TPM unusable on Windows Server 2022

Discussion in 'Windows Server' started by terminal2000, Dec 14, 2021.

  1. terminal2000

    terminal2000 MDL Novice

    Jul 7, 2010
    18
    0
    0
  2. terminal2000

    terminal2000 MDL Novice

    Jul 7, 2010
    18
    0
    0
    I did clear the TPM many times. It didn't help. Meanwhile on Win10, 11 and server 2019, nothing was needed to make it work.
    And this is Intel i3 CPU so no driver is needed.
     
  3. ExtremeGrief

    ExtremeGrief MDL Senior Member

    Jun 2, 2020
    467
    82
    10
    Do you have any unknown devices? Try to update all drivers with SDI.
     
  4. Pwntje

    Pwntje MDL Novice

    Jul 1, 2017
    18
    5
    0
    fTPM works for me on WS2022 with Ryzen CPU.
     
  5. terminal2000

    terminal2000 MDL Novice

    Jul 7, 2010
    18
    0
    0
    It doesn't work even with all drivers installed and no unknown devices.

    Actually this TPM doesn't need any driver to begin with. I tried fresh install server 2019 and win 10 they both worked with no driver at all.
     
  6. ExtremeGrief

    ExtremeGrief MDL Senior Member

    Jun 2, 2020
    467
    82
    10
    Try to disable Core Integrity
     
  7. terminal2000

    terminal2000 MDL Novice

    Jul 7, 2010
    18
    0
    0
    You mean the "Memory Integrity" under "Core Isolation"? It was disabled. Neither disabling nor enabling made a difference.

    I used SDI to update all drivers. No difference.
     
  8. kibkalo

    kibkalo MDL Addicted

    Sep 8, 2009
    523
    207
    30
    There is a good chance that Microsoft cut some package from Server.
    Attached is list of packages from 20348.1 Enterprise client where TPM works.
    Check your list with SxSv1 tool
    If you lack/need some packages from my list let me know, I would provide.
    It world work in Server.
     

    Attached Files:

  9. DrunkF

    DrunkF MDL Junior Member

    Jun 15, 2010
    58
    14
    0
    #10 DrunkF, Dec 21, 2021
    Last edited: Dec 21, 2021
    I can help with this; please see the main Server 2022 thread where I posted about this many months ago.

    I believe it is a bug with the TPM code that is missing some stuff - as with Windows 11 the ownership hash now needs to be stored in the registry - in the past it was not stored. The code to store the hash is *missing* IMHO from server 2022 code but has been added/fixed in Windows 11.

    I had the same problem - if you check "Is TPM Owned" you will find that the answer is NO! The utilities are bad in the sense they don't tell you the TPM is NOT owned fully just partially. With TPM 2.0 full ownership is not always needed and Windows tries to do without full ownership but does not tell you.

    That is due to missing hash. If you install any other Windows OS and take ownership and *DON'T* clear TPM before (clean) installing Server 2022 will work fine. If TPM is cleared then 2022 cannot take ownership due to missing hash.

    What you need to do is to enter the hash of the TPM in the registry for Server 2022 to take ownership. Let me find the code.
     
  10. DrunkF

    DrunkF MDL Junior Member

    Jun 15, 2010
    58
    14
    0
  11. terminal2000

    terminal2000 MDL Novice

    Jul 7, 2010
    18
    0
    0
    Thanks for your help. I have already moved away from 2022 to 2019 because of this. Sometime later if I try 2022 again I'll give this a try.