ACM activation only possible when MEBx DNS suffix and RPS domain suffix matches 1:1

[sfmadrig]

Describe the bug
When activating ACM. Activation fails due to RPS not able to match 1:1 MEBx domain suffix and partition's domain suffix added using the POST /domain API. According to the AMT spec, it should be enough if at least the first two segments of a FQDN matches. i.e. domain.com. However, RPS is expecting to match the whole domain suffix including all the segments. For example, if RPS domain suffix is domain.com and MEBx domain suffix is foo.domain.com, activation will fail with the message: "Device xxxx-xxxx-xxxx-xxxx-xxxx activation failed. Specified AMT domain suffix: foo.domain.com does not match list of available AMT domain suffixes."

Steps to reproduce

• Create domain with only the two segments of a FQDN. For example: domain.com
• Set PKI DNS suffix in MEBx to a larger domain. For example: foo.domain.com
• Activate ACM

Actual result
Activation fails because DNS suffix doesn't match 1:1

Expected Behavior
Activation is successful if at least the two major domain segments match

AMT Device:

• OS: Windows
• AMT Version: 18+
• AMT Configuration: ACM
• Network Configuration: Wired & Wireless DHCP

Service Deployment:

• RPS 2.29.0

[madhavilosetty-intel]

This issue has been resolved and is available in v2.32.2.

Fix PR: device-management-toolkit/rps#2622