question

Dave-5945 avatar image
1 Vote"
Dave-5945 asked AleksanderKsiazek-6738 published

Trusted Platform Module - Key Attestation not working

Dear Community,

I've been on this for several days now and i just can't get it to work. So my hope lies with you guys! :-)

My issue is the following:
- I have a Intel NUC with a TPM 2.0 device.
- I try to use Auto-Deployment with Shared Multi-user Device.
- I imported the HWID.csv with the correct hash into MS Endpoint Manager.

When i startup the computer it goes into OOBE correctly but it stops at ... with error.

After some research it appears to be something with the TPM module.

What i've tried so far:
- Checked for a new firmware upgrade of the TPM device. There is none.
- Cleared TPM so many times i can't remember.
- Bios settings set at Secure Boot
- Played with secure boot settings, tried ALL possible settings.
- Did every possible TPM powershell command to fiddle with TPM settings.

The weird part is this. When i go to "Settings - Security - Device Security - Security Processor", it says that storage is Ready but Attestation is 'Not Supported'. But when i go to Powershell and use the command 'Get-TpmSupportedFeature' it says 'Key Attestation'. So which is it? Is it supported or not :-S...

Does anyone have an idea how to proceed on this matter?




windows-10-security
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi

I'm currently working with your case, and i will get back to you as soon as possible.

Mulder

0 Votes 0 ·

Hi,

You could accept the useful reply as answer if you want to end this thread up.
If there is anything else i can do for you, please feel free to post in the forum.

Mulder

0 Votes 0 ·

Hi,

I would like to check if the issue has been fixed? If yes, please help accept answer, so that others meet a similar issue can find useful information quickly. If you have any other concerns or questions, please feel free to feedback.

Mulder

0 Votes 0 ·

Did this get resolved?

just bought a bunch of Dell XPS 9510s and 2 of them presented this issue out the box on Windows 11

0 Votes 0 ·
JiangZhang-MSFT avatar image
0 Votes"
JiangZhang-MSFT answered

Hi,

If you are facing this issue on windows machine, please provide a detailed description of your machine’ OS version? Is that a win10 or windows server 2016 or any other version?

If it is not windows-related, based on my research, you may find a solution referring to the following link.

https://trustedcomputinggroup.org/wp-content/uploads/TCG_IWG_DevID_v1r2_02dec2020.pdf

Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.


Best Regards,
Mulder Zhang


If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JohanValstar-7124 avatar image
1 Vote"
JohanValstar-7124 answered AleksanderKsiazek-6738 published

I have the same, I'm running now on Windows 11.

Powershell gives:
PS C:\Windows\System32> Get-TpmSupportedFeature
key attestation
PS C:\Windows\System32>

169089-image.png



Details of the windows version:
Edition Windows 11 Pro
Version 21H2
Installed on ‎27-‎1-‎2022
OS build 22000.469
Experience Windows Feature Experience Pack 1000.22000.469.0



image.png (23.6 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi.
I have the same problem with this chip. Do you resolve that problem?

0 Votes 0 ·
Qpvatans-8521 avatar image
0 Votes"
Qpvatans-8521 answered Qpvatans-8521 published

185316-screenshot-6.png

same


screenshot-6.png (22.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.