TPM unable to change between 1.2 or 2.0 because TPM is owned

TPM unable to change between 1.2 or 2.0 because TPM is owned



Summary: You are unable to switch between Trusted Platform Model (TPM) 1.2 and 2.0 on a Windows 10 system due to TPM ownership.


TPM ownership in Windows 10

Every time that a Windows 10 system with TPM is restarted, Windows 10 will take ownership of the TPM automatically unless Windows 10 is specifically instructed not to take ownership.

The process of upgrading to TPM 2.0 or downgrading to TPM 1.2 requires that ownership be released prior to the change.




How to prevent automatic TPM ownership

These instructions will prevent Windows 10 from automatically re-taking ownership of TPM:

  1. Run PowerShell as an Administrator: (Type PowerShell in the Search box, right-click PowerShell on the menu, click Run as Administrator.(See Figure 1.)

    Opening PowerShell
    Figure 1. Opening PowerShell

  2. In Powershell run the following command: Disable-TpmAutoProvisioning the press the Enter key. (See Figure 2.)

     Disabling TPM Auto-provisioning in PowerShell
    Figure 2. Disabling TPM Auto-provisioning in PowerShell.

  3. If Dell Data Protection (DDP) is installed, you will need to complete these additional steps:
    1. Open the Services Desktop App (Type services.msc in the search box, then press the Enter key)
    2. Set the DellMgmtAgent Windows service to Disabled
    3. Stop the DellMgmtAgent Windows service
    4. Set the DellMgmtLoader Windows service to Disabled
    5. Stop the DellMgmtLoader Windows service
    6. Proceed with clearing the TPM

  4. In the search box, type the command: tpm.msc then press the Enter key to open the TPM management console. (See figure 3.)

    v
    Figure 3. TPM Management Console

  5. Choose the Clear TPM option.
  6. The system will restart and then power off, then power on again.
  7. Do not enter the BIOS, let the boot back to Windows.
  8. Run the Dell TPM 1.2 firmware utility or Dell TPM 2.0 firmware utility with the AC adapter connected to the system.
  9. If Dell Data Protection (DDP) is installed, you will need to complete these additional steps:
    1. Set the DellMgmtLoader Windows service to Automatic
    2. Start the DellMgmtLoader Windows service
    3. Set the DellMgmtAgent Windows service to Automatic
    4. Start the DellMgmtAgent Windows service

Optional

You can run the following command using the command line to determine if TPM is owned. (CTRL+R type cmd, then right click cmd.exe and run as administrator)

Type: Wmic /namespace:\\root\CIMV2\Security\MicrosoftTpm path Win32_Tpm get /value then press the Enter key. (See Figure 4.)

TMP ownership status
Figure 4 - TPM ownership status



Article ID: SLN302620

Last Date Modified: 09/19/2019 04:31 PM


Related Articles

Rate this article

Accurate
Useful
Easy to understand
Was this article helpful?
Yes No
Send us feedback
Comments cannot contain these special characters: <>()\
Sorry, our feedback system is currently down. Please try again later.

Thank you for your feedback.