Jump to content


Search the Community

Showing results for tags 'TPM'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Cloud
    • Azure
    • Microsoft Intune
    • Office 365
    • Windows 365
  • General Stuff
    • General Chat
    • Events
    • Site News
    • Official Forum Supporters
    • Windows News
    • Suggestion box
    • Jobs
  • MDT, SMS, SCCM, Current Branch &Technical Preview
    • How do I ?
    • Microsoft Deployment Toolkit (MDT)
    • SMS 2003
    • Configuration Manager 2007
    • Configuration Manager 2012
    • System Center Configuration Manager (Current Branch)
    • Packaging
    • scripting
    • Endpoint Protection
  • Windows Client
    • how do I ?
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows Vista
    • Windows XP
    • windows screenshots
  • Windows Server
    • Windows Server General
    • Active Directory
    • Microsoft SQL Server
    • System Center Operations Manager
    • KMS
    • Windows Deployment Services
    • NAP
    • Failover Clustering
    • PKI
    • Hyper V
    • Exchange
    • IIS/apache/web server
    • System Center Data Protection Manager
    • System Center Service Manager
    • System Center App Controller
    • System Center Virtual Machine Manager
    • System Center Orchestrator
    • Lync
    • Application Virtualization
    • Sharepoint
    • WSUS

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Location


Interests

Found 6 results

  1. Hi all, First time poster, so apologise in advance if I post incorrectly. Currently building Windows 10 devices, some are upgrades from Windows 7 to Windows 10 and others are fresh Windows 10 using SCCM (MDT integrated). This works as expected, but when I log in and check TPM Administration the following message show up Reduced Functionality errors codes 0x400900 = The Device lock counter has not be created 0x2900 = The monotonic counter incremental during the boot has not been created Do I need to do something in the Task Sequence to clear the protectors or clear TPM before BitLocker is enabled Cheers all
  2. Hi all, I'm hoping that someone can help as I'm really struggling to find anyone else that's had this specific problem. When trying to build brand new HP equipment with an SCCM (MDT integrated) OSD task sequence I am seeing the following error when the machine runs the "Invoke-MbamClientDeployment.ps1" script: Failed to escrow TPM owner-auth to http://MBAMSERVER.domain/MBAMRecoveryAndHardwareService/CoreService.svc. HRESULT: 0x80280012 I've found that 0x80280012 means "There is no Storage Root Key (SRK) set." but I'm struggling to understand why this error only effects some new machines and not others even though they are all the same model and spec. We have a workaround which seems to be working every single time which is to turn on a new machine and let it run through OOBE of the shipped W10 OS then once completed, reboot the machine and PXE boot to the W10 Task Sequence. So something during the OOBE of a brand new machine seems to be creating/setting the SRK for the very first time. Does anyone have any ideas as to what might be causing this and how/when a TPM SRK is initially created? Thanks in advance, Westy
  3. I am testing what happens when users enter their bitlocker PIN wrong too many times, but cannot find a way to access the password to unlock the TPM. I believe all that is visible is a hash of it. Does anyone have any info on this? At the moment, all i can do is leave the computer logged in with recovery key and left active until the TPM reset period passes.
  4. I seem to have an issue where I cannot control the behaviour of our TPMs in our Panasonic Devices via Group Policy. I have issues where the TPMs (Manufactured by Infineon) in our Panasonic AX3s seem to lockout far too easily, previously I have not applied any group policy settings to control the behaviour of the TPMs themselves as during testing they seemed fine. Now I have tried to apply settings to set the standard user lockout threshold and maximum number of authorisations, on our Panasonic Devices I cannot seem to set these settings, its like the TPM ignores the commands from group policy. I have tried this on some Lenovo devices (TPM is manufactured by STM) built in exactly the same manner and the TPM will accept the commands. Has anyone else had this issue with these or similar devices at all?, all of our devices are built identical with the TPM being initialised during a build sequence and they are setup with Bitlocker using MBAM 2.0. Any help would be most appreciated. Thanks
  5. Hi, Let me firts explain how i inherited this: I have a TS in sccm 2007R3 that deployes windows 7 and does the following in the bitlocker steps on standalone laptops(not domain joined after ts finishes): ( password and tpm already activated and set in bios with cctk tools) Bitlocker step: 1. manage-bde -tpm -turnon 2. reboot 3. (depending on the laptop model we must manualy press "y" to activate the tpm. In our case fujitsu laptops S781. for our dell laptops this is not requierd) 4. manage-bde -tpm -takeownership <password> 5. manage-bde -protectors -add c: -tpmandpin <password> 6. default enabel bitlocker step with default values(recovery key in ad etc ) Bitlocker policy's are set via localgpo tool before bitloker step. This all works for new deployments. When reimaging these standalone laptops steps 1-4-5 fail because this has already been set. Question: 1. Is this the best way to do this? 2. Does the tpm ownership get wiped when laptops are reimaged or is this the same password? 3. Can u use the same recovery key from AD or is there a new one generated every time we reimage a laoptop? 3. Is it needed to take ownership for tpm? Keep in mind that after these laptops are imaged, users must logon with pin number and users must not be able to change bitlocker or tpm ownership/keys. thanks in advanced for ur help. Charles
  6. I am trying to enable and activate the TPM chip on the Dell machine's we have. So far I have created the CCTK package, pushed it to my DP, etc, but it keeps failing at setting the BIOS password. I have been unable to get my task sequence to complete. Everything that I have read so far seems to lead me in the same direction, and yet I can get nothing to cooperate.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.