EU, SADC in joint investment drive

Posted On Dec 19 2019 by

first_img18 April 2006The European Union (EU) and Southern African Development Community (SADC) have launched a new drive to facilitate European investor funding in 100 mining projects in the southern African region.According to Mining Weekly, this is the third mining initiative launched by the EU-SADC Investment Promotion Programme (Esipp), following similar initiatives in 1994 and 2000.Esipp, a joint EU-SADC programme designed to attract foreign investment in the region, brings together European and southern African entrepreneurs in five targeted sectors: construction and building materials, tourism, light engineering, agro-industry and mining.According to Mining Weekly, Esipp has begun the process of identifying mining projects in 12 of the SADC’s 14 member countries, with regional workshops having already taken place in Lesotho, Namibia, South Africa and Swaziland.Once identified and validated, the projects will be presented to potential EU investors at a meeting – dubbed Mines 2006 – in Lusaka, Zambia in November.In November 2005, Esipp hosted a similar investment promotion conference for the building materials and construction sector, followed by a conference for the light engineering sector in February 2006.Tourism 2006, an event taking place in Namibia in October, will bring together potential EU and SADC business partners in tourism, while projects and investors in the agro-industry sector will be catered for in 2007.SouthAfrica.info reporter Want to use this article in your publication or on your website?See: Using SAinfo materiallast_img read more


SIA takes delivery of A350-900 ULR for New York nonstop

Posted On Dec 18 2019 by

first_imgSIA’s first A350-900ULR SIA (Singapore Airlines) has taken delivery of the first Airbus A350-900ULR (ultra-long-range) aircraft from Airbus, which will operate Singapore to New York’s (Newark Liberty International Airport) non-stop on October 11.It is the first of seven A350-900ULRs on order.SIA is the launch customer for the A350-900ULR, which is capable of flying up to 9,700 nautical miles, or over 20 hours non-stop.READ: New revelations in MH350 coverage READ: Singapore Airlines New York nonstop route revealed The flight to New York will cover a distance of approximately 9,000nm (16,700km), with traveling time of up to 18 hours 45 minutes. The aircraft is configured in a two-class layout, with 67 Business Class seats and 94 Premium Economy Class seats.“This is a proud moment for both Singapore Airlines and Airbus, not only because we have again strengthened our partnership, but also because we have pushed the limits with this highly advanced new aircraft to extend long-range flying to new lengths,” said Singapore Airlines CEO, Mr Goh Choon Phong.“The A350-900ULR will bring more convenience and comfort to our customers and will enable us to operate ultra-long-range flights in a commercially viable manner. It will help us boost our network competitiveness and further grow the Singapore hub.”SIAAirbus A350-900ULR info graphicAirbus CEO Tom Enders added: “This delivery is a milestone for Airbus and Singapore Airlines, as together we open a new chapter in non-stop air travel. With its unrivaled range and step-change in fuel efficiency, the A350 is uniquely placed to meet the demand for new ultra-long haul services. The combination of the A350’s quiet, spacious cabin and SIA’s world-renowned in-flight product will ensure the highest levels of passenger comfort on the world’s very longest routes.”The first two A350-900ULRs will be used for the launch of Singapore-New York services while subsequent aircraft will be used for Singapore-Los Angeles services commencing on 2 November 2018, as well as to increase frequency on the existing Singapore-San Francisco route. By the end of 2018, SIA will link Singapore and the United States with 27 weekly non-stop flights.With the delivery of the first A350-900ULR, Singapore Airlines now has 22 A350-900 aircraft in its fleet, with 45 more on order including the six additional ULR variants.last_img read more


TIME TO PACK #SHRM14

Posted On Dec 18 2019 by

first_img#SHRM14 is just a few days away and I’m packing up for a week away with my HR buddies. I’m pretty excited for the opportunity to attend annual conference again. For me it’s like a place to recharge and get excited for the profession again. You’ll hear inspiring stuff from the keynote speakers, something you can bring back to the workplace in concurrent sessions and you’ll grow your network while you are there. You’ll have everything you need to be a great HR pro under one roof from an I “heart” HR jacket to the latest and greatest HR books to vendors for every possible thing you can think of. A quick Google of #SHRM14 will point you to some sound advice from veteran conference goers, groups from all over the country trying to connect with people in their industry, and of course party guides for making the most of your week out of the office.I just have a few notes to put you at ease before you head to Orlando this year. 1) Stop worrying about silly things like dress code. You are a grown up, wear whatever you want. 2) We are all busy, your office will survive without you. Do not be that guy that sighs and huffs and puffs between each session while you proclaim how busy you are and that you don’t understand why your managers and so on can’t make decisions without you (we can only assume it’s because you won’t let them make decisions without you when you are in the office).  3) Have a plan. You can check out all of the sessions before you get to Orlando so do it. Download the app and plan your day out, it’s not that hard-pick a session!Get out there and learn something new. Have fun in Orlando. Make new connections. Go back to the office and share what you’ve learned and follow-up with those new connections. They will prove to be useful throughout the year. Don’t be shy. Don’t waste your trip to Orlando. If you are going to #SHRM14 email me or hit me up on twitter and lets hang out! But, if you can’t find me it’s because I’m at Disney trying to pick up a gig as Belle while we are there, but one that doesn’t sing. I don’t have a good singing voice. Maybe they have a Belle job for someone that can rap? A girl can dream…To read the original blog post, please click here.last_img read more


STARS Transaction Lacked Economic Substance; Bank Not Entitled to Refund (Santander Holdings USA, Inc., CA-1)

Posted On Dec 12 2019 by

first_imgA federal district court committed reversible error when it determined that a bank was entitled to tax benefits generated by a structured trust advantaged repackaged securities (STARS) transaction. The STARS transaction lacked economic substance because it had no objective nontax economic benefit and Congress did not intend that foreign tax credits would be available for this type of generated transaction.Comment. The district court first held that payments the bank received from its U.K. counterparty were income when calculating the STARS trust transaction’s profit. Next, the district court held that, as a matter of law, the trust and loan transactions had economic substance and, therefore, the bank was entitled to interest-related deductions on expense for the loan transaction and a refund on the disallowed foreign tax credits claimed for the trust transaction and the penalties imposed by the IRS.The STARS scheme was profitable only because the bank planned to obtain U.S. tax credits; there was no other business reason to engage in the transaction. The assets in the trust never effectively left the bank’s control, nor did they perform any function when placed in the trust that they could not without the trust except for creating the tax effect that made possible the payments to the counterparty. Moreover, the trust transaction did not advance the government’s interest in encouraging U.S. taxpayers to do business abroad or in avoiding double taxation. Further, disallowing foreign tax credits for the STARS trust transaction did not interfere with the U.K.’s authority or the U.S.-U.K. tax treaty. Finally, the trust transaction provided no business for the bank. It merely furnished the counterparty with a tax benefit, which the counterparty shared with the bank. This effectively gave the bank a tax benefit of its own when combined with the anticipated foreign tax credits. Thus, the trust transaction was not a legitimate business and lacked economic substance. Salem Financial, Inc., CA-FC, 2015-1 ustc ¶50,304, followed.Reversing and remanding a DC Mass. decision, 2015-2 ustc ¶50,564.Santander Holdings USA, Inc., CA-1, 2017-1 ustc ¶50,101Other References:Code Sec. 901CCH Reference – 2016FED ¶27,826.142Tax Research ConsultantCCH Reference – TRC INTLOUT: 3,120last_img read more


Datacenter Fabric Convergence; FCoE Can Help

Posted On Dec 9 2019 by

first_img~ Ben Hacker Ethernet has been around a long time. It is a highly reliable and trusted means for interconnecting computing nodes, and above that, it has generally been the most commoditize (read: lowest cost) form of interconnect for quite some time. Broad deployment, administrator trust, and low cost have kept Ethernet as the mainstream fabric for LAN traffic for a long time. However, despite Ethernet’s strong connectivity credentials, it still comes up short in certain applications. Ethernet is what is referred to as a ‘best effort’ network. This simply means that in the real world, you will generally get pretty good performance (throughput, latency, lack of dropped packets, etc), but from time to time when there is congestion, packet drops and performance degradation can be quite a nuisance. For many applications, this doesn’t matter. If you are using email, browsing the web, or transferring files to a shared drive, the only thing you will notice is a decrease in performance, but everything will still ‘work’, and transfer properly. For some applications like storage though, this non-deterministic performance is unacceptable. If packets are dropped, or arrive out of order, storage applications have a nasty tendency to hang or crash.Because of this limitation of the standard, there have been separate fabrics used for Storage Area Networks (SANs) for quite a while. One of the main fabrics developed and used for high performance SANs is known as Fiber Channel. In order to create a Fiber Channel network, a server and storage target need to support a Fiber Channel Host Bus Adapter (FC HBA) to communicate via the Fiber Channel protocol. In addition, the switches that connect the Fiber Channel infrastructure must also be dedicated Fiber Channel switches; a standard Ethernet router cannot be used. Once in place, this SAN architecture provides a very high performance, high reliability network that is ideal (and required) for high end storage traffic, but it comes at a cost: 1) Fiber Channel HBAs are generally more expensive than their Ethernet counterparts. 2) You have to have a separate fabric in your network which also adds to your infrastructure (switch costs, and cabling costs) as well as complicates IT management. 3) Servers connected to the SAN now need to have an Ethernet adapter AND a Fiber Channel adapter. The upside to the additional cost and complexity is of course better performance, but the question has always been “Is there a better way?” I believe there is a better way, and that Fiber Channel over Ethernet (FCoE) (and importantly, the standards in IEEE that are making it possible) seems to be the logical path to solve the issue of performance on lossless performance on Ethernet, while maintaining Ethernets historical core cost advantages. ‘Best Effort’ is not good enough: The bottom line for today’s Ethernet is that it simply can’t provide the ‘lossless’ behavior that storage traffic demands; but this fact is changing. Below I will summarize at a high level some of the standards being developed in IEEE to improve the performance of Ethernet for storage applications, and how they help to mend some of the issues with Ethernet and how that helps to enable FCoE. Bandwidth Sharing, Priority Flow Control and Pause: This capability offers a method to assign priorities to different Ethernet traffic classes. From there, when congestion becomes an issue, traffic can be ‘paused’ on a per-priority basis; allowing the lower priority traffic to be halted temporarily while keeping the top priority traffic like storage running smoothly. This per-priority pause capability is really the first basic step in allowing Ethernet to provide some ‘QoS like’ Layer 2 guarantees. Congestion Notification (or Backward Congestion Notification): In addition to simply pausing individual low priority streams of traffic, congestion notification allows for a communication method to go upstream from the node and notify the offending traffic generator to throttle back its traffic and re-route as necessary. This capability is a key to the longer term development of FCoE because with only the pause capability the congestion is really just pushed up a single node in the network. In order to support FCoE storage across multiple nodes in a network, congestion notification is needed. Shortest Path Bridging: This capability is really an optimization for inter-node routing that defines the path within the network between switches. Using traditional spanning tree path algorithms will sometimes result in paths in the network that are non-optimal and incompatible with high performance storage traffic. A new algorithm to determine the shortest path between nodes will help to enable both less congestion in the network as well as fast delivery of critical packets for storage. DCB Capability Exchange Protocol (DCBX): This capability goes by several different names depending on who you talk to, but essentially what it will provide is the ability for switches on the network to exchange their capability sets with other nodes of the network. This allows for each switch to understand what others switches near it can use the Congestion Notification, Flow Control, or other features need to support this ‘Lossless Ethernet’ capability. While the list above is not meant to be all inclusive of all the new IEEE development under way for this new ‘Lossless Ethernet’ initiative, it should provide a good overview of the general push taking place and how the goal of getting to near lossless performance is going to be accomplished. Weren’t we talking about Fiber Channel? Astute users will realize that I haven’t really addressed the Fiber Channel piece of this. The above features I described only allow for Ethernet to carry certain kinds of traffic (like Fiber Channel) that require very high reliability and performance; but how do you get the Fiber Channel data onto an Ethernet frame? In today’s environment, a Fiber channel initiator on a Server system will place Fiber Channel data onto an FC HBA to send over the SAN to a storage target. All of this data is transmitted over a fiber channel network. Under the FCoE model, what you will need is a Server system that has an FCoE initiator, and on the target side, the switch connected to the target must be able to convert the data from storage target and encapsulate it into Ethernet. Beyond that, the data is transmitted over the Ethernet fabric as normal, but the features that I described above allow for the performance of Ethernet to allow a Fiber Channel application stack to function properly. This is certainly a capability that Intel has been supportive of. Ethernet is a critical piece of the computing platform, and FCoE provides a potential improvement for datacenter and storage network design. By consolidating the Fiber Channel data onto a single Ethernet wire, end user IT houses can also see several benefits: 1) Reduced the need for two physical network cards in each server. Now, a single NIC will connect to the SAN and to the normal TCP/IP data network. 2) Along with the consolidation in network cards, you also save in terms of cabling. One 10 Gigabit link can replace the old Fiber Channel fiber link and Ethernet links. 3) Reduces power consumption and cooling 4) The commoditized and low cost nature of Ethernet provides additional benefit by converging system I/O onto what will likely be the lowest cost interface over the coming years; 10 Gigabit. In summary, FCoE may be in its infancy, but the standards in final, or in process. Products are available today, and the value proposition in here. Further performance improvements and cost reductions and the proliferation of 10 Gigabit networks, as well as more choices in the future, will only further the support and interest in Fiber Channel over Ethernet in datacenter SAN applications. Links for further information:last_img read more


Intel AMT 3.2.1 Self-signed certificate issue and working around it for Microsoft System Configuration Manager SP1

Posted On Dec 9 2019 by

first_imgAfter running SelfSignedFix.vbs, you should be able to do a rediscovery of the Management Controller within SCCM and see that the AMT Status is now reflected as “Not Provision”. With the vPro Client in a “Not Provision” state, SCCM will be able to natively provision the client without issues. With the archive file decompressed, you will see two VBScripts in the folder: SelfSignedFix.vbs and ExecFromCollection.vbs. SelfSignedFix.vbs is the VBScript that will perform the remote Provision / Un-provision. To use the SelfSignedFix.vbs, there are several parameters you must supply for it to work properly: **Begin Execution 8/11/2008 8:22:12 PM*************************Connecting to https://sccmsp1.vprodemo.com/wstrans/setup/eoi20/192.168.0.100/wsmanUnable to connect to AMT Device: 192.168.0.100**End Execution 8/11/2008 8:22:12 PM*************************This error can occur for a variety of reasons. Some common causes of this error are: ExecFromCollection.vbs will cycle through each enumerate member in the collection and execute SelfSignedFix.vbs VBScript against it. Prior to running ExecFromCollection.vbs, you need to ensure that the SelfSignedFix.vbs VBscript and ExecFromCollection.vbs VBscript are located in the same folder. Screen Output: Whether (Y) or not (N) to display the Provisioning / Un-provisioning output on the console screen. The script will connect to the Intel WS-MAN Translator listening on https://sccmsp1.vprodemo.com/ to perform the Provision / Un-provision on vpro-client.vprodemo.com. c:\temp\vpro-client.vprodemo.com.log will be generated with the results of the provision / un-provision and those results will not be displayed on console.!http://communities.intel.com/openport/servlet/JiveServlet/downloadImage/38-11443-1769/4.JPG! Remote Provision / Un-provisionTo perform a Provision / Un-provision remotely on the vPro Client, the community has created a visual basic script that will perform the function remotely. In an attempt to reduce the complexity, the VBScript leverages the Intel WS-MAN Translator to provide the authentication and remote configuration connection. To leverage this remote Provision/Un-provision capability, you must have the Intel WS-MAN Translator installed and configured prior to executing the VBScript. Please visit the following Blog to learn how to install and configure the Intel WS-MAN Translator.The VBScript and guide can be download from the following location (http://communities.intel.com/docs/DOC-1850) and contents can be decompressed to a folder on either your SCCM server or on workstation that you want to run the script from. Please note that you must have WINRM basic authentication switched to “true” on the computer you are planning to run the VBscript from; WINRM Basic Authentication is required for connections to the Intel WS-MAN Translator to work properly. To turn WINRM Basic Authentication to true, run the following command from the command line:winrm set winrm/config/client/auth @{Basic=”true”} Within the MEBx Menu, select “Change Intel(R) ME Password”. **Begin Execution 8/11/2008 8:22:22 PM*************************Connecting to https://sccmsp1.vprodemo.com/wstrans/setup/eoi20/192.168.0.101/wsmanSetting AMT ClockSetting HostNameSetting TLS settingsSetting new MEBx PasswordCommitChangesCommitChanges_OUTPUTReturnValue = 2057 When returned to the Intel(R) AMT Configuration Menu, select “Unprovision” After performing the local Provision / Un-provision, you should be able to do a rediscovery of the Management Controller within SCCM and see that the AMT Status is now reflected as “Not Provision”. With the vPro Client in a “Not Provision” state, SCCM will be able to natively provision the client without issues. Although fairly simplistic, one of key disadvantages of locally provisioning and un-provisioning the vPro Client is that you will need to have physical (touch) access. When you edit your task sequence, add a new “General”-> “Run Command Line” task. Automating the execution of SelfSignedFix.vbs within SCCMTo avoid having to run SelfSignedFix.vbs on each impacted system individually, there are a couple of automated procedures you can perform depending on what is right for your environment. To identify and isolate the vPro Clients that are impacted by the invalided Self-signed Certificate, you can create a SCCM Collection using the following criteria “Select * from sms_r_system where AMTStatus=1”; this will automatically bucket all the vPro Clients listed as AMTStatus Detected in a single collection for easy identification. vPro Client is not accessible on the network BackgroundvPro Clients that are experiencing the issue will show up as AMT Status “Detected” within the Collection View after a Management Controller discovery and will exhibit with the following error in the amtopmgr.log: Intel WS-MAN Translator URL: This is the secure URL on which the Intel WS-MAN Translator is listening When presented, ensure you select “Full Unprovision” and press enter Create a New Task Sequence and give it a name that is easily recognizable. Make sure you create the Task Sequence with the option of “Create a new custom task sequence”. When returned to the MEBx Menu, select “Exit” During SCCM Management Controller DiscoveryError 0x80090308 returned by InitializeSecurityContext during follow up TLS handshaking with server.Error 0x6fcb970 returned by ApplyControlToken*During a SCCM Provisioning attempt*Error 0x80090308 returned by InitializeSecurityContext during follow up TLS handshaking with server.Error 0x261b948 returned by ApplyControlToken When presented with “Are you sure you want to exit: (Y/N)”, enter “Y” If you have not changed the default admin password already, login in with “admin” as the password. If you have already changed the MEBx password, log in with the password you changed it to The script will connect to the Intel WS-MAN Translator listening on https://sccmsp1.vprodemo.com/ to perform the Provision / Un-provision on client located at IP address 192.168.0.101. 192.168.0.101.log file will be generated in the current working directory that the script was ran from with the results of the provision / un-provision and those results will be displayed on console.!http://communities.intel.com/openport/servlet/JiveServlet/downloadImage/38-11443-1771/6.JPG! The Hostname, FQDN, or IP Address of the vPro Client: This is the vPro Client that is having the issue with the Self-signed Certificate and needs to be Provisioned / Un-provisioned Local Provision / Un-provisionTo performing a Provision / Un-provision locally on the vPro Client Once the constants have been modified within ExecFromCollection.vbs, you can execute the VBscript by running the following Command Line: Log File Location: This is the folder or share where the results of the provision / un-provision will be logged for the client. Note that SelfSignedFix.vbs script will automatically create a new log with the filename of the hostname, FQDN, or IP Address you used as the previous parameter. When presented with “Intel (R) New ME Password”, Enter in the same password you configured in SCCM Component Configuration -> Out Of Band Management -> General Tab -> MEBx Account. The script will connect to the Intel WS-MAN Translator listening on https://sccmsp1.vprodemo.com/ to perform the Provision / Un-provision on vpro-client.sccmsp1\certfix$\error logs\vpro-client.log will be generated with the results of the provision / un-provision and those results will be displayed on console.!http://communities.intel.com/openport/servlet/JiveServlet/downloadImage/38-11443-1770/5.JPG! As a general reference, you can only change the MEBx password remotely once and only if the vPro Client is in a factory default state (never been provisioned). Since this VBScript remotely provisions and un-provisions the vPro client, we must set the MEBx password during this provisioning process. To Change the MEBx password, open SelfSignedFix.vbs with any text editor and modify (line 19) with your environment specific information:Const SCCMMEBxPassword = “[email protected]” to Const SCCMMEBxPassword = “<your SCCM MEBx password>” Allow vPro Client to reboot fully In preparation of creating a task sequence, create a remote share on a server where the SelfSignedFix.vbs will be run from and the log files generated from SelfSignedFix.vbs will be stored. Ensure sufficient permissions are granted to the account running the advertisement. For step by step instructions on how to create the collection for vPro Clients with the AMT Status of Detected, please reference the guide included with the scripts.Once you have the impacted vPro Clients in a single collection, you can either use SCCM Advertisements to push and execute SelfSignedFix.vbs from the client or you can use the included ExecFromCollection.vbs to connect directly to collection and execute SelfSignedFix.vbs on an enumerated list of members in that collection.Critical Note: Before proceeding to use one of these large execution methods, it is recommended that you test your configuration (both SelfSignedFix.vbs and Intel WS-MAN Translator) by testing on a few impacted system individually first. Once you run SelfSignedFix.vbs steps above on these select impacted vPro Clients, you need to ensure you are able to natively provision the client within SCCM before you move onto a more automated implementation. cscript SelfSignedFix.vbsvpro-client “sccmsp1\certfix$\error logs” Ycenter_img vPro Client is already provision SMSSITECODE : This is your SMS Site Code Note:  The Self Signed Certificate issue was corrected with AMT firmware 3.2.2.  Please work with your OEM to secure the 3.2.2 firmware update.  — Matt RoyerSummaryAn issue has been identified that may cause the remote configuration provisioning process to fail when using Microsoft System Center Configuration Manager (SCCM) on systems that have been upgraded from Intel AMT 3.x firmware to 3.2.1 firmware. The Self-signed certificate used to establish the initial PKI provisioning (Remote Configuration) connection is being read as invalid, which causes this failure.The recommended resolution is to perform a provision and un-provision of the system to regenerate the Self-signed certificate. This resolves the certificate being read as invalid and prepares the PC to be provisioned successfully by SCCM. This can be accomplished locally at the PC or remotely from the console. Both scenarios are documented in detail below but local provision/un-provision will require entering the Management Engine BIOS Extension (MEBx) screen at the local machine. To perform this action remotely, the community has developed a software-based script to execute a remote provision/un-provision. The script should be run for vPro clients experiencing this issue prior to SCCM provision. Once the script is executed, the vPro clients can then be natively provisioned by SCCM. When returned to the Intel(R) AMT Configuration Menu, select “Return to Previous Menu” cscript SelfSignedFix.vbs192.168.0.101 “” Y After running SelfSignedFix.vbs VBscript via the advertisement, you should be able to do a rediscovery of the Management Controller within SCCM and see that the AMT Status is now reflected as “Not Provision”. With the vPro Client in a “Not Provision” state, SCCM will be able to natively provision the client without issues. For any vPro Clients that remain in a Detected state, review the log file and isolate the root of their issue.Note: Depending on your Client OS configuration, it may be necessary to set WINRM basic authentication to “true” prior to execution SelfSignedFix.vbs; this can be accomplished by add winrm set winrm/config/client/auth @{Basic=”true”} command line task prior to the execution of SelfSignedFix.vbs.This blog was intended to give you a general understanding of the issue and the work arounds that are in place. For a comprehensive step-by-step guide, please refer to the documentation included with Remote Provision / Un-provision Script archive file. To download the Scripts and the Guide, please visit the following URL: http://communities.intel.com/docs/DOC-1850–Matt Royer Using ExecFromCollection.vbsExecFromCollection.vbs is a VBscript that will connect to a desired collection, enumerate the list of members in the collection, and execute SelfSignedFix.vbs VBScript against each member in the collection. Prior to using ExecFromCollection.vbs, you must first change the SMSSiteCode, SMSServer, SMSCOLLECTION, and WSTransURL constants. To modify the required constants, open up ExecFromCollection.vbs with any text editor and change the following values with entries specific to your environment (Make sure you save your changes). Remote Admin password for the vPro Client has already been changed from the factory default. If the remote admin password has been changed, you can modify SelfSignedFix.vbs with the correct password.!http://communities.intel.com/openport/servlet/JiveServlet/downloadImage/38-11443-1772/7.JPG! Critical Note: Prior to executing the SelfSignedFix.vbs, it is imperative that you change the MEBx password in the SelfSignedFix.vbs VBScript to match what is configured in SCCM Component Configuration -> Out Of Band Management -> General Tab -> MEBx Account. Note: An AMT Status of “Detected” can occur for a variety of reasons; in general it means that the SCCM Out of Band Service Point is unable to establish an initial connection with the AMT client. This scenario can also occur when the computer has been previously provisioned for AMT outside Configuration Manager and the password for the AMT Remote Admin Account or the MEBx Account has been changed and is unknown.When trying to provision a vPro Client that has a firmware version less than 3.2.1 that is impacted with the Self-signed Certificate issue, SCCM will forward the request to the Intel WS-MAN Translator (which is required for provisioning and management of a vPro Client less than 3.2.1.) The Intel WS-MAN Translator will handle provisioning the vPro client despite the invalid Self-signed Certificate. The steps listed below should not be required for firmware versions less than 3.2.1 if you have the Intel WS-MAN Translator installed and properly configured.As an interim workaround for vPro Clients 3.2.1 experiencing the issue, you can either locally (through the MEBx) or remotely provision and un-provision the AMT client. The un-provisioning process will regenerate a new Self-signed Certificate within the AMT Management Engine, after which, SCCM can natively use this newly generated certificate to establish the initial secure connection during the provisioning process.Provisioning via Pre-Shared Key (PSK) is not impacted by the Self-signed Certificate issue; however, to leverage PSK provisioning you will need to install / configure the Intel WS-MAN Translator and load the PID/PPS pair into the vPro client. PID/PPS configuration within the vPro client requires either manual configuration via Management Engine BIOS Extension (MEBx) or One Touch Provisioning through USB key import. Log into the MEBx by pressing Ctrl-P during POST When presented with “Change to Intel(R) AMT 1.0 Mode: (Y/N)”, enter “N” When presented with “Verify Password”, re-enter the password. Give the task an appropriate name and in the Command Line field enter in:cscriptserver\share\SelfSignedFix.vbs %COMPUTERNAME% “server\share” N… whereserver\share is the remote share that you created and https://wsmantransurl/ is the secure URL of your Intel WS-MAN Translator. %COMPUTERNAME% is an OS environment variable that will give you the hostname of the client.!http://communities.intel.com/openport/servlet/JiveServlet/downloadImage/38-11443-1766/12.JPG! From the MEBx Menu, select “Intel(R) AMT Configuration” In either case, you will need to root cause why the vPro Client was not remotely accessible to be provisioned / un-provisioned. You can then run SelfSignedFix.vbs at a later time to retry and remotely provision / un-provision. SMSSERVER : This is the FQDN of you SMS Site Server UnprovisionPartialUnprovision_OUTPUTReturnValue = 0**End Execution 8/11/2008 8:22:30 PM*************************In an event that vPro Client is inaccessible to be remotely provisioned / un-provisioned, the error log will look like the following: SMSCollection : This is the SMS Collection ID that you want to enumerate the list of vPro Clients from. You can find the Collection ID of a particular collection by right clicking on the collection and select “Properties”; the Collection ID will be at the bottom of the General Tab!http://communities.intel.com/openport/servlet/JiveServlet/downloadImage/38-11443-1774/9.JPG! WSTransURL : This is the secure URL in which the Intel WS-MAN Translator is listening on cscript SelfSignedFix.vbsvpro-client.vprodemo.com c:\temp N cscript ExecFromCollection.vbs With the MEBx Password modified, here are some examples of how the SelfSignedFix.vbs can be run from the command line: Provision / Un-provision LogSimilar to what is displayed in the previous screen shots, a successful remote Provision / Un-provision log will look like the following: When presented with “Change to Small Business : (Y/N), enter “Y” When presented with “Reset Intel(R) AMT Provisioning: (Y/N), enter “Y” Within the Intel(R) AMT Configuration Menu, select “Provision Model” Note: If you have already changed the MEBx password, the MEBx password will not changed; however, you should still change the SCCMMEBxPassword in SelfSignedFix.vbs VBScript to match your SCCM Configuration in case you run into a vPro Client where you have not changed the MEBx password yet. Using SCCM Advertisement to Execution SelfSignedFix.vbsIn terms of leveraging SCCM Advertisements to push the SelfSignedFix.vbs down to the client and execute it, there are several different ways this could be done. This example simply pulls the SelfSignedFix.vbs off a remote share which is then executed by a SCCM Task Sequence. When the advertisement is picked up by the SCCM Client Agent, the task sequence is executed and SelfSignedFix.vbs is run on the vPro Client machine. Depending on your environment, you may want to leverage alternative methods of deploying and executing this with a SCCM Advertisement. Please note, that the SelfSignedFix.vbs is not performing any provision / un-provision commands locally on the client; although it is running on the local client, the provision / un-provision commands are being routed to the Intel WS-MAN Translator and then the commands are sent back down to the vPro client from the Intel WS-MAN Translator. Once the task sequence is created, you can advertise the task sequence on a Collection you created for just the AMT Detected vPro Clients. After running ExecFromCollection.vbs VBscript, you should be able to do a rediscovery of the Management Controller within SCCM and see that the AMT Status is now reflected as “Not Provision”. With the vPro Client in a “Not Provision” state, SCCM will be able to natively provision the client without issues. For any vPro Clients that remain in a Detected state, review the log files to help isolate the root of their issue. For step- by-step instructions on using ExecFromCollection.vbs, please reference the Guide included in the download package. Depending on your advertisement mandate, the next time the client’s SCCM agent pulls down an updated policy it will execute the task sequence.last_img read more


‘Mourinho can only blame himself for Man Utd failure’

Posted On Nov 20 2019 by

last_img


Firefighters at the Scene of a 1acre Blaze in La Jolla

Posted On Sep 17 2019 by

first_img July 21, 2018 KUSI Newsroom Firefighters at the Scene of a 1-acre Blaze in La Jolla Categories: Local San Diego News, Wildfires FacebookTwitter Updated: 9:56 PMcenter_img 00:00 00:00 spaceplay / pause qunload | stop ffullscreenshift + ←→slower / faster ↑↓volume mmute ←→seek  . seek to previous 12… 6 seek to 10%, 20% … 60% XColor SettingsAaAaAaAaTextBackgroundOpacity SettingsTextOpaqueSemi-TransparentBackgroundSemi-TransparentOpaqueTransparentFont SettingsSize||TypeSerif MonospaceSerifSans Serif MonospaceSans SerifCasualCursiveSmallCapsResetSave SettingsSAN DIEGO (KUSI) – Firefighters were battling another brush fire in a La Jolla Canyon Saturday afternoon, a fire official said.The fire broke out around 2:10 p.m. in a canyon between Caminito Genio and Rutgers Road, according to the San Diego Fire-Rescue Department.The fire was estimated at about 1 acre as of 3:15 p.m., and both air and ground crews were being deployed in attempt to quell the flames, fire department spokeswoman Monica Munoz said.There are homes on either side of the canyon, but none of them were considered to be threatened.No evacuations were in effect as of 4:30 p.m.Containment percentage has not been estimated; however, we have been informed by officials that their crews would be performing mop up for an additional 4-5 hours. KUSI Newsroom, Posted: July 21, 2018last_img read more


Earlymorning quake in Baja California felt in San Diego

Posted On Sep 17 2019 by

Union to make announcement on possible grocery strike

Posted On Sep 17 2019 by

first_img KUSI Newsroom, Union to make announcement on possible grocery strike SAN DIEGO (KUSI) – Union leaders plan to announce Monday whether grocery workers in San Diego County and the rest of Southern California will go on strike against Ralphs, Vons, Albertsons and Pavilions.Raising the threat of the first Southland grocery strike in nearly 16 years, the workers on Wednesday overwhelmingly authorized their union’s plan to call for a work stoppage unless a contract agreement can be reached.“Southern California grocery workers voted in large numbers, and overwhelmingly rejected the unfair terms that have been proposed by Ralphs, Albertsons and Vons,” said John Grant, president of United Food and Commercial Workers Local 770.The voting was conducted Monday and Tuesday, Grant said. Exact tallies of the vote were not immediately released, but UFCW Local 770 leaders said they would announce a decision at 4:30 p.m. Monday.Albertsons/Vons/Pavilions issued a statement saying, “The outcome of the strike authorization vote does not change anything related to this process. We remain committed to negotiating a contract that is fair to all parties, including our employees, and will continue to work to achieve that.”Ralphs issued a similar statement and said, for now, “it is business as usual in Ralphs stores.”The strike authorization vote means union negotiators have the power to call for a strike, if deemed necessary, but it does not automatically mean a walkout will occur.Meetings are pending this week involving the Los Angeles County Federation of Labor to discuss authorizations for the member unions to honor possible picket lines, Grant said.The next bargaining sessions involving the union and the companies are scheduled for July 10, 11, and 12, Grant said.The contract between the union and the companies expired in March. That pact was approved by workers in 2016 and included annual raises for most workers, along with increased pay for entry-level cashiers and concessions on holiday pay and retirement age, union officials said at the time.On Wednesday, union officials said the most recent contract offer made by the grocery companies included wage increases of less than 1 percent and nearly 25 percent cuts in cashier wages.The labor dispute raises fears of a repeat of the 2003-04 Southland grocery strike that dragged on for 141 days. That work stoppage was estimated by some analysts to have cost the supermarket chains as much as $2 billion, with locked-out workers losing $300 million in wages. July 1, 2019 Categories: California News, Local San Diego News FacebookTwitter Posted: July 1, 2019 KUSI Newsroom last_img read more