Manualshelf

Product guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED
151152153154155156157158159160
c
Add Domain Computers if it's not listed, then allow these permissions for the Domain Computers group.
Full Control
Read
Special Permission
8
Close the Component Services page.
Self-signed configuration certificates
When using self-signed Certification Authority to create the configuration certificate, consider these
points.
Its root hash must be entered into each AMT system that is configured. It can be done at the time
of manufacture or entered manually using the Intel
®
Management Engine BIOS Extension interface.
A certificate template must be created first. The computer template available in the Microsoft
Certification Authority can be duplicated.
The Object Identifier 2.16.840.1.113741.1.2.3 must be added in the Enhanced Key Usage section of
the template.
A certificate request is sent to the self-signed CA with the FQDN of the configuration server in the
Subject Name.
The CA uses this template to generate the certificate, which is then saved on the configuration
server.
A
Additional information
Self-signed configuration certificates
160
McAfee ePO Deep Command 2.1.0 Product Guide