Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Wilmatic81
Beginner
95 Views

Automate enabling Enable Trusted Execution Technology (TXT) in BIOS

Hello,

Currently we have an issue with BitLocker compliance on our HP G6 Desktops in Intune. After encryption, it does not change the compliance even though it is properly encrypted. Microsoft provided a solution Trusted Execution Technology (TXT) must be enabled for this to work as it updates the Windows Health Attestation. We have tested and confirmed after enabling it in the BIOS, it becomes compliant after a few hours.

My question is, has anyone been able to automate this successfully? I was able to script it with PowerShell and also using the HP BIOS Configuration Utility. However, after enabling it, it does not boot into Windows. I'd have to disable it from the BIOS and let it book back into Windows.

Setting it manually in the BIOS has no issues but we have several remote offices with no support staff which is why we would like to automate this process. Not sure if this is possible and might be by design but any info would be helpful.

0 Kudos
5 Replies
Alberto_R_Intel1
Employee
69 Views

Wilmatic81, Thank you for posting in the Intel® Communities Support.


In order for us to provide the most accurate assistance on this scenario, we just wanted to confirm a few details about your system:

What is the model of the Intel® Processor?

Is this a new computer?

Was it working fine before?

When did the issue start?

Did you make any recent hardware/software changes?

Which Windows* version are you using?


Any questions, please let me know.


Regards,

Albert R.


Intel Customer Support Technician



Wilmatic81
Beginner
60 Views

Hi Albert R, thanks for the response.

 

What is the model of the Intel® Processor? Intel(R) 400 Series Chipset

 

Is this a new computer? Yes

 

Was it working fine before? As mentioned, no issues if we manually enable it in the BIOS but if we use a PowerShell script or HP BIOS Config Utility to enable the TXT setting it gets stuck in POST and doesnt boot into Windows. Not sure if there are pre-steps or something we have to temporarily disable prior to enabling TXT in Windows vs BIOS.

 

When did the issue start? new issue

 

Did you make any recent hardware/software changes? This issue is on the HP ProDesk 600 G6 Desktop Mini PC

 

Which Windows* version are you using? Windows 10 2004/20H2

Alberto_R_Intel1
Employee
45 Views

Hi Wilmatic81, You are very welcome, thank you very much for providing that information.


I searched for the specifications of the HP ProDesk 600 G6 Desktop Mini PC and I can see that the chipset that it has is Intel® Q470 Chipset, which as you mentioned, is an Intel® 400 Series Chipset:

https://www8.hp.com/h20195/V2/GetPDF.aspx/c06640111


I looked in our website for the Intel® Q470 Chipset in order to verify if it supports Intel® Trusted Execution Technology, as you can see in the link below, from our side we can confirm that it does support the feature:

https://ark.intel.com/content/www/us/en/ark/products/201836/intel-q470-chipset.html


So, if there are any problems related to the Intel® Trusted Execution Technology, the next thing to do in this case will be to get in contact directly with HP so they can verify BIOS settings, if a BIOS update is needed or if a physical inspection is necessary, warranty options may apply on this scenario:

https://support.hp.com/us-en


Regards,

Albert R.


Intel Customer Support Technician


Wilmatic81
Beginner
42 Views

No problem they are looking into the issue right now.

 

 

Alberto_R_Intel1
Employee
35 Views

Wilmatic81, Thank you very much for providing those updates.


Perfect, excellent, they will be able to further assist you with this topic.


Regards,

Albert R.


Intel Customer Support Technician


Reply