Hi Sreelakshmi,

Thank you very much.

I look forward to your reply.

Best Regards,

Jim Hsu

Hello Jim_Hsu,

Greetings for the day!

I hope this message finds you well.

Can you please confirm if TPM 2.0 is enabled in the BIOS? If it is, kindly provide a screenshot for further assistance.

Regards,

Sreelakshmi B

Hi Sreelakshmi,

Sure, Please refer to the picture below.

Best Regards,

Jim Hsu

Hello Jim_Hsu, ,

Greetings for the day!

Thank you for sharing the details. Please allow us some time to review the details and we will get back with an update shortly.

Regards,

Sreelakshmi B

Hello JimHsu_3166,

I hope this message finds you well.

We would like to inform you that as per the snapshot shared, we see that the TPM is not enabled.

Please refer the below user guide to configure TPM 2.0.

https://www.intel.com/content/dam/support/us/en/documents/server-products/Configuring_the_TPM_2.0.pdf

Regards,

Sreelakshmi B

Hi Sreelakshmi,

Sure, I have tried to enable TPM function and make sure the TPM is ready for use under Windows Server 2022.

But still cannot reset TPM provision data under EFI Shell.

Step1: Enable "Intel Virtualization"
Step2: Enable "Intel VT for Directed I/O"
Step3: Setting the Administrator Password
Step4: Setting "TPM2 ClearControl(NO) + Clear"
Step5: Reboot system and Boot to "BIOS"
Step6: Enable "Intel TXT"
Step7: Disable SHA1 and Enable SHA256
Step8: Reboot system and Boot to "Windows Server 2022"
Step9: Run "tpm.msc" ---> The TPM is ready for use.
Step10: Reboot system and Boot to "EFI Shell"
Step11: Unzip "TPM2ProvfilesCBnT-20230302.zip" to USB and Install to system
Step12: Run command ---> Result : Empty Failed
Step13: Reboot system and Boot to "BIOS"
Step14: Disable "Intel TXT"
Step15: Setting "TPM2 ClearControl(NO) + Clear"
Step16: Reboot system and Boot to "EFI Shell"
Step17: Run command ---> Result : Empty Failed

Best Regards,

Jim Shi

Hello JimHsu_3166,

Greetings for the day!

Based on the snapshot analysis, the status indicates that TPM 2.0 is ready for use, with details such as TPM Manufacturer: IFX and Specification Version: 2.0. We would like to inform you that the snapshot information aligns with the article I shared earlier.

Please let us know if you have any specific issues or queries for which you are seeking a solution.

Regards,

Sreelakshmi B

Hi Sreelakshmi,

As the title says, do I have any way can re-provision it?

Best Regards,
Jim Hsu

Hello JimHsu_3166,

Greetings for the day!

Please allow us some time to review the details and we will get back with an update shortly.

Regards,

Sreelakshmi B

Hello JimHsu_3166,

Greetings for the day!

Since you need to clear TPM 2.0 provision data, kindly follow the below link and go to Section 3.4 Security Screen -> 8. TPM2 Operation to perform TPM 2.0 clear.

https://www.intel.com/content/dam/support/us/en/documents/server-products/intel-bios-setup-utility-user-guide-d50dnp-and-m50fcp.pdf

We would like to inform you that changing the TPM state in setup requires a hard reset for the new state to become effective.

Regards,

Sreelakshmi B

Hello JimHsu_3166,

I hope this message finds you well.

We are following up to find out if you were able to find the information we provided. Please reply to confirm, so we can continue helping on a resolution. Looking forward to receiving your reply.

Regards,

Sreelakshmi B

Hi Sreelakshmi,

But I still cannot provision TPM2 again after clear TPM2.0 under BIOS.
Could you kindly help to check you can re-provision TPM after clear TPM2.0 under BIOS?

Step1: Setting "TPM2 ClearControl(NO) + Clear"
Step2: Reboot system and Boot to "EFI Shell"
Step3: Run command #> ResetPlatformAuth.nsh SHA256 Example

If possible, could you please provide the successful picture?

Best Regards,
Jim Hsu

Hello JimHsu_3166,

Please allow us some time to review the details and we will get back with an update shortly.

Regards,

Sreelakshmi B

Hello JimHsu_3166,

Could you please run “MSFT_NVCI_Index.nsh CustomIndexForMSFT.iDef” command to create the NVCI Index (provisioning) and let us know the result.

The reset script is not mandatory. If the ownership was cleared by the BIOS Setup, there is nothing to reset.

 Regards,

Sreelakshmi B

Hello JimHsu_3166,

We are following up to find out if you were able to find the information we provided . Please reply to confirm, so we can continue helping on a resolution. Looking forward to receiving your reply.

Regards,

Sreelakshmi B

Hello JimHsu_3166,

Good day!

We would like to inform you that we are closing this request as no response has been received from our previous follow-ups.

Please don't hesitate to ask any further questions in the future. Feel free to start a new conversation, as this thread will no longer be monitored.

Regards,

Sreelakshmi B