None of them. It is more or less an evolution of Windows Server 2019, so in a sense is based on Windows 10 v1809 updated.
Can someone who installed Server 2022 + all updates, be so kind to check that it has successfully managed to "own" their TPM? Basically does BitLocker work (after being installed as a feature) to encrypt boot disk? Or can run the "Get-Tpm" cmdlet? It output of "Get-Tpm" should look like this: TpmPresent : True TpmReady : True TpmEnabled : True TpmActivated : True TpmOwned : True <- Here, owned RestartPending : True ... I have tried everything, Server 2016, 2019 (TPM/Bitlocker work fine), Windows 10 21H1 (again fine) and even Windows 11 (again fine) - but it's just impossible to get 2022 to own the TPM! On 2022 it looks like this: TpmPresent : True TpmReady : True TpmEnabled : True TpmActivated : True TpmOwned : False <- Here, not owned RestartPending : True I have tried just about everything to get it going: - TPM has been cleared many, many times. - TPM has been provisioned many, many times - always results in "reduced functionality" - Secure Boot is enabled. - Both storage and attestation are Ready. - EK certificate chain present and valid (Intel). - Management level is "Full" all commands are allowed. Tried many tools including Windows 11's new TPM diag. - PCR7 binding is "possible" but has not been "bound" yet. - DMA-capable buses are allowed in registry hive. - PCR (SHA256) registers seem OK - but I have not done a validation of their values. Will try this. All I can think of is that Server 2022 requires more stringent measured boot settings which many boards - except OEMs like Lenovo - leave disabled in PTT firmware. Perhaps even client Windows 11 does not require such stringent security checks? Thanks all!
@DrunkF on 7th gen intel NUC, secure boot disabled Code: TpmPresent : True TpmReady : True TpmEnabled : True TpmActivated : True TpmOwned : True RestartPending : True ManufacturerId : 1229346816 ManufacturerIdTxt : IFX ManufacturerVersion : 5.62.3126.0 ManufacturerVersionFull20 : 5.62.12.13824 ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : False AutoProvisioning : Enabled LockedOut : False LockoutHealTime : 2 hours LockoutCount : 0 LockoutMax : 32 SelfTest : {}
DaRT integration tool, for windows 7, 8.1, 10 and 11 updated to v3.8 https://forums.mydigitallife.net/th...ion-guide-murphy78.47875/page-43#post-1496205 Changelog: Code: DaRT7_81_10_11_v3.8 (August 17. 2021) Added debug tools packages for Win 11 (22000) and Server 2022 LTSC (20348) (from MSMG Toolkit) Updated the code to be able to handle them appropriately Updated wimlib-imagex files to the latest
I know what it is, I did my own DaRT ISOs in the past, but stopped at Windows 8.1 which still works for most purposes on Win 10. Maybe I should pay more attention to your work and update my tools. BTW, it was a joke, mostly for the understanding of the other people reading this thread, this is a multipurpose tool used primarily for recovery beyond the capabilities of the regular Windows ISO and it is not a Windows image, so it can hardly be classified as homebrew.
Many thanks! Wow - did not even know of any NUCs with dedicated, 3rd party, TPMs (IFX); thought all relied of Intel's own ME/PTT. Will try another system then.