TPM WMI Provider

Applies To: Windows Server 2008 R2

The Trusted Platform Module (TPM) Windows Management Instrumentation (WMI) provider is a component of Windows that allows access to management and configuration information for the TPM by means of WMI.

A TPM is a hardware component of the computer that has security features to perform cryptographic operations, store cryptographic keys, generate random numbers, record measurements of platform components like the BIOS or software components, and so forth. Software applications can use TPM features to provide solutions with enhanced security. BitLocker Drive Encryption can use the TPM to seal a cryptographic key so that it can be accessed only if platform components have the same measurement as when the key was sealed.

The TPM Management Console, BitLocker Setup Wizard, and the manage-bde.wsf command-line tool use the TPM WMI provider when configuring BitLocker. If Windows is configured by local policy or Group Policy settings to automatically back up the TPM owner password, the TPM Management Console or BitLocker Setup Wizard will use the TPM WMI provider to perform the backup.


The following is a list of all aspects that are part of this managed entity:

Name Description

TPM Owner Password Backup

Owner password information for the Trusted Platform Module (TPM) can be automatically backed up to Active Directory Domain Services (AD DS). This password allows an administrator to remotely manage the TPM. For more information, see "Configuring Active Directory to Back up Windows BitLocker Drive Encryption and Trusted Platform Module Recovery Information" (

Core Security