- #Clear trusted platform module windows 10 reset how to
- #Clear trusted platform module windows 10 reset update
- #Clear trusted platform module windows 10 reset windows 10
- #Clear trusted platform module windows 10 reset code
#Clear trusted platform module windows 10 reset update
Is the price jump to enterprise worth it for increased control?įrom what you suggested the feature update is the issue which needs to be done on a semi-regular basis, therefore do I have to accept this TPM chip issue will continue to happen?
#Clear trusted platform module windows 10 reset windows 10
As we have windows 10 pro our only option is insider or semi-annual channel, there is a new preview feature in InTune I have tested which prevents my machines updating past 1909 at present. The issue is generally happening to 2-3year old laptops which have gone through yearly 6 monthly updates for many years. I will look into reimaging my laptops from OOBE. Yes I think you are right that the chip is likely not completely malfunctioning and is a result of an update, therefore more "partially corrupt". If you have a lot of systems is probably good policy to reimage your new machines right out of the box and it's probably even better policy to use the LTS(x) channel of Windows 10 rather than the standard "free for all" version or you're just going to have this happen on an annual or semi-annual (get it ) basis. All the recovery key will let you do is backup your data before you reinstall Windows via USB and set it all back up again. Once this happens the system is pretty much sunk. Granted, this has been 'corrected' with reimages, but it seems that some feature updates dislike TPM+Bitlocker in that they go through some process of replacing the boot record (temporarily.this is where you have that Windows.old so you can roll back) and this makes the TPM in conjunction with the UEFI think that you're trying to hack into it and asks you for your recovery key. Generally the biggest issues that I have had with bitlocker is that it will tend to break when doing a feature update. You might have a similar problem (something corrupt with the image that Dell used on the system from the factory). Reimaging the system from a normal Windows 10 USB fixed the repeated issues. I have had bitlocker related issues using the OOBE setup on Surface Pro's many times. It's likely not the chip malfunctioning if you got that error on half your computers.
#Clear trusted platform module windows 10 reset how to
How to stop the TPM chip malfunctioning.I would really appreciate any help with this, or if it has happened to you it would be good to know we are not alone! Does anyone have any long term fixes or alternatives to using TPM / Bitlocker. The user starts the process and once registered I can then remote access the laptop and complete the setup, but this whole process can take 6 hours.Īlmost 50% of my users have now had this and it is causing significant productivity issues with significant lost time for the user and myself. This is essentially what we do in the end, but as it is Azure AD setup OOBE it means a complete reset and rebuild from the OOBE. I have come to just turn off bitlocker when they report this issue, which is not great as we require some form of encryption for our Cyber Security certifications.Īs our laptops are Azure AD joined we are unable to remove the user and start again, which Microsoft support recommends. Some users also find that bitlocker suspends itself prior to this issue, however when I investigate I cannot see what has caused it to suspend.
#Clear trusted platform module windows 10 reset code
This code relates to issues with the office365 Business apps and can cause the user to be signed out of Outlook and it stops them being managed by Intune. When the user then logs in there are further issues when opening the company portal app, the error message "Your computers trusted Platform Module has malfunctioned. The first we become aware of any issue with the laptop is when the user asks for their recovery key. We set the configuration manually on each machine during initial build (can be shared if helpful), in summary it is the Operating system we encrypt to 128-bit, we enable all TPM Chip (BIOS) settings, user requires a PIN and the recovery key is backed up to Azure AD. Windows Bitlocker is used to encrypt the laptops.Windows 10 pro (considering enterprise if this can control DELL updates!).Intune is used to manage policies and configurations.All laptops are AZURE AD joined from OOBE to the end users' account.This causes issues for the initial sign in through Bitlocker requiring the recovery key and then causes major issues to the AZURE setup on the laptop resulting in a complete rebuild of the machine. So the main issue here is that after some update, DELL BIOS most probably although unsure, the trusted platform module (TPM) chip malfunctions.