0% found this document useful (0 votes)

251 views

Powershell Commandlets - TrustedPlatformModule

Powershell Commandlet Reference for the TrustedPlatformModule module.

Uploaded by

leslewis65

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

251 views

Powershell Commandlets - TrustedPlatformModule

Powershell Commandlet Reference for the TrustedPlatformModule module.

Uploaded by

leslewis65

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 31

Powershell Commandlet Reference

TrustedPlatformM
odule

By Les Lewis

This is a reference of listing of the full commands and switches found

within the referenced Powershell app. It is the same found in it’s Get-Help
command, just cleaned up into an easier to read format.
Contents
Clear-Tpm ................................................................................................................................................... 6
SYNOPSIS ............................................................................................................................................... 6
SYNTAX .................................................................................................................................................... 6
DESCRIPTION ......................................................................................................................................... 6
PARAMETERS ........................................................................................................................................... 6
INPUTS .................................................................................................................................................... 7
OUTPUTS.................................................................................................................................................. 7
Example 1: Reset TPM.................................................................................................................. 7
Example 2: Reset TPM with a supplied authorization value ................................... 7
Example 3: Reset TMP using authorization value from file ................................... 8
RELATED LINKS .................................................................................................................................... 8
ConvertTo-TpmOwnerAuth ......................................................................................................................... 9
SYNOPSIS ............................................................................................................................................... 9
SYNTAX .................................................................................................................................................... 9
DESCRIPTION ......................................................................................................................................... 9
PARAMETERS ........................................................................................................................................... 9
INPUTS .................................................................................................................................................... 9
OUTPUTS.................................................................................................................................................. 9
Example 1: Convert to owner authorization value ..................................................... 10
RELATED LINKS .................................................................................................................................. 10
Disable-TpmAutoProvisioning ................................................................................................................... 11
SYNOPSIS ............................................................................................................................................. 11
SYNTAX .................................................................................................................................................. 11
DESCRIPTION ....................................................................................................................................... 11
PARAMETERS ......................................................................................................................................... 11
INPUTS .................................................................................................................................................. 11
OUTPUTS................................................................................................................................................ 11
Example 1: Disable auto-provisioning ............................................................................. 12
Example 2: Disable auto-provisioning for next restart ........................................ 12
RELATED LINKS .................................................................................................................................. 12
Enable-TpmAutoProvisioning ................................................................................................................... 13
SYNOPSIS ............................................................................................................................................. 13
SYNTAX .................................................................................................................................................. 13
DESCRIPTION ....................................................................................................................................... 13
PARAMETERS ......................................................................................................................................... 13
INPUTS .................................................................................................................................................. 13
OUTPUTS................................................................................................................................................ 13
Example 1: Enable auto-provisioning ............................................................................... 14
RELATED LINKS .................................................................................................................................. 14
Get-Tpm .................................................................................................................................................... 15
SYNOPSIS ............................................................................................................................................. 15
SYNTAX .................................................................................................................................................. 15
DESCRIPTION ....................................................................................................................................... 15
PARAMETERS ......................................................................................................................................... 15
INPUTS .................................................................................................................................................. 15
OUTPUTS................................................................................................................................................ 15
Example 1: Display TPM information ................................................................................. 16
RELATED LINKS .................................................................................................................................. 16
Get-TpmEndorsementKeyInfo .................................................................................................................. 17
SYNOPSIS ............................................................................................................................................. 17
SYNTAX .................................................................................................................................................. 17
DESCRIPTION ....................................................................................................................................... 17
PARAMETERS ......................................................................................................................................... 17
INPUTS .................................................................................................................................................. 17
OUTPUTS................................................................................................................................................ 17
Example 1: Get endorsement key information ................................................................ 18
RELATED LINKS .................................................................................................................................. 18
Get-TpmSupportedFeature ....................................................................................................................... 19
SYNOPSIS ............................................................................................................................................. 19
SYNTAX .................................................................................................................................................. 19
DESCRIPTION ....................................................................................................................................... 19
PARAMETERS ......................................................................................................................................... 19
INPUTS .................................................................................................................................................. 19
OUTPUTS................................................................................................................................................ 19
Example 1: Verify support for key attestation ......................................................... 19
RELATED LINKS .................................................................................................................................. 20
Import-TpmOwnerAuth ............................................................................................................................. 21
SYNOPSIS ............................................................................................................................................. 21
SYNTAX .................................................................................................................................................. 21
DESCRIPTION ....................................................................................................................................... 21
PARAMETERS ......................................................................................................................................... 21
INPUTS .................................................................................................................................................. 21
OUTPUTS................................................................................................................................................ 22
Example 1: Import an owner authorization value ....................................................... 22
Example 2: Import an owner authorization value from a file ............................. 22
RELATED LINKS .................................................................................................................................. 23
Initialize-Tpm ............................................................................................................................................. 24
SYNOPSIS ............................................................................................................................................. 24
SYNTAX .................................................................................................................................................. 24
DESCRIPTION ....................................................................................................................................... 24
PARAMETERS ......................................................................................................................................... 24
INPUTS .................................................................................................................................................. 24
OUTPUTS................................................................................................................................................ 25
Example 1: Initialize a TPM ................................................................................................ 25
RELATED LINKS .................................................................................................................................. 25
Set-TpmOwnerAuth .................................................................................................................................. 26
SYNOPSIS ............................................................................................................................................. 26
SYNTAX .................................................................................................................................................. 26
DESCRIPTION ....................................................................................................................................... 26
PARAMETERS ......................................................................................................................................... 26
INPUTS .................................................................................................................................................. 27
OUTPUTS................................................................................................................................................ 27
Example 1: Replace imported owner authorization value ........................................ 28
Example 2: Replace owner authorization value with value in file .................. 28
Example 3: Replace owner authorization value ........................................................... 28
RELATED LINKS .................................................................................................................................. 29
Unblock-Tpm ............................................................................................................................................. 30
SYNOPSIS ............................................................................................................................................. 30
SYNTAX .................................................................................................................................................. 30
DESCRIPTION ....................................................................................................................................... 30
PARAMETERS ......................................................................................................................................... 30
INPUTS .................................................................................................................................................. 31
OUTPUTS................................................................................................................................................ 31
Example 1: Reset a lockout................................................................................................... 31
RELATED LINKS .................................................................................................................................. 31
Clear-Tpm
SYNOPSIS
Resets a TPM to its default state.

SYNTAX
Clear-Tpm [[-OwnerAuthorization] <String>] [<CommonParameters>]

Clear-Tpm -File <String> [<CommonParameters>]

DESCRIPTION
The Clear-Tpm cmdlet resets the Trusted Platform Module (TPM) to its
default state. A reset removes the owner authorization value and any keys
stored in the TPM. To reset a TPM, you must provide a valid owner
authorization value. You can enter an owner authorization value or
specify a file that contains the value. If you do not provide a value,
the cmdlet attempts to use a value stored in the registry.

For more information on TPM, see the Trusted Platform Module Technology
Overview (http://technet.microsoft.com/en-us/library/jj131725.aspx) in
the TechNet library.

PARAMETERS
-File <String>
Specifies a file that contains the current owner authorization value for
the TPM. You can use the TPM Management Console to create this file.

Required?true
Position?named
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

-OwnerAuthorization [<String>]
Specifies the current owner authorization value for the TPM.

Required?false
Position?2
Default valuenone
Accept pipeline input? true (ByValue)
Accept wildcard characters? false

<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
String

This cmdlet accepts the owner authorization value for the TPM.

OUTPUTS
TpmObject

This cmdlet returns a TpmObject object contains the following

information:

-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards.

-- TpmPresent. Whether there is a TMP on the current computer.
-- ManagedAuthLevel. The level at which the operating system manages the
owner authorization. Possible values are Legacy, Balanced, and Full.
-- OwnerClearDisabled. Whether TPM can be reset. If this value is True,
the TPM cannot be reset through the operating system by using the owner
authorization value. If this value is False, the TPM can be reset through
the operating system.
-- AutoProvisioning. Whether the computer can use auto-provisioning.
Possible values are NotDefined, Enabled, Disabled, and
DisabledForNextBoot.
-- LockedOut. Whether a TPM is locked out.
-- SelfTest. Information returned by a test that TPM runs.

Example 1: Reset TPM

PS C:\> Clear-Tpm
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth :
OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command resets the TPM. The command uses the owner authorization
value stored in the registry instead of specifying a value or using a
value in a file.

Example 2: Reset TPM with a supplied authorization value

PS C:\> Clear-Tpm -OwnerAuthorization "vjnuW6rToM41os3xxEpjLdIW2gA="

TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command resets the TPM by using the specified owner authorization
value.

Example 3: Reset TMP using authorization value from file

PS C:\> Clear-Tpm -File "MyOwnerAuthFile.tpm"

TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth :
OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command resets the TPM by using the owner authorization value
included in the specified file.

RELATED LINKS
Online Version:
Get-Tpm
Initialize-Tpm
Unblock-Tpm
ConvertTo-TpmOwnerAuth
SYNOPSIS
Creates a TPM owner authorization value from a supplied string.

SYNTAX
ConvertTo-TpmOwnerAuth [-PassPhrase] <String> [<CommonParameters>]

DESCRIPTION
The ConvertTo-TpmOwnerAuth cmdlet creates a Trusted Platform Module (TPM)
owner authorization value based on a pass phrase string. A computer
requires an owner authorization value to manage a TPM.

For more information on TPM, see the Trusted Platform Module Technology
Overview (http://technet.microsoft.com/en-us/library/jj131725.aspx) in
the Technet library.

PARAMETERS
-PassPhrase <String>
Specifies a pass phrase string. This cmdlet converts the pass phrase to
an owner authorization value.

Required?true
Position?2
Default valuenone
Accept pipeline input? True (ByValue)
Accept wildcard characters? false

INPUTS
String

This cmdlet accepts a user-supplied pass phrase string.

OUTPUTS
String

This cmdlet returns an owner authorization value.

Example 1: Convert to owner authorization value

PS C:\> ConvertTo-TpmOwnerAuth -PassPhrase "Saturn1977&&"

puJvGK4O6Qvl0loP8r1bIxipDVo=

This command converts the string Saturn1977&& to an owner authorization

value.

RELATED LINKS
Online Version:
Import-TpmOwnerAuth
Set-TpmOwnerAuth
Disable-TpmAutoProvisioning
SYNOPSIS
Disables TPM auto-provisioning.

SYNTAX
Disable-TpmAutoProvisioning [-OnlyForNextRestart] [<CommonParameters>]

DESCRIPTION
The Disable-TpmAutoProvisioning cmdlet disables Trusted Platform Module
(TPM) auto-provisioning. Provisioning is the process of preparing a TPM
to be used. You can disable provisioning completely or only for the next
restart. You can use the Enable-TpmAutoProvisioning cmdlet to enable
auto-provisioning.

For more information on TPM, see the Trusted Platform Module Technology
Overview (http://technet.microsoft.com/en-us/library/jj131725.aspx) in
the Technet library.

PARAMETERS
-OnlyForNextRestart [<SwitchParameter>]
Indicates that the cmdlet disables auto-provisioning only for the next
computer restart. During the restart after that, auto-provisioning
begins.

Required?false
Position?named
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer,
PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).

INPUTS
SwitchParameter

OUTPUTS
TpmObject
This cmdlet returns a TpmObject object that contains the following
information:

-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards.

Example 1: Disable auto-provisioning

PS C:\> Disable-TpmAutoProvisioning
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command disables TPM auto-provisioning. You can use the Enable-
TpmAutoProvisioning cmdlet to enable auto-provisioning.

Example 2: Disable auto-provisioning for next restart

PS C:\> Disable-TpmAutoProvisioning -OnlyForNextRestart

TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command disables TPM auto-provisioning for the next restart. In the
next restart after that, auto-provisioning continues.

RELATED LINKS
Online Version:
Enable-TpmAutoProvisioning
Enable-TpmAutoProvisioning
SYNOPSIS
Enables TPM auto-provisioning.

SYNTAX
Enable-TpmAutoProvisioning [<CommonParameters>]

DESCRIPTION
The Enable-TpmAutoProvisioning cmdlet enables Trusted Platform Module
(TPM) provisioning to occur during auto-provisioning. Provisioning is the
process of preparing a TPM to be used. You can use the Disable-
TpmAutoProvisioning cmdlet to prevent auto-provisioning, either
permanently or for the next restart.

For more information on TPM, see the Trusted Platform Module Technology
Overview (http://technet.microsoft.com/en-us/library/jj131725.aspx) in
the Technet library.

PARAMETERS
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).

INPUTS

OUTPUTS
TpmObject

This cmdlet returns a TpmObject object that contains the following

information:

-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards.

Example 1: Enable auto-provisioning

PS C:\> Enable-TpmAutoProvisioning
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : OwnerClearDisabled : True
AutoProvisioning : Enabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command enables auto-provisioning for the current computer.

RELATED LINKS
Online Version:
Disable-TpmAutoProvisioning
Get-Tpm
SYNOPSIS
Gets an object that contains information about a TPM.

SYNTAX
Get-Tpm [<CommonParameters>]

DESCRIPTION
The Get-Tpm cmdlet gets a TpmObject. This object contains information
about the Trusted Platform Module (TPM) on the current computer.

For more information on TPM, see the Trusted Platform Module Technology
Overview (http://technet.microsoft.com/en-us/library/jj131725.aspx) in
the Technet library.

INPUTS

OUTPUTS
TpmObject

This cmdlet returns a TpmObject object that contains the following

information:

-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards.

-- TpmPresent. Whether there is a TPM on the current computer
-- ManagedAuthLevel. The level at which the operating system manages the
owner authorization. Possible values are Legacy, Balanced, and Full.
-- OwnerClearDisabled. Whether TPM can be reset. If this value is True,
the TPM cannot be reset through the operating system by using the owner
authorization value. If this value is False, the TPM can be reset through
the operating system.
-- AutoProvisioning. Whether the computer can use auto-provisioning.
Possible values are NotDefined, Enabled, Disabled, and
DisabledForNextBoot.
-- LockedOut. Whether a TPM is locked out.
-- SelfTest. Information returned by a test that TPM runs.
Example 1: Display TPM information

PS C:\> Get-Tpm

TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth :
OwnerClearDisabled : True
AutoProvisioning : Enabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command displays information about the TPM of the current computer.

RELATED LINKS
Online Version:
Clear-Tpm
Initialize-Tpm
Unblock-Tpm
Get-TpmEndorsementKeyInfo
SYNOPSIS
Gets information about the endorsement key and certificates of the TPM.

SYNTAX
Get-TpmEndorsementKeyInfo [[-HashAlgorithm] <String>]
[<CommonParameters>]

DESCRIPTION
The Get-TpmEndorsementKeyInfo cmdlet gets information about the
endorsement public key and certificates of the Trusted Platform Module
(TPM).

PARAMETERS
-HashAlgorithm [<String>]
Specifies the hash algorithm used for the public key. The acceptable
values for this parameter are: Sha256.

Required?false
Position?2
Default valuenone
Accept pipeline input? True (ByValue)
Accept wildcard characters? false

<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer,
PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).

INPUTS
String

This accepts the name of the algorithm, as a string, used to hash the
public key. Sha256 is the only supported algorithm.

OUTPUTS
EndorsementKeyObject

This cmdlet generates an EndorsementKeyObject object that contains the

following members:

-- IsPresent. A Boolean that represents whether the endorsement public

key is known to the operating system.
-- PublicKey. An AsnEncodedData object that contains the asn.1 encoded
public portion of the endorsement key.
-- PublicKeyHash. The hash, as a String, of the public key if the cmdlet
used a hash algorithm.
-- ManufacturerCertificates. A X509Certificate2Collection object that
contains the manufacturer endorsement key certificates. This object can
contain the manufacturer and platform certificates.
-- AdditionalCertificates. A X509Certificate2Collection object that
contains a collection of additional endorsement key certificates that are
registered to the operating system, such as any enterprise certificates.

Example 1: Get endorsement key information

PS C:\> Get-TpmEndorsementKeyInfo -Hash "Sha256"

IsPresent: True
PublicKey: System.Security.Cryptography.AsnEncodedData
PublicKeyHash:
70769c52b6e24ef683693c2a0208da68d77e94192e1f4080ae7c9b97c6caa681
ManufacturerCertificates : {[Subject]
OID.2.23.133.2.3=1.2,
OID.2.23.133.2.2=C4T8SOX3.5,
OID.2.23.133.2.1=id:782F345A

[Issuer]
CN=Contoso TPM CA1, OU=Contoso
Certification Authority, O=Contoso, C=KR

[Serial Number]
77A120A

[Not Before]
6/4/2012 6:35:58 PM

[Not After]
6/4/2022 6:35:57 PM

[Thumbprint]
77378D1480AB48FEA2D4E610B2C7EEF648FEA2
}
AdditionalCertificates : {}

This command gets information about the endorsement key of the TPM. The
command uses the Sha256 algorithm to hash the public key.

RELATED LINKS
Online Version:
Trusted Platform Module Cmdlets in Windows PowerShell
Get-TpmSupportedFeature
SYNOPSIS
Verifies whether a TPM supports specified features.

SYNTAX
Get-TpmSupportedFeature [[-FeatureList] <StringCollection>]
[<CommonParameters>]

DESCRIPTION
The Get-TpmSupportedFeature cmdlet verifies whether a Trusted Platform
Module (TPM) supports specified TPM features. Not all TPMs support all
features.

PARAMETERS
-FeatureList [<StringCollection>]
Specifies feature names as a string collection. The cmdlet verifies the
features that you specify. If you specify an empty collection, $Null,
or do not include this parameter, the cmdlet verifies all features.

Required?false
Position?2
Default valuenone
Accept pipeline input? True (ByValue)
Accept wildcard characters? false

INPUTS
StringCollection

This cmdlet accepts a collection of features to verify.

OUTPUTS
StringCollection

This cmdlet generates a StringCollection object that contains features

that the TPM of the computer supports.

Example 1: Verify support for key attestation

PS C:\> Get-TpmSupportedFeatures -FeatureList "Key Attestation"
key attestation

This command verifies whether TPM supports the key attestation feature.
The cmdlet displays the string, key attestation, so TPM supports that
feature.

RELATED LINKS
Online Version:
Trusted Platform Module Cmdlets in Windows PowerShell
Import-TpmOwnerAuth
SYNOPSIS
Imports a TPM owner authorization value to the registry.

SYNTAX
Import-TpmOwnerAuth -File <String> [<CommonParameters>]

Import-TpmOwnerAuth [-OwnerAuthorization] <String> [<CommonParameters>]

DESCRIPTION
The Import-TpmOwnerAuth cmdlet imports a valid Trusted Platform Module
(TPM) owner authorization value to the registry.

For more information on TPM, see the Trusted Platform Module Technology
Overview (http://technet.microsoft.com/en-us/library/jj131725.aspx) in
the Technet library.

PARAMETERS
-File <String>
Specifies a file that contains the current owner authorization value for
the TPM. You can use the TPM Management Console to create this file.

Required?true
Position?named
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

-OwnerAuthorization <String>
Specifies the current owner authorization value for the TPM.

Required?true
Position?2
Default valuenone
Accept pipeline input? true (ByValue)
Accept wildcard characters? false

INPUTS
String

Specifies the owner authorization value for the TPM.

OUTPUTS
TpmObject

This cmdlet returns a TpmObject object that contains the following

information:

-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards.

Example 1: Import an owner authorization value

PS C:\> Import-TpmOwnerAuth -OwnerAuthorization

"Qn2sdCFQmvjf+tBtSWH4GT87sQs="
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : Qn2sdCFQmvjf+tBtSWH4GT87sQs=
OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command imports the specified owner authorization value to the

registry.

Example 2: Import an owner authorization value from a file

PS C:\> Import-TpmOwnerAuth -File "OwnAuthFile.tpm"

TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command imports the owner authorization value in the specified file
to the registry.
RELATED LINKS
Online Version:
ConvertTo-TpmOwnerAuth
Set-TpmOwnerAuth
Initialize-Tpm
SYNOPSIS
Performs part of the provisioning process for a TPM.

SYNTAX
Initialize-Tpm [[-AllowClear]] [[-AllowPhysicalPresence]]
[<CommonParameters>]

DESCRIPTION
The Initialize-Tpm cmdlet performs part of the provisioning process for a
Trusted Platform Module (TPM). Provisioning is the process of preparing
a TPM to be used. You may need to perform other steps to fully provision
a TPM.

For more information on TPM, see the Trusted Platform Module Technology
Overview (http://technet.microsoft.com/en-us/library/jj131725.aspx) in
the Technet library.

PARAMETERS
-AllowClear [<SwitchParameter>]
Indicates that the provisioning process clears the TPM, if necessary, to
move the TPM closer to complying with Windows Server® 2012 standards.

Required?false
Position?2
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

-AllowPhysicalPresence [<SwitchParameter>]
Indicates that the provisioning process may send physical presence
commands that require a user to be present in order to continue.

Required?false
Position?3
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

INPUTS
SwitchParameter
OUTPUTS
TpmProvisioningObject

This cmdlet returns a TpmProvisioningObject object that includes the

following information:

-- TpmReady. Whether the TPM is complies with Windows Server® 2012

standards.
-- RestartRequired. Whether the computer requires a restart to continue
the provisioning process.
-- ShutdownRequired. Whether the computer must be shut down to continue
the provisioning process.
-- ClearRequired. If this has a value of True, you must import an owner
authorization value or remove the owner authorization value.
-- PhysicalPresenceRequired. Whether a person must be at the computer
during restart to continue the provisioning process.

Example 1: Initialize a TPM

PS C:\> Initialize-Tpm -ForceClearAllowed -PhysicalPresenceAllowed

TpmReady : False
RestartRequired : True
ShutdownRequired : False
ClearRequired: True
PhysicalPresenceRequired : True

This command initializes a TPM. The ForceClearAllowed parameter means

that the owner authorization value needs to be imported or reset in order
for provisioning to continue. The PhysicalPresenceAllowed parameter means
that a user must be present during a restart to continue the process.

The cmdlet returns an object with information about the state of the
provisioning process.

RELATED LINKS
Online Version:
Clear-Tpm
Get-Tpm
Unblock-Tpm
Set-TpmOwnerAuth
SYNOPSIS
Changes the TPM owner authorization value.

SYNTAX
Set-TpmOwnerAuth -File <String> -NewFile <String> [<CommonParameters>]

Set-TpmOwnerAuth -File <String> -NewOwnerAuthorization <String>

[<CommonParameters>]

Set-TpmOwnerAuth [[-OwnerAuthorization] <String>] -NewFile <String>

[<CommonParameters>]

Set-TpmOwnerAuth [[-OwnerAuthorization] <String>] -NewOwnerAuthorization

<String> [<CommonParameters>]

DESCRIPTION
The Set-TpmOwnerAuth cmdlet changes the current owner authorization value
of the Trusted Platform Module (TPM) to a new value. You can specify
the current owner authorization value or specify a file that contains the
current owner authorization value. If you do not specify an owner
authorization value, the cmdlet attempts to read the value from the
registry.

Use the ConvertTo-TpmOwnerAuth cmdlet to create an owner authorization

value. You can specify a new owner authorization value or specify a file
that contains the new value.

An owner authorization file is not a simply a password. It is generated

for a specific system. For more information on TPM, see the Trusted
Platform Module Technology Overview (http://technet.microsoft.com/en-
us/library/jj131725.aspx) in the Technet library.

PARAMETERS
-File <String>
Specifies a file that contains the current owner authorization value for
the TPM. You can use the TPM Management Console to create this file.

Required?true
Position?named
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

-NewFile <String>
Specifies a file that contains the new owner authorization value for a
TPM.
Required?true
Position?named
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

-NewOwnerAuthorization <String>
Specifies a new owner authorization value for a TPM.

Required?true
Position?named
Default valuenone
Accept pipeline input? True (ByValue)
Accept wildcard characters? false

-OwnerAuthorization [<String>]
Specifies the current owner authorization value for a TPM.

Required?false
Position?1
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

INPUTS
String

This cmdlet accepts the owner authorization value for the TPM.

OUTPUTS
TpmObject

This cmdlet returns a TpmObject object contains the following

information:

-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards.

Example 1: Replace imported owner authorization value

PS C:\> Set-TpmOwnerAuth -NewOwnerAuthorization

"h4FCmNeWVNp5IMHxRfFL9QEq4vM="
TpmReady : True
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command replaces the current owner authorization value with the
specified owner authorization value. The command does not specify the
current owner authorization value, so the cmdlet attempts to find it in
the registry. This command does not import the owner authorization value
into the registry. After you run this command, you can use the Import-
TpmOwnerAuth cmdlet to import the new value into the registry, if
necessary.

Example 2: Replace owner authorization value with value in file

PS C:\> Set-TpmOwnerAuth -NewFile "NewOwnerAuth.tpm"

TpmReady : True
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command replaces the current owner authorization value with the
owner authorization value in the specified file.

Example 3: Replace owner authorization value

PS C:\> Set-TpmOwnerAuth -OwnerAuthorization

"oaVq17hNcFS2KSnHwpZa4AlrWBo=" -NewOwnerAuthorization
"h4FCmNeWVNp5IMHxRfFL9QEq4vM="
TpmReady : True
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}

This command replaces the specified owner authorization value with a new
owner authorization value.

RELATED LINKS
Online Version:
ConvertTo-TpmOwnerAuth
Import-TpmOwnerAuth
Unblock-Tpm
SYNOPSIS
Resets a TPM lockout.

SYNTAX
Unblock-Tpm [[-OwnerAuthorization] <String>] [<CommonParameters>]

Unblock-Tpm -File <String> [<CommonParameters>]

DESCRIPTION
The Unblock-Tpm cmdlet resets a Trusted Platform Module (TPM) lockout.
TPM locks itself to prevent tampering or attack. This is called a
lockout.
To end a TPM lockout, you must provide a valid owner authorization value.
You can enter an owner authorization value or specify a file that
contains the value. If you do not provide a value, the cmdlet attempts to
use a value stored in the registry.

For more information on TPM, see the Trusted Platform Module Technology
Overview (http://technet.microsoft.com/en-us/library/jj131725.aspx) in
the Technet library.

PARAMETERS
-File <String>
Specifies a file that contains the current owner authorization value for
the TPM. You can use the TPM Management Console to create this file.

Required?true
Position?named
Default valuenone
Accept pipeline input? false
Accept wildcard characters? false

-OwnerAuthorization [<String>]
Specifies the current owner authorization value for the TPM.

Required?false
Position?2
Default valuenone
Accept pipeline input? true (ByValue)
Accept wildcard characters? false

OUTPUTS
TpmObject

This cmdlet returns a TpmObject object contains the following

information:

-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards.

-- TpmPresent. Whether there is a TMP on the current computer.
-- ManagedAuthLevel. The level at which the operating system manages the
owner authorization. Possible values are Legacy, Balanced, and Full.
-- OwnerClearDisabled. Whether TPM can be reset. If this value is True,
the TPM cannot be reset through the operating system by using the
owner authorization value. If this value is False, the TPM can be reset
through the operating system.
-- AutoProvisioning. Whether the computer can use auto-provisioning.
Possible values are NotDefined, Enabled, Disabled, and
DisabledForNextBoot.
-- LockedOut. Whether a TPM is locked out.
-- SelfTest. Information returned by a test that TPM runs.

NOTES

Be sure to understand the protection logic TPM uses. The TPM allows at
least one attempt to reset the TPM lockout by using the owner
authorization value. For more information, see the Reset the TPM Lockout
(http://technet.microsoft.com/en-us/library/dd851452.aspx) topic in
the Technet library.

Example 1: Reset a lockout

PS C:\>Unblock-Tpm -OwnerAuthorization "vjnuW6rToM41os3xxEpjLdIW2gA="

This command resets a TPM lockout. The command specifies the owner
authorization value vjnuW6rToM41os3xxEpjLdIW2gA=.

RELATED LINKS
Online Version:
Clear-Tpm
Get-Tpm
Initialize-Tpm

ITIL v3 Service Lifecycle Chart
No ratings yet
ITIL v3 Service Lifecycle Chart
1 page
FMG - v7.0 - Q&A.Verificar Que Es OK
100% (2)
FMG - v7.0 - Q&A.Verificar Que Es OK
30 pages
Rhcsa Rhce Without Pass With Watermark 20160816 PDF
No ratings yet
Rhcsa Rhce Without Pass With Watermark 20160816 PDF
165 pages
ZK (Spain) SDK Manual v6.12.2
No ratings yet
ZK (Spain) SDK Manual v6.12.2
138 pages
MM9000 Rev-A 5-08
No ratings yet
MM9000 Rev-A 5-08
276 pages
PSApp Deployment Toolkit Admin Guide
No ratings yet
PSApp Deployment Toolkit Admin Guide
114 pages
8MA10222 SBW600 EN 1209 Low
No ratings yet
8MA10222 SBW600 EN 1209 Low
243 pages
SMART Messaging Suite Web Service Guide v1.5
No ratings yet
SMART Messaging Suite Web Service Guide v1.5
20 pages
OneFS Cluster Performance Metrics, Tips, and Tricks PDF
No ratings yet
OneFS Cluster Performance Metrics, Tips, and Tricks PDF
26 pages
OmniSwitch 6860, 6900, 10K Troubleshooting Guide
No ratings yet
OmniSwitch 6860, 6900, 10K Troubleshooting Guide
148 pages
Powershell Commandlets - APPX Module
No ratings yet
Powershell Commandlets - APPX Module
44 pages
Release Notes - V1.9.1 - StruxureWare Building Operation
No ratings yet
Release Notes - V1.9.1 - StruxureWare Building Operation
60 pages
N2cpu Nii51007
No ratings yet
N2cpu Nii51007
336 pages
Of Config1dot0 Final PDF
No ratings yet
Of Config1dot0 Final PDF
73 pages
Pace Unified Software CLI Tree Description PDF
No ratings yet
Pace Unified Software CLI Tree Description PDF
161 pages
RouterOS by Example Second Edition TOC
No ratings yet
RouterOS by Example Second Edition TOC
13 pages
Um1m521bna Rev Ae Scu Controller
No ratings yet
Um1m521bna Rev Ae Scu Controller
70 pages
PLC Designer PLC Designer (R3-1) v4-1 en
No ratings yet
PLC Designer PLC Designer (R3-1) v4-1 en
1,170 pages
Pytest PDF
No ratings yet
Pytest PDF
219 pages
CMPE455 Lab 1 - Access Control
No ratings yet
CMPE455 Lab 1 - Access Control
23 pages
OmniPCXOffice_R6_Installation Manual
No ratings yet
OmniPCXOffice_R6_Installation Manual
188 pages
1 5037464221177086042 PDF
No ratings yet
1 5037464221177086042 PDF
165 pages
ELPLA
No ratings yet
ELPLA
315 pages
Slau132f PDF
No ratings yet
Slau132f PDF
166 pages
Sas3flash quickRefGuide Rev1-0
No ratings yet
Sas3flash quickRefGuide Rev1-0
28 pages
Administering Managed Objects in Multicontroller RNC
No ratings yet
Administering Managed Objects in Multicontroller RNC
89 pages
Operators Guide - ProC9200-9210 - en
No ratings yet
Operators Guide - ProC9200-9210 - en
292 pages
Manual Epilog 8000
No ratings yet
Manual Epilog 8000
311 pages
User Manual
No ratings yet
User Manual
19 pages
DAS 3224 Manual
No ratings yet
DAS 3224 Manual
67 pages
Softing PN Diagnose Module
No ratings yet
Softing PN Diagnose Module
28 pages
120 Echonav Am Alphadepth Mfs MFM Instoper Manual 16 12 2016 - 1552317972 - 414180f7
No ratings yet
120 Echonav Am Alphadepth Mfs MFM Instoper Manual 16 12 2016 - 1552317972 - 414180f7
62 pages
R5916038_03_ReferenceGuide
No ratings yet
R5916038_03_ReferenceGuide
68 pages
Leaf-Spine Deployment and Best Practices Guide
No ratings yet
Leaf-Spine Deployment and Best Practices Guide
71 pages
DMA
100% (1)
DMA
95 pages
Application Debugging
No ratings yet
Application Debugging
125 pages
Maha Lift Service Manual
No ratings yet
Maha Lift Service Manual
30 pages
DES-1210-08P 28 28P 52 C1 Manual v4.00
No ratings yet
DES-1210-08P 28 28P 52 C1 Manual v4.00
99 pages
MIPStext PDF
No ratings yet
MIPStext PDF
122 pages
Advanced DPL PDF
No ratings yet
Advanced DPL PDF
141 pages
poweredge-r6625-technical-guide
No ratings yet
poweredge-r6625-technical-guide
72 pages
Visual TD Excel Add-In User Guide
No ratings yet
Visual TD Excel Add-In User Guide
52 pages
Manual R 8
No ratings yet
Manual R 8
208 pages
3/&0RWLRQ 3/&0RWLRQ 3/&0RWLRQ 3/&0RWLRQ: $%B$07 $%B$07 $%B$07 $%B$07 8Vhu#0Dqxdo 8Vhu#0Dqxdo 8Vhu#0Dqxdo 8Vhu#0Dqxdo
No ratings yet
3/&0RWLRQ 3/&0RWLRQ 3/&0RWLRQ 3/&0RWLRQ: $%B$07 $%B$07 $%B$07 $%B$07 8Vhu#0Dqxdo 8Vhu#0Dqxdo 8Vhu#0Dqxdo 8Vhu#0Dqxdo
143 pages
Firebird v2.5.0.ReleaseNotes
No ratings yet
Firebird v2.5.0.ReleaseNotes
156 pages
PowerFlex Rack Administration - Instructor Guide
No ratings yet
PowerFlex Rack Administration - Instructor Guide
241 pages
Httpswww.wabco Customercentre.comcatalogdocsmm0180 Web.pdf
No ratings yet
Httpswww.wabco Customercentre.comcatalogdocsmm0180 Web.pdf
144 pages
Iometer User's Guide
No ratings yet
Iometer User's Guide
83 pages
Operation Guide: ECOSYS M3040idn ECOSYS M3540idn ECOSYS M3550idn ECOSYS M3560idn
No ratings yet
Operation Guide: ECOSYS M3040idn ECOSYS M3540idn ECOSYS M3550idn ECOSYS M3560idn
427 pages
9724 CLI Guide
No ratings yet
9724 CLI Guide
282 pages
Handbook - course Tech
No ratings yet
Handbook - course Tech
47 pages
TheDrop Manual PDF
No ratings yet
TheDrop Manual PDF
19 pages
Technical Manual March 2009
No ratings yet
Technical Manual March 2009
114 pages
Troubleshooting and Maintenance Manual: For Lightpulse Adapters
No ratings yet
Troubleshooting and Maintenance Manual: For Lightpulse Adapters
23 pages
Calmotion Usb CNC
No ratings yet
Calmotion Usb CNC
17 pages
Display Manager
No ratings yet
Display Manager
26 pages
3343 - C-Data-EPON-OLT-FD1108S-CLI-User-Manual-V1-3
No ratings yet
3343 - C-Data-EPON-OLT-FD1108S-CLI-User-Manual-V1-3
82 pages
TLink Option Module - 750com-Um100 - En-P
No ratings yet
TLink Option Module - 750com-Um100 - En-P
28 pages
Companies and Environmental Impact: Identification and Visualization of Key Ecological Indicators
From Everand
Companies and Environmental Impact: Identification and Visualization of Key Ecological Indicators
Martin Knura
No ratings yet
Prediction of Burnout: An Artificial Neural Network Approach
From Everand
Prediction of Burnout: An Artificial Neural Network Approach
Felix Ladstätter
No ratings yet
Teardowns: Learn How Electronics Work by Taking Them Apart
From Everand
Teardowns: Learn How Electronics Work by Taking Them Apart
Bryan Bergeron
No ratings yet
Facility Management: Business Process Integration
From Everand
Facility Management: Business Process Integration
Alexander Redlein
No ratings yet
Web Video Business
From Everand
Web Video Business
MUHAMMAD NUR WAHID ANUAR
No ratings yet
Windows Update Provider
No ratings yet
Windows Update Provider
11 pages
Powershell Commandlets - BITLOCKER Module
No ratings yet
Powershell Commandlets - BITLOCKER Module
49 pages
Powershell Commandlets - Credential Manager Module
No ratings yet
Powershell Commandlets - Credential Manager Module
14 pages
Powershell Commandlets - MSI Module
No ratings yet
Powershell Commandlets - MSI Module
92 pages
Powershell Commandlets - Windows Update Module
No ratings yet
Powershell Commandlets - Windows Update Module
8 pages
Powershell Commandlets - AppLocker Module
No ratings yet
Powershell Commandlets - AppLocker Module
28 pages
Powershell Commandlets - MSI Module
No ratings yet
Powershell Commandlets - MSI Module
90 pages
Windows Update: Microsoft Powershell
No ratings yet
Windows Update: Microsoft Powershell
7 pages
Powershell Commandlets - AppBackgroundTask Module
No ratings yet
Powershell Commandlets - AppBackgroundTask Module
18 pages
Powershell Commandlets - BitLocker Module
No ratings yet
Powershell Commandlets - BitLocker Module
50 pages
ArcadeCab CabinetPlans2
No ratings yet
ArcadeCab CabinetPlans2
60 pages
DSC Manual
No ratings yet
DSC Manual
400 pages
VIrtualization 2.0 For Dummies
No ratings yet
VIrtualization 2.0 For Dummies
88 pages
Itsm Chart V2.0 PDF
100% (1)
Itsm Chart V2.0 PDF
1 page
ITIL Wall Chart
No ratings yet
ITIL Wall Chart
2 pages
The Big Book of PowerShell Error Handling
No ratings yet
The Big Book of PowerShell Error Handling
28 pages
1 - Beginner's Guide - Crusader Kings II Wiki
No ratings yet
1 - Beginner's Guide - Crusader Kings II Wiki
5 pages
Crusader Kings II Game Guide
100% (2)
Crusader Kings II Game Guide
206 pages
Using Adobe Bridge and Adobe Version Cue CS4
100% (3)
Using Adobe Bridge and Adobe Version Cue CS4
93 pages
Using Adobe Bridge and Adobe Version Cue CS4
100% (3)
Using Adobe Bridge and Adobe Version Cue CS4
93 pages
Car Wars
90% (10)
Car Wars
68 pages
Flash Cs4 Help
No ratings yet
Flash Cs4 Help
474 pages
Adobe Acrobat 9 Pro Extended
100% (8)
Adobe Acrobat 9 Pro Extended
533 pages
BPT For SAP Installation Guide
No ratings yet
BPT For SAP Installation Guide
46 pages
Cyclone: A Set of Pure Data Objects Cloned From Max/MSP
No ratings yet
Cyclone: A Set of Pure Data Objects Cloned From Max/MSP
9 pages
FortiOS 7.0.0 New Features Guide
No ratings yet
FortiOS 7.0.0 New Features Guide
355 pages
DOS Commands: Command and Usage Examples
No ratings yet
DOS Commands: Command and Usage Examples
6 pages
UNIT 1 21 Regulation
No ratings yet
UNIT 1 21 Regulation
81 pages
AS400 Useful Commands
100% (2)
AS400 Useful Commands
6 pages
Beginners Guide To CLI Troubleshooting
No ratings yet
Beginners Guide To CLI Troubleshooting
3 pages
MG University Btech CS 6th Semester
No ratings yet
MG University Btech CS 6th Semester
20 pages
CM9.4 ElasticsearchInstall Config PDF
No ratings yet
CM9.4 ElasticsearchInstall Config PDF
29 pages
Trakr Programming Manual
No ratings yet
Trakr Programming Manual
35 pages
Moxa Nport 5100 Series Manual v6.0
No ratings yet
Moxa Nport 5100 Series Manual v6.0
180 pages
HMC Remote Console Connection Errors Using Iseries Access 5250 Emulators
No ratings yet
HMC Remote Console Connection Errors Using Iseries Access 5250 Emulators
4 pages
IBM Netezza Analytics Administrators Guide-3.2.2
No ratings yet
IBM Netezza Analytics Administrators Guide-3.2.2
59 pages
Live Link For Matlab Users Guide
No ratings yet
Live Link For Matlab Users Guide
338 pages
The AmigaDOS Manual
100% (2)
The AmigaDOS Manual
304 pages
Data Domain_ DD3300 Mapping disk alerts to the correct hard drive slot _ Dell US
No ratings yet
Data Domain_ DD3300 Mapping disk alerts to the correct hard drive slot _ Dell US
4 pages
Access To Free Nutanix NCP-MCI-5.20 Practice Exam Questions - FreeTestShare7
No ratings yet
Access To Free Nutanix NCP-MCI-5.20 Practice Exam Questions - FreeTestShare7
4 pages
VCenter Server Appliance 6.0 Reference Poster v3
No ratings yet
VCenter Server Appliance 6.0 Reference Poster v3
1 page
Printess Construction and Operation Manual
No ratings yet
Printess Construction and Operation Manual
38 pages
Manual Nikto
No ratings yet
Manual Nikto
47 pages
Learn Python - For Beginners
No ratings yet
Learn Python - For Beginners
7 pages
5 Bash Script Examples To Help You Learn Linux Programming
No ratings yet
5 Bash Script Examples To Help You Learn Linux Programming
14 pages
Master Exam CD Questions Exam 101
No ratings yet
Master Exam CD Questions Exam 101
38 pages
Moquery Cheat Sheet: Bridge Domain
No ratings yet
Moquery Cheat Sheet: Bridge Domain
6 pages
Ug835 Vivado Tcl Commands
No ratings yet
Ug835 Vivado Tcl Commands
1,984 pages
Developing Statistical Software in Fortran 95 1st Edition by David R Lemmon, Joseph L Schafer ISBN 0387281231 9780387281230 - Own the ebook now with all fully detailed chapters
100% (5)
Developing Statistical Software in Fortran 95 1st Edition by David R Lemmon, Joseph L Schafer ISBN 0387281231 9780387281230 - Own the ebook now with all fully detailed chapters
77 pages
Unix Common CMD
No ratings yet
Unix Common CMD
17 pages
Release Notes For Asyncos 13.5.1 For Cisco Email Security Appliances
No ratings yet
Release Notes For Asyncos 13.5.1 For Cisco Email Security Appliances
17 pages