haawarrior.blogg.se - Shogun 2 update blog

The approach described below tries to find a common denominator for two different vendors and works for me. Note: As mentioned before, there are a few different ways which can be used to accomplish TPM switching task. Accompanying PowerShell scripts should be easily adaptable to your needs.

I will showcase how TPM switching can be accomplished using Microsoft Deployment Toolkit. systems TPM AutoProvisioning needs to be enabled so that OS may attempt to re-take ownership of the TPM.ĭepending on your remote deployment solution, your approach can vary. Run the appropriate utility to change the TPM mode.Clear the TPM owner (On HP systems you may need to re-enable the TPM in the BIOS).systems TPM AutoProvisioning needs to be disabled in the OS to proceed with the update. For Dell platforms that support TPM mode changes, the output from PowerShell should include: ManufacturerVersion: 5.81 (1.2 mode), or 1.3 (2.0 mode).Īssuming the platform supports mode changes and TPM is operating in legacy mode:.For HP platforms that support TPM mode changes, the output from PowerShell should include: ManufacturerVersion: 6.40, 6.41, and 6.43 (1.2 mode), or 7.40, 7.41, 7.60, and 7.61 (2.0 mode).Detect mode switch capability using PowerShell by running following command (Get-TPM).ManufacturerVersion:.Let's take a look at high level steps that are required to switch modes, which can be automated for remote deployment: During the TPM mode change process, Bitlocker TPM key protection may be suspended temporarily using the mangebde.exe -disable switch, without decrypting the contents on the encrypted drive.The TPM update utility will also run in WinPE (with TPM Base Services enabled).systems you will need to disable this functionality for the duration of the update process. On Windows 10, the OS will automatically take ownership of TPM on the next boot (TPM AutoProvisioning).Bitlocker re-provisioning scenario is supported.Īdditional consideration for Dell Inc. To avoid a complete loss of data, OS drive must be fully decrypted before performing TPM upgrade.For security reasons, physical presence is required by HP BIOS team.The utility can only be run in full OS.TPM can be converted between TPM 1.2 and TPM 2.0 up to a maximum of 64 times.

If the TPM is owned, you have to clear the TPM before proceeding.

The TPM must be ON and Enabled in BIOS Setup, and the TPM must not be owned.

Windows 10 requires GPT partition style when using TPM 2.0.

In order to upgrade to TPM 2.0, you may need to update system's BIOS to the latest version.

Let's take a look first at important considerations before you attempt to upgrade TPM firmware: I recommend converting TPM during OSD before Bitlocker is enabled.