version string from Wsman Identify
///
[Cmdlet(VerbsCommon.Get, "AmtProduct", SupportsShouldProcess = true)]
public class GetProductCmd : AmtCmd
{
public GetProductCmd()
: base()
{
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedInstance response = _conn.Identify();
string product = "Unknown";
IWsmanItem item = response.GetProperty("ProductVersion");
if (!item.IsNull)
product = item.ToString();
WriteObject(product);
}
}//end GetProductVersionCmd
///
/// Sets the Newtork Admin Crediential
///
[Cmdlet(VerbsCommon.Set, "AmtAdminAcl", SupportsShouldProcess = true)]
public class SetAdminAclCmd : AmtCmd
{
[Parameter(Mandatory = true, Position = 2, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "New Admin Password")]
public System.Security.SecureString Password
{
get { return _newPassword; }
set { _newPassword = value; }
}
[Parameter(Mandatory = false, Position = 3, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Admin Account name")]
public string Username
{
get { return _user; }
set { _user = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedInstance settingsObj = _conn.NewInstance("SELECT * FROM AMT_GeneralSettings");
string realm=settingsObj.GetProperty("DigestRealm").ToString();
IManagedReference refToService = _conn.NewReference("AMT_AuthorizationService");
IManagedInstance inputObj = null;
IManagedInstance outObj = null;
if (_user==null)
{
//
inputObj = refToService.CreateMethodInput("GetAdminAclEntry");
outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
_user = outObj.GetProperty("Username").ToString();
break;
case "1":
throw new WsmanInvokeException("Internal Error");
default:
throw new WsmanInvokeException("AMT error " + outObj.GetProperty("ReturnValue").ToString());
}
}
inputObj = refToService.CreateMethodInput("SetAdminAclEntryEx");
inputObj.SetProperty("Username", _user);
string hash = CredentialManager.GetStringFromSecureString(_newPassword);
inputObj.SetProperty("DigestPassword", CredentialManager.GetBase64PasswordHash(_user, realm, hash));
outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
break;
case "1":
throw new WsmanInvokeException("Internal Error");
case "12":
throw new WsmanInvokeException("Invalid Name");
case "13":
throw new WsmanInvokeException("Flash write limit exceeded");
case "2054":
throw new WsmanInvokeException("Invalid Password");
case "2075":
throw new WsmanInvokeException("Audit Failed");
default:
throw new WsmanInvokeException("AMT error " + outObj.GetProperty("ReturnValue").ToString());
}
}
System.Security.SecureString _newPassword;
string _user;
}//End SetAdminAclCmd
///
/// Gets the Digest Realm
///
[Cmdlet(VerbsCommon.Get, "AmtDigestRealm", SupportsShouldProcess = true)]
public class GetDigestRealmCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedInstance settingsObj = _conn.NewInstance("SELECT * FROM AMT_GeneralSettings");
WriteObject(settingsObj.GetProperty("DigestRealm").ToString());
}
}//End GetDigestRealm
[Cmdlet(VerbsLifecycle.Disable, "Amt",
SupportsShouldProcess = true)]
public class DisableAmtCmd : AmtCmd
{
[Parameter(Mandatory = false,
HelpMessage = "Fully unconfigure the client by removing all non-factory data")]
public SwitchParameter Full
{
get { return _useFull; }
set { _useFull = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_SetupAndConfigurationService");
IManagedInstance inputObj = refToService.CreateMethodInput("PartialUnprovision");
if (_useFull)
{
WriteVerbose("Removing all non-factory passwords and certificates");
inputObj = refToService.CreateMethodInput("Unprovision");
inputObj.SetProperty("ProvisioningMode", "1");
}
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
WriteVerbose("Amt successfully disabled");
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Internal Error");
break;
case "16":
AmtException.ThrowInvokeError(outObj, "Not Permitted");
break;
case "36":
AmtException.ThrowInvokeError(outObj, "Invalid Parameter");
break;
case "2076":
AmtException.ThrowInvokeError(outObj, "Bocking Component");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
bool _useFull;
}
[Cmdlet(VerbsLifecycle.Disable, "AmtClientMode",
SupportsShouldProcess = true)]
public class DiableClientControlModeCmd : PSCmdlet
{
protected override void ProcessRecord()
{
Intel.Management.Mei.IMeDevice me = new Intel.Management.Mei.MeDevice();
if (!me.Unprovision())
{
throw new InvalidOperationException("Unable to unconfigure client control mode");
}
}
}
[Cmdlet(VerbsLifecycle.Enable, "AmtAdminMode",
SupportsShouldProcess = true)]
public class EnableAdminControlModeCmd : PSCmdlet,IDisposable
{
[Parameter(Mandatory = false, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "NetworkAdminPassword")]
public SecureString AdminPassword
{
get { return _password; }
set
{
_password?.Dispose();
_password = value;
}
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "DigitalSignalure")]
public DigitalSignatureInfo Signature
{
get { return _signature; }
set { _signature = value; }
}
[Parameter(Mandatory = false, Position = 2, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Force commandline password")]
public SwitchParameter Force
{
get { return _force; }
set { _force = value; }
}
[Parameter(
ValueFromPipeline = true,
ValueFromPipelineByPropertyName = true)]
[CredentialAttribute]
public PSCredential Credential
{
get { return _credential; }
set { _credential = value; }
}
private IManagedInstance UpdateChain(IManagedReference refToService, IManagedInstance serviceObj)
{
for (int i = 0; i < _signature.CertificateChain.ChainElements.Count; i++)
{
if (serviceObj.GetProperty("CertChainStatus").ToString().Equals("2"))
break;
bool isLeaf = i == 0;
bool isRoot = i == (_signature.CertificateChain.ChainElements.Count - 1);
IManagedInstance inputObj = refToService.CreateMethodInput("AddNextCertInChain");
inputObj.SetProperty("NextCertificate", Convert.ToBase64String(_signature.CertificateChain.ChainElements[i].Certificate.RawData));
inputObj.SetProperty("IsLeafCertificate", isLeaf.ToString().ToLower());
inputObj.SetProperty("IsRootCertificate", isRoot.ToString().ToLower());
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
break;
case "1":
throw new WsmanInvokeException("Invalid Parameter");
case "2":
throw new WsmanInvokeException("Internal Error");
case "3":
throw new WsmanInvokeException("Invalid State");
case "4":
throw new WsmanInvokeException("Invalid certificate");
case "5":
//Chain length exceeded
throw new WsmanInvokeException("chain length exceeded");
default:
throw new WsmanInvokeException("AMT error " + outObj.GetProperty("ReturnValue").ToString());
}
serviceObj = refToService.Get(); // refresh the service Object
if (serviceObj.GetProperty("CertChainStatus").ToString().Equals("2"))
break;
}
return serviceObj;
}
protected override void ProcessRecord()
{
SetupRecord record = null;
IWsmanConnection conn = null;
Intel.Management.Mei.IMeDevice me = new Intel.Management.Mei.MeDevice();
if (_credential != null)
{
WsmanConnection tempConn = new WsmanConnection();
tempConn.Address = "http://localhost:16992/wsman";
tempConn.SetCredentials(_credential.UserName, _credential.Password.Copy());
conn = tempConn;
}
else
{
conn = me.LocalConnection;
}
IManagedReference refToService = conn.NewReference("SELECT * FROM AMT_GeneralSettings");
IManagedInstance settingsObj = refToService.Get();
refToService = conn.NewReference("SELECT * FROM IPS_HostBasedSetupService");
IManagedInstance serviceObj = refToService.Get();
IManagedInstance inputObj = null;
if (serviceObj.GetProperty("CurrentControlMode").ToString().Equals("1"))
{
inputObj = refToService.CreateMethodInput("UpgradeClientToAdmin");
}
else
{
inputObj = refToService.CreateMethodInput("AdminSetup");
if (_password != null && !_force)
{
Exception exp = new AmtException("This operation requires the use of the –force switch");
ErrorRecord error = new ErrorRecord(exp, exp.GetType().Name, ErrorCategory.SecurityError, this);
WriteError(error);
}
if (_password == null)
{
this.Host.UI.Write("Enter password: ");
_password = this.Host.UI.ReadLineAsSecureString();
}
inputObj.SetProperty("NetAdminPassEncryptionType", "2");
inputObj.SetProperty("NetworkAdminPassword", me.GetPasswordHash("admin", settingsObj.GetProperty("DigestRealm").ToString(), _password));
}
inputObj.SetProperty("McNonce", _signature.McNonce);
//update certChain
X509ChainElement elt = _signature.CertificateChain.ChainElements[0];//0 is leaf Count -1 is root
inputObj.SetProperty("SigningAlgorithm", "2");
inputObj.SetProperty("DigitalSignature", _signature.Signature);
serviceObj = UpdateChain(refToService, serviceObj);
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
string result = outObj.GetProperty("ReturnValue").ToString();
switch (result)
{
case "0":
/* foreach (IWsmanItem item in conn.ExecQuery("SELECT * FROM IPS_ProvisioningAuditRecord"))
{
record = new SetupRecord(item.Object);
}*/
break;
case "1":
throw new WsmanInvokeException("Internal Error");
case "2":
throw new WsmanInvokeException("Invalid State");
case "3":
throw new WsmanInvokeException("Invalid Parameter");
case "4":
throw new WsmanInvokeException("Method Disabled");
case "5":
throw new WsmanInvokeException("Authentication Failed");
case "6":
throw new WsmanInvokeException("Flash write limit exceeded");
default:
throw new WsmanInvokeException("AMT error " + result);
}
WriteObject(record);
}
PSCredential _credential;
SecureString _password;
DigitalSignatureInfo _signature;
bool _force;
#region IDisposable Implementation
private bool _disposed = false;
///
/// Implement IDisposable method
///
///
protected virtual void Dispose(bool disposing)
{
if (_disposed)
return;
if (disposing)
{
_password?.Dispose();
_credential.Password?.Dispose();
}
_disposed = true;
}
public void Dispose()
{
Dispose(true);
GC.SuppressFinalize(this);
}
~EnableAdminControlModeCmd()
{
Dispose(false);
}
#endregion
}
[Cmdlet(VerbsCommon.Get, "AmtHostSetupRecord",
SupportsShouldProcess = true)]
public class GetHostSetupRecordCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
SetupRecord record = null;
foreach (IWsmanItem item in _conn.ExecQuery("SELECT * FROM IPS_ProvisioningAuditRecord"))
{
record = new SetupRecord(item.Object);
}
if (record != null) WriteObject(record);
}
}
[Cmdlet(VerbsLifecycle.Enable, "AmtClientMode",
SupportsShouldProcess = true)]
public class EnableClientControlModeCmd : PSCmdlet , IDisposable
{
[Parameter(Mandatory = false, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "NetworkAdminPassword")]
public System.Security.SecureString AdminPassword
{
get { return _secPassword; }
set { _secPassword = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "DigitalSignature")]
public DigitalSignatureInfo Signature
{
get { return _signature; }
set { _signature = value; }
}
protected override void ProcessRecord()
{
SetupRecord record = null;
if (_secPassword == null)
{
this.Host.UI.Write("Enter password: ");
_secPassword = this.Host.UI.ReadLineAsSecureString();
}
IWsmanConnection conn = ConnectionManager.LocalSession;
IManagedReference refToService = conn.NewReference("SELECT * FROM AMT_GeneralSettings");
IManagedInstance settingsObj = refToService.Get();
refToService = conn.NewReference("SELECT * FROM IPS_HostBasedSetupService");
IManagedInstance inputObj = refToService.CreateMethodInput("Setup");
inputObj.SetProperty("NetAdminPassEncryptionType", "2");
inputObj.SetProperty("NetworkAdminPassword",
Mei.MeDevice.HashPassword("admin", settingsObj.GetProperty("DigestRealm").ToString(),_secPassword));
if (_signature != null && _signature.CertificateChain.ChainElements.Count > 0)
{
inputObj.SetProperty("McNonce", _signature.McNonce);
X509ChainElement elt = _signature.CertificateChain.ChainElements[0];
System.Security.Cryptography.RSACryptoServiceProvider p = (System.Security.Cryptography.RSACryptoServiceProvider)elt.Certificate.PublicKey.Key;
bool b = p.VerifyData(_signature.GetRawData(), "SHA256", Convert.FromBase64String(_signature.Signature));
b.ToString();
inputObj.SetProperty("Certificate", Convert.ToBase64String(elt.Certificate.RawData));
inputObj.SetProperty("SigningAlgorithm", "2");
inputObj.SetProperty("DigitalSignature", _signature.Signature);
}
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
string result = outObj.GetProperty("ReturnValue").ToString();
switch (result)
{
case "0":
conn.Close();
break;
case "1":
throw new WsmanInvokeException("Internal Error");
case "2":
throw new WsmanInvokeException("Invalid State");
case "3":
throw new WsmanInvokeException("Invalid Parameter");
case "4":
throw new WsmanInvokeException("Method Disabled");
case "5":
throw new WsmanInvokeException("Authentication Failed");
case "6":
throw new WsmanInvokeException("Flash write limit exceeded");
default:
throw new WsmanInvokeException("AMT error " + result);
}
WriteObject(record);
}
SecureString _secPassword;
DigitalSignatureInfo _signature;
#region IDisposable Implementation
private bool _disposed = false;
///
/// Implement IDisposable method
///
///
protected virtual void Dispose(bool disposing)
{
if (_disposed)
return;
if (disposing)
{
_secPassword?.Dispose() ;
}
_disposed = true;
}
public void Dispose()
{
Dispose(true);
GC.SuppressFinalize(this);
}
~EnableClientControlModeCmd()
{
Dispose(false);
}
#endregion
}
[Cmdlet(VerbsLifecycle.Start, "AmtConfiguration",
SupportsShouldProcess = true)]
public class StartConfigurationCmd : PSCmdlet
{
public StartConfigurationCmd()
: base()
{
_ipv = Intel.Management.Mei.InternetProtocolVersionType.IPv4;
}
[Parameter(Mandatory = false, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "One Time Password")]
public string Otp
{
get { return _otp; }
set { _otp = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Internet Protocol Version")]
public Intel.Management.Mei.InternetProtocolVersionType ProtocolVersion
{
get { return _ipv; }
set { _ipv = value; }
}
[Parameter(Mandatory = false, Position = 2, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Manageablity Engine Device")]
public Intel.Management.Mei.MeDevice MeDevice
{
get { return _me; }
set { _me = value; }
}
protected override void ProcessRecord()
{
if (_me == null)
_me = new Intel.Management.Mei.MeDevice();
if (_me.StartRemoteConfiguration(_otp, _ipv == Intel.Management.Mei.InternetProtocolVersionType.Ipv6))
{
Host.UI.WriteLine("AMT configuration service started");
}
else
{
Host.UI.WriteLine("Failed to start configuration service");
}
}
string _otp;
Intel.Management.Mei.MeDevice _me;
Intel.Management.Mei.InternetProtocolVersionType _ipv;
} //end StartAmtConfigurationCmd class
[Cmdlet(VerbsLifecycle.Stop , "AmtConfiguration",SupportsShouldProcess = true)]
public class StopConfiguraitonCmd : AmtCmd
{
[Parameter(Mandatory = false,HelpMessage = "Stops the Configuation service without commiting changes")]
public SwitchParameter NoCommit
{
get { return _noCommit; }
set { _noCommit = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_SetupAndConfigurationService");
if (_noCommit)
{
IManagedInstance inputObj = refToService.CreateMethodInput("ExtendProvisioningPeriod");
inputObj.SetProperty("Duration","0");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
WriteVerbose("Configuration stopped and connection closed");
ConnectionManager.Remove(_conn);
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Internal Error");
break;
case "16":
AmtException.ThrowInvokeError(outObj, "Not Permitted");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
else
{
IManagedInstance inputObj = refToService.CreateMethodInput("CommitChanges");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
WriteVerbose("Configuration changes have been successfully committed and connection closed.");
ConnectionManager.Remove(_conn);
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Internal Error");
break;
case "38":
AmtException.ThrowInvokeError(outObj, "Flash Write Limit Exceeded");
break;
case "2057":
AmtException.ThrowInvokeError(outObj, "Data Missing");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
}
bool _noCommit;
}
[Cmdlet(VerbsCommon.Get, "AmtUri", SupportsShouldProcess = true)]
public class GetUriCmd : PSCmdlet
{
public GetUriCmd()
{
_ipv = Intel.Management.Mei.InternetProtocolVersionType.IPv4;
}
[Parameter(Mandatory = true, Position = 0, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "List of IP Addresses")]
public string[] AddressList
{
get { return _addresList; }
set { _addresList = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Use Transport layer security")]
public SwitchParameter Tls
{
get { return _useTls; }
set { _useTls = value; }
}
[Parameter(Mandatory = false, Position = 1, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Use Transport layer security")]
public SwitchParameter AcceptSelfSignedCert
{
get { return _acceptSelfSignedCertificate; ; }
set { _acceptSelfSignedCertificate = value; }
}
[Parameter(Mandatory = false, Position = 2, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Internet Protocol Version")]
public Intel.Management.Mei.InternetProtocolVersionType ProtocolVersion
{
get { return _ipv; }
set { _ipv = value; }
}
protected override void ProcessRecord()
{
string address = CredentialManager.GetAddress(_addresList, _ipv == Intel.Management.Mei.InternetProtocolVersionType.Ipv6);
address = CredentialManager.GetServiceUri(address, _useTls).ToString();
WriteObject(address);
}
Intel.Management.Mei.InternetProtocolVersionType _ipv;
bool _useTls;
string[] _addresList;
bool _acceptSelfSignedCertificate = false;
} //end GetUri clasee
[Cmdlet(VerbsCommon.Set, "AmtClock", SupportsShouldProcess = true)]
public class SetClockCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
DateTime standardTime = new DateTime(1970, 1, 1);
IManagedReference refToClock = _conn.NewReference("AMT_TimeSynchronizationService");
IManagedInstance inputObj = refToClock.CreateMethodInput("GetLowAccuracyTimeSynch");
IManagedInstance outObj = refToClock.InvokeMethod(inputObj);
if (!outObj.GetProperty("ReturnValue").ToString().Equals("0"))
AmtException.ThrowInvokeError(outObj);
uint ta0 = uint.Parse(outObj.GetProperty("Ta0").ToString());
uint tm1 = (uint)DateTime.UtcNow.Subtract(standardTime).TotalSeconds;
inputObj = refToClock.CreateMethodInput("SetHighAccuracyTimeSynch");
inputObj.SetProperty("Ta0", ta0.ToString());
inputObj.SetProperty("Tm1", tm1.ToString());
inputObj.SetProperty("Tm2", tm1.ToString());
outObj = refToClock.InvokeMethod(inputObj);
if (!outObj.GetProperty("ReturnValue").ToString().Equals("0"))
AmtException.ThrowInvokeError(outObj);
}
}// End SetClockCmd
[Cmdlet(VerbsCommon.Set, "MebxPassword", SupportsShouldProcess = true)]
public class SetMebxPasswordCmd : AmtCmd
{
[Parameter(Mandatory = true, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Mebx Password")]
public System.Security.SecureString Password
{
get { return _password; }
set { _password = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_SetupAndConfigurationService");
IManagedInstance inputObj = refToService.CreateMethodInput("SetMEBxPassword");
inputObj.SetProperty("Password",CredentialManager.GetStringFromSecureString(_password));
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
WriteVerbose("Local ME BIOS password has been changed");
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Internal Error");
break;
case "16":
WriteWarning("Changing the ME BIOS Password is not Permitted and may have already been changed.");
//AmtException.ThrowInvokeError(outObj, "Not Permitted");
break;
case "2054":
AmtException.ThrowInvokeError(outObj, "Invalid Password");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
System.Security.SecureString _password;
}
[Cmdlet(VerbsCommon.Set, "AmtHost", SupportsShouldProcess = true)]
public class SetHostCmd : AmtCmd
{
[Parameter(Mandatory = false, Position = 3, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Host Name")]
public string Name
{
get { return _amtHost; }
set { _amtHost = value; }
}
[Parameter(Mandatory = false, Position = 4, ValueFromPipeline = true, ValueFromPipelineByPropertyName = true,
HelpMessage = "Domain Name")]
public string Domain
{
get { return _amtDomain; }
set { _amtDomain = value; }
}
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToSettings = _conn.NewReference("AMT_GeneralSettings");
IManagedInstance settingsObj = refToSettings.Get();
settingsObj.SetProperty("HostName", _amtHost);
settingsObj.SetProperty("DomainName", _amtDomain);
refToSettings.Put(settingsObj);
}
string _amtHost;
string _amtDomain;
} // end SetHostCmd
[Cmdlet(VerbsLifecycle.Disable, "AmtTls",
SupportsShouldProcess = true)]
public class DiableTlsCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedInstance outputObj = null;
IManagedReference refToSetting = _conn.NewReference("AMT_TLSSettingData");
refToSetting.AddSelector("InstanceID", "Intel(r) AMT LMS TLS Settings");
IManagedInstance settingsObj = refToSetting.Get();
settingsObj.SetProperty("Enabled", "false");
settingsObj.SetProperty("MutualAuthentication", "false");
outputObj = refToSetting.Put(settingsObj);
outputObj = refToSetting.Get();
refToSetting = _conn.NewReference("AMT_TLSSettingData");
refToSetting.AddSelector("InstanceID", "Intel(r) AMT 802.3 TLS Settings");
settingsObj.SetProperty("Enabled", "false");
settingsObj.SetProperty("MutualAuthentication", "false");
outputObj = refToSetting.Put(settingsObj);
IManagedReference refToService = _conn.NewReference("AMT_SetupAndConfigurationService");
IManagedInstance inputObj = refToService.CreateMethodInput("CommitChanges");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
}
}//End Disable TLS
[Cmdlet(VerbsCommon.Remove, "AllITProfiles",
SupportsShouldProcess = true)]
public class AllITProfilesCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_WiFiPortConfigurationService");
refToService.AddSelector("Name", "Intel(r) AMT WiFi Port Configuration Service");
IManagedInstance inputObj = refToService.CreateMethodInput("DeleteAllITProfiles");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Not Supported");
break;
case "2":
AmtException.ThrowInvokeError(outObj, "Failed");
break;
case "3":
AmtException.ThrowInvokeError(outObj, "Invalid Parameter");
break;
case "4":
AmtException.ThrowInvokeError(outObj, "Invalid Reference");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
}//ent Remove All IT Wireless Profiles
[Cmdlet(VerbsCommon.Remove, "AllUserProfiles",
SupportsShouldProcess = true)]
public class AllUserProfilesCmd : AmtCmd
{
protected override void ProcessRecord()
{
base.ProcessRecord();
IManagedReference refToService = _conn.NewReference("AMT_WiFiPortConfigurationService");
refToService.AddSelector("Name", "Intel(r) AMT WiFi Port Configuration Service");
IManagedInstance inputObj = refToService.CreateMethodInput("DeleteAllUserProfiles");
IManagedInstance outObj = refToService.InvokeMethod(inputObj);
switch (outObj.GetProperty("ReturnValue").ToString())
{
case "0":
break;
case "1":
AmtException.ThrowInvokeError(outObj, "Not Supported");
break;
case "2":
AmtException.ThrowInvokeError(outObj, "Failed");
break;
case "3":
AmtException.ThrowInvokeError(outObj, "Invalid Parameter");
break;
case "4":
AmtException.ThrowInvokeError(outObj, "Invalid Reference");
break;
default:
AmtException.ThrowInvokeError(outObj);
break;
}
}
}//end Remove All User Wireless Profiles
[Cmdlet(VerbsCommon.New, "AmtWirelessProfile",
SupportsShouldProcess = true)]
public class NewWirelessProfileCmd : PSCmdlet
{
protected override void ProcessRecord()
{
WriteObject( new WirelessProfile());
}
}//end Get-ValueMap
[Cmdlet(VerbsLifecycle.Enable, "AmtTrace",
SupportsShouldProcess = true)]
public class EnableTraceCmd : PSCmdlet
{
[Parameter(Mandatory = true, HelpMessage = "File for trace output")]
public string FilePath
{
get { return _filePath; }
set { _filePath = value; }
}
[Parameter(Mandatory = false, HelpMessage = "Trace Tls Handshake")]
public SwitchParameter TLS
{
get { return _traceTls; }
set { _traceTls = value; }
}
[Parameter(Mandatory = false, HelpMessage = "Trace Wsman/XML messages")]
public SwitchParameter Xml
{
get { return _traceXml; }
set { _traceXml = value; }
}
[Parameter(Mandatory = false, HelpMessage = "Trace Http protocol headers")]
public SwitchParameter Http
{
get { return _traceHttp; }
set { _traceHttp = value; }
}
protected override void ProcessRecord()
{
DefaultTraceListener listener = new DefaultTraceListener();
listener.LogFileName = _filePath;
//Default
System.Diagnostics.SourceSwitch tSwitch = new SourceSwitch("Intel.Mangement.Wsman.Trace", "Verbose");
SchannelClient.TraceSource.Switch = tSwitch;
SchannelClient.TraceSource.Listeners.Add(listener);
WsmanConnection.TraceSource.Switch = tSwitch;
WsmanConnection.TraceSource.Listeners.Add(listener);
}
bool _traceTls;
bool _traceXml;
bool _traceHttp;
string _filePath;
}//end Enable-AmtTrace
[Cmdlet(VerbsCommon.Get, "AmtValueMap",
SupportsShouldProcess = true)]
public class GetValueMapCmd : PSCmdlet
{
[Parameter(Mandatory = true, HelpMessage = "The value list containing values")]
public ValueMap Value
{
get { return _list; }
set { _list = value; }
}
protected override void ProcessRecord()
{
string[] keys = _list.Keys;
string[] values = _list.Values;
for (int i = 0; i < keys.Length; i++)
{
WriteObject(new NameValuePairItem(keys[i], values[i]));
}
}
ValueMap _list;
}//end Get-ValueMap
}//End Nampspace