HelpCache/Microsoft.Tpm.Commands.dll-help.xml
|
<?xml version = "1.0" encoding = "utf-8" ?>
<helpItems schema="maml"> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Clear-Tpm</command:name><maml:description><maml:para>Resets a TPM to its default state.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Clear</command:verb><command:noun>Tpm</command:noun><dev:version /></command:details><maml:description><maml:para>The Clear-Tpm cmdlet resets the Trusted Platform Module (TPM) to its default state. A reset removes the owner authorization value and any keys stored in the TPM. To reset a TPM, you must provide a valid owner authorization value. You can enter an owner authorization value or specify a file that contains the value. If you do not provide a value, the cmdlet attempts to use a value stored in the registry.</maml:para><maml:para>For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Clear-Tpm</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="2" aliases=""><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for the TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Clear-Tpm</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para><maml:para></maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para><maml:para></maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="2" aliases=""><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for the TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The owner authorization value for the TPM. </maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>TpmObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A TpmObject object contains the following information: </maml:para><maml:para>-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards. -- TpmPresent. Whether there is a TMP on the current computer. -- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full. -- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner authorization value. If this value is False, the TPM can be reset through the operating system. -- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot. -- LockedOut. Whether a TPM is locked out. -- SelfTest. Information returned by a test that TPM runs. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Reset TPM </maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Clear-Tpm TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : True AutoProvisioning : Disabled LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command resets the TPM. The command uses the owner authorization value stored in the registry instead of specifying a value or using a value in a file. </maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>Example 2: Reset TPM with a supplied authorization value</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Clear-Tpm -OwnerAuthorization "vjnuW6rToM41os3xxEpjLdIW2gA=" TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : True AutoProvisioning : Disabled LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command resets the TPM by using the specified owner authorization value. </maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>Example 3: Reset TMP using authorization value from file</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Clear-Tpm -File "MyOwnerAuthFile.tpm" TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : True AutoProvisioning : Disabled LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command resets the TPM by using the owner authorization value included in the specified file. </maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306665</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Get-Tpm</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Initialize-Tpm</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Unblock-Tpm</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>ConvertTo-TpmOwnerAuth</command:name><maml:description><maml:para>Creates a TPM owner authorization value from a supplied string. </maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>ConvertTo</command:verb><command:noun>TpmOwnerAuth</command:noun><dev:version /></command:details><maml:description><maml:para>The ConvertTo-TpmOwnerAuth cmdlet creates a Trusted Platform Module (TPM) owner authorization value based on a pass phrase string. A computer requires an owner authorization value to manage a TPM. </maml:para><maml:para>For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>ConvertTo-TpmOwnerAuth</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="2" aliases=""><maml:name>PassPhrase</maml:name><maml:description><maml:para>Specifies a pass phrase string. This cmdlet converts the pass phrase to an owner authorization value.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="2" aliases=""><maml:name>PassPhrase</maml:name><maml:description><maml:para>Specifies a pass phrase string. This cmdlet converts the pass phrase to an owner authorization value.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A user-supplied pass phrase string. </maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>An owner authorization value. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Convert to owner authorization value</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> ConvertTo-TpmOwnerAuth -PassPhrase "Saturn1977&&" puJvGK4O6Qvl0loP8r1bIxipDVo= </dev:code><dev:remarks><maml:para>This command converts the string Saturn1977&& to an owner authorization value. </maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306666</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Import-TpmOwnerAuth</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Set-TpmOwnerAuth</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Disable-TpmAutoProvisioning</command:name><maml:description><maml:para>Disables TPM auto-provisioning. </maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Disable</command:verb><command:noun>TpmAutoProvisioning</command:noun><dev:version /></command:details><maml:description><maml:para>The Disable-TpmAutoProvisioning cmdlet disables Trusted Platform Module (TPM) auto-provisioning. Provisioning is the process of preparing a TPM to be used. You can disable provisioning completely or only for the next restart. You can use the Enable-TpmAutoProvisioning cmdlet to enable auto-provisioning.</maml:para><maml:para>For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Disable-TpmAutoProvisioning</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases="b"><maml:name>OnlyForNextRestart</maml:name><maml:description><maml:para>Indicates that the cmdlet disables auto-provisioning only for the next computer restart. During the restart after that, auto-provisioning begins. </maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases="b"><maml:name>OnlyForNextRestart</maml:name><maml:description><maml:para>Indicates that the cmdlet disables auto-provisioning only for the next computer restart. During the restart after that, auto-provisioning begins. </maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue>False</dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>SwitchParameter</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para></maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>TpmObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A TpmObject object contains the following information: </maml:para><maml:para>-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards. -- TpmPresent. Whether there is a TMP on the current computer. -- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full. -- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner authorization value. If this value is False, the TPM can be reset through the operating system. -- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot. -- LockedOut. Whether a TPM is locked out. -- SelfTest. Information returned by a test that TPM runs. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Disable auto-provisioning</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Disable-TpmAutoProvisioning TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : True AutoProvisioning : Disabled LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command disables TPM auto-provisioning. You can use the Enable-TpmAutoProvisioning cmdlet to enable auto-provisioning.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>Example 2: Disable auto-provisioning for next restart</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Disable-TpmAutoProvisioning -OnlyForNextRestart TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : True AutoProvisioning : DisabledForNextBoot LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command disables TPM auto-provisioning for the next restart. In the next restart after that, auto-provisioning continues.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306667</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Enable-TpmAutoProvisioning</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Enable-TpmAutoProvisioning</command:name><maml:description><maml:para>Enables TPM auto-provisioning.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Enable</command:verb><command:noun>TpmAutoProvisioning</command:noun><dev:version /></command:details><maml:description><maml:para>The Enable-TpmAutoProvisioning cmdlet enables Trusted Platform Module (TPM) provisioning to occur during auto-provisioning. Provisioning is the process of preparing a TPM to be used. You can use the Disable-TpmAutoProvisioning cmdlet to prevent auto-provisioning, either permanently or for the next restart.</maml:para><maml:para>For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Enable-TpmAutoProvisioning</maml:name></command:syntaxItem></command:syntax><command:parameters></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name></maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>TpmObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A TpmObject object contains the following information: </maml:para><maml:para>-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards. -- TpmPresent. Whether there is a TMP on the current computer. -- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full. -- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner authorization value. If this value is False, the TPM can be reset through the operating system. -- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot. -- LockedOut. Whether a TPM is locked out. -- SelfTest. Information returned by a test that TPM runs. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Enable auto-provisioning</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Enable-TpmAutoProvisioning TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : True AutoProvisioning : Enabled LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command enables auto-provisioning for the current computer.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306668</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Disable-TpmAutoProvisioning</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Get-Tpm</command:name><maml:description><maml:para>Gets an object that contains information about a TPM.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Get</command:verb><command:noun>Tpm</command:noun><dev:version /></command:details><maml:description><maml:para>The Get-Tpm cmdlet gets a TpmObject. This object contains information about the Trusted Platform Module (TPM) on the current computer.</maml:para><maml:para>For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Get-Tpm</maml:name></command:syntaxItem></command:syntax><command:parameters></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name></maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>TpmObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A TpmObject object contains the following information: </maml:para><maml:para> -- TpmReady. Whether a TPM complies with Windows Server® 2012 standards. -- TpmPresent. Whether there is a TPM on the current computer -- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full. -- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner authorization value. If this value is False, the TPM can be reset through the operating system. -- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot. -- LockedOut. Whether a TPM is locked out. -- SelfTest. Information returned by a test that TPM runs. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Display TPM information</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Get-Tpm TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : True AutoProvisioning : Enabled LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command displays information about the TPM of the current computer.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306669</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Clear-Tpm</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Initialize-Tpm</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Unblock-Tpm</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Get-TpmEndorsementKeyInfo</command:name><maml:description><maml:para>Gets information about the endorsement key and certificates of the TPM. </maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Get</command:verb><command:noun>TpmEndorsementKeyInfo</command:noun><dev:version /></command:details><maml:description><maml:para>The Get-TpmEndorsementKeyInfo cmdlet gets information about the endorsement public key and certificates of the Trusted Platform Module (TPM).</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Get-TpmEndorsementKeyInfo</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="2" aliases=""><maml:name>HashAlgorithm</maml:name><maml:description><maml:para>Specifies the hash algorithm used for the public key. The acceptable values for this parameter are: Sha256.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="2" aliases=""><maml:name>HashAlgorithm</maml:name><maml:description><maml:para>Specifies the hash algorithm used for the public key. The acceptable values for this parameter are: Sha256.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>This accepts the name of the algorithm, as a string, used to hash the public key. Sha256 is the only supported algorithm. </maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>EndorsementKeyObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>This cmdlet generates an EndorsementKeyObject that contains the following members: </maml:para><maml:para>-- IsPresent. A Boolean that represents whether the endorsement public key is known to the operating system. -- PublicKey. An AsnEncodedData object that contains the asn.1 encoded public portion of the endorsement key. -- PublicKeyHash. The hash, as a String, of the public key if the cmdlet used a hash algorithm. -- ManufacturerCertificates. A X509Certificate2Collection object that contains the manufacturer endorsement key certificates. This object can contain the manufacturer and platform certificates. -- AdditionalCertificates. A X509Certificate2Collection object that contains a collection of additional endorsement key certificates that are registered to the operating system, such as any enterprise certificates.</maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Get endorsement key information</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Get-TpmEndorsementKeyInfo -Hash "Sha256" IsPresent : True PublicKey : System.Security.Cryptography.AsnEncodedData PublicKeyHash : 70769c52b6e24ef683693c2a0208da68d77e94192e1f4080ae7c9b97c6caa681 ManufacturerCertificates : {[Subject] OID.2.23.133.2.3=1.2, OID.2.23.133.2.2=C4T8SOX3.5, OID.2.23.133.2.1=id:782F345A [Issuer] CN=Contoso TPM CA1, OU=Contoso Certification Authority, O=Contoso, C=KR [Serial Number] 77A120A [Not Before] 6/4/2012 6:35:58 PM [Not After] 6/4/2022 6:35:57 PM [Thumbprint] 77378D1480AB48FEA2D4E610B2C7EEF648FEA2 } AdditionalCertificates : {} </dev:code><dev:remarks><maml:para>This command gets information about the endorsement key of the TPM. The command uses the Sha256 algorithm to hash the public key.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/?LinkID=309221</maml:uri></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Get-TpmSupportedFeature</command:name><maml:description><maml:para>Verifies whether a TPM supports specified features.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Get</command:verb><command:noun>TpmSupportedFeature</command:noun><dev:version /></command:details><maml:description><maml:para>The Get-TpmSupportedFeature cmdlet verifies whether a Trusted Platform Module (TPM) supports specified TPM features. Not all TPMs support all features.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Get-TpmSupportedFeature</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="2" aliases=""><maml:name>FeatureList</maml:name><maml:description><maml:para>Specifies feature names as a string collection. The cmdlet verifies the features that you specify. If you specify an empty collection, $Null, or do not include this parameter, the cmdlet verifies all features. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">StringCollection</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="2" aliases=""><maml:name>FeatureList</maml:name><maml:description><maml:para>Specifies feature names as a string collection. The cmdlet verifies the features that you specify. If you specify an empty collection, $Null, or do not include this parameter, the cmdlet verifies all features. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">StringCollection</command:parameterValue><dev:type><maml:name>StringCollection</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>StringCollection</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>This cmdlet accepts a collection of features to verify. </maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>StringCollection</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>This cmdlet generates a StringCollection object that contains features that the TPM of the computer supports. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Verify support for key attestation</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Get-TpmSupportedFeatures -FeatureList "Key Attestation" key attestation </dev:code><dev:remarks><maml:para>This command verifies whether TPM supports the key attestation feature. The cmdlet displays the string, key attestation, so TPM supports that feature. </maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/?LinkID=309222</maml:uri></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Import-TpmOwnerAuth</command:name><maml:description><maml:para>Imports a TPM owner authorization value to the registry. </maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Import</command:verb><command:noun>TpmOwnerAuth</command:noun><dev:version /></command:details><maml:description><maml:para>The Import-TpmOwnerAuth cmdlet imports a valid Trusted Platform Module (TPM) owner authorization value to the registry. </maml:para><maml:para>For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Import-TpmOwnerAuth</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Import-TpmOwnerAuth</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="2" aliases=""><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for the TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="2" aliases=""><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for the TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The owner authorization value for the TPM.</maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>TpmObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A TpmObject object contains the following information: </maml:para><maml:para>-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards. -- TpmPresent. Whether there is a TMP on the current computer. -- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full. -- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner authorization value. If this value is False, the TPM can be reset through the operating system. -- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot. -- LockedOut. Whether a TPM is locked out. -- SelfTest. Information returned by a test that TPM runs. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Import an owner authorization value</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Import-TpmOwnerAuth -OwnerAuthorization "Qn2sdCFQmvjf+tBtSWH4GT87sQs=" TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : Qn2sdCFQmvjf+tBtSWH4GT87sQs= OwnerClearDisabled : True AutoProvisioning : DisabledForNextBoot LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command imports the specified owner authorization value to the registry.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>Example 2: Import an owner authorization value from a file</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Import-TpmOwnerAuth -File "OwnAuthFile.tpm" TpmReady : False TpmPresent : True ManagedAuthLevel : Full OwnerAuth : OwnerClearDisabled : True AutoProvisioning : DisabledForNextBoot LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command imports the owner authorization value in the specified file to the registry.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306670</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>ConvertTo-TpmOwnerAuth</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Set-TpmOwnerAuth</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Initialize-Tpm</command:name><maml:description><maml:para>Performs part of the provisioning process for a TPM. </maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Initialize</command:verb><command:noun>Tpm</command:noun><dev:version /></command:details><maml:description><maml:para>The Initialize-Tpm cmdlet performs part of the provisioning process for a Trusted Platform Module (TPM). Provisioning is the process of preparing a TPM to be used. You may need to perform other steps to fully provision a TPM.</maml:para><maml:para>For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Initialize-Tpm</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases="c"><maml:name>AllowClear</maml:name><maml:description><maml:para>Indicates that the provisioning process clears the TPM, if necessary, to move the TPM closer to complying with Windows Server® 2012 standards.</maml:para></maml:description></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="3" aliases="p"><maml:name>AllowPhysicalPresence</maml:name><maml:description><maml:para>Indicates that the provisioning process may send physical presence commands that require a user to be present in order to continue. </maml:para></maml:description></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="2" aliases="c"><maml:name>AllowClear</maml:name><maml:description><maml:para>Indicates that the provisioning process clears the TPM, if necessary, to move the TPM closer to complying with Windows Server® 2012 standards.</maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="3" aliases="p"><maml:name>AllowPhysicalPresence</maml:name><maml:description><maml:para>Indicates that the provisioning process may send physical presence commands that require a user to be present in order to continue. </maml:para></maml:description><command:parameterValue required="false" variableLength="false">SwitchParameter</command:parameterValue><dev:type><maml:name>SwitchParameter</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>SwitchParameter</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>TpmProvisioningObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>This cmdlet returns a TpmProvisioningObject object that includes the following information: </maml:para><maml:para> -- TpmReady. Whether the TPM is complies with Windows Server® 2012 standards. -- RestartRequired. Whether the computer requires a restart to continue the provisioning process. -- ShutdownRequired. Whether the computer must be shut down to continue the provisioning process. -- ClearRequired. If this has a value of True, you must import an owner authorization value or remove the owner authorization value. -- PhysicalPresenceRequired. Whether a person must be at the computer during restart to continue the provisioning process. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Initialize a TPM</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Initialize-Tpm -ForceClearAllowed -PhysicalPresenceAllowed TpmReady : False RestartRequired : True ShutdownRequired : False ClearRequired : True PhysicalPresenceRequired : True </dev:code><dev:remarks><maml:para>This command initializes a TPM. The ForceClearAllowed parameter means that the owner authorization value needs to be imported or reset in order for provisioning to continue. The PhysicalPresenceAllowed parameter means that a user must be present during a restart to continue the process. </maml:para><maml:para>The cmdlet returns an object with information about the state of the provisioning process.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306671</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Clear-Tpm</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Get-Tpm</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Unblock-Tpm</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Set-TpmOwnerAuth</command:name><maml:description><maml:para>Changes the TPM owner authorization value. </maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Set</command:verb><command:noun>TpmOwnerAuth</command:noun><dev:version /></command:details><maml:description><maml:para>The Set-TpmOwnerAuth cmdlet changes the current owner authorization value of the Trusted Platform Module (TPM) to a new value. You can specify the current owner authorization value or specify a file that contains the current owner authorization value. If you do not specify an owner authorization value, the cmdlet attempts to read the value from the registry.</maml:para><maml:para>Use the ConvertTo-TpmOwnerAuth cmdlet to create an owner authorization value. You can specify a new owner authorization value or specify a file that contains the new value. </maml:para><maml:para>An owner authorization file is not a simply a password. It is generated for a specific system. For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Set-TpmOwnerAuth</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases="nf"><maml:name>NewFile</maml:name><maml:description><maml:para>Specifies a file that contains the new owner authorization value for a TPM. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Set-TpmOwnerAuth</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="named" aliases="no"><maml:name>NewOwnerAuthorization</maml:name><maml:description><maml:para>Specifies a new owner authorization value for a TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Set-TpmOwnerAuth</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="1" aliases="o"><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for a TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases="nf"><maml:name>NewFile</maml:name><maml:description><maml:para>Specifies a file that contains the new owner authorization value for a TPM. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Set-TpmOwnerAuth</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="1" aliases="o"><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for a TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="named" aliases="no"><maml:name>NewOwnerAuthorization</maml:name><maml:description><maml:para>Specifies a new owner authorization value for a TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases="nf"><maml:name>NewFile</maml:name><maml:description><maml:para>Specifies a file that contains the new owner authorization value for a TPM. </maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="True (ByValue)" position="named" aliases="no"><maml:name>NewOwnerAuthorization</maml:name><maml:description><maml:para>Specifies a new owner authorization value for a TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="false" position="1" aliases="o"><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for a TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name>String</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>The owner authorization value for the TPM. </maml:para></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>TpmObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A TpmObject object contains the following information: </maml:para><maml:para>-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards. -- TpmPresent. Whether there is a TMP on the current computer. -- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full. -- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner authorization value. If this value is False, the TPM can be reset through the operating system. -- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot. -- LockedOut. Whether a TPM is locked out. -- SelfTest. Information returned by a test that TPM runs. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><command:examples><command:example><maml:title>Example 1: Replace imported owner authorization value</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Set-TpmOwnerAuth -NewOwnerAuthorization "h4FCmNeWVNp5IMHxRfFL9QEq4vM=" TpmReady : True TpmPresent : True ManagedAuthLevel : Full OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM= OwnerClearDisabled : True AutoProvisioning : DisabledForNextBoot LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command replaces the current owner authorization value with the specified owner authorization value. The command does not specify the current owner authorization value, so the cmdlet attempts to find it in the registry. This command does not import the owner authorization value into the registry. After you run this command, you can use the Import-TpmOwnerAuth cmdlet to import the new value into the registry, if necessary.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>Example 2: Replace owner authorization value with value in file</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Set-TpmOwnerAuth -NewFile "NewOwnerAuth.tpm" TpmReady : True TpmPresent : True ManagedAuthLevel : Full OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM= OwnerClearDisabled : True AutoProvisioning : DisabledForNextBoot LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command replaces the current owner authorization value with the owner authorization value in the specified file. </maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example><command:example><maml:title>Example 3: Replace owner authorization value</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\> Set-TpmOwnerAuth -OwnerAuthorization "oaVq17hNcFS2KSnHwpZa4AlrWBo=" -NewOwnerAuthorization "h4FCmNeWVNp5IMHxRfFL9QEq4vM=" TpmReady : True TpmPresent : True ManagedAuthLevel : Full OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM= OwnerClearDisabled : True AutoProvisioning : DisabledForNextBoot LockedOut : False SelfTest : {191, 191, 245, 191...} </dev:code><dev:remarks><maml:para>This command replaces the specified owner authorization value with a new owner authorization value. </maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306672</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>ConvertTo-TpmOwnerAuth</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Import-TpmOwnerAuth</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10" xmlns:MSHelp="http://msdn.microsoft.com/mshelp"><command:details><command:name>Unblock-Tpm</command:name><maml:description><maml:para>Resets a TPM lockout.</maml:para></maml:description><maml:copyright><maml:para /></maml:copyright><command:verb>Unblock</command:verb><command:noun>Tpm</command:noun><dev:version /></command:details><maml:description><maml:para>The Unblock-Tpm cmdlet resets a Trusted Platform Module (TPM) lockout. TPM locks itself to prevent tampering or attack. This is called a lockout. To end a TPM lockout, you must provide a valid owner authorization value. You can enter an owner authorization value or specify a file that contains the value. If you do not provide a value, the cmdlet attempts to use a value stored in the registry. </maml:para><maml:para>For more information on TPM, see the <maml:navigationLink><maml:linkText>Trusted Platform Module Technology Overview</maml:linkText><maml:uri></maml:uri></maml:navigationLink> in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.</maml:para></maml:description><command:syntax><command:syntaxItem><maml:name>Unblock-Tpm</maml:name><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="2" aliases=""><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for the TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem><command:syntaxItem><maml:name>Unblock-Tpm</maml:name><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue></command:parameter></command:syntaxItem></command:syntax><command:parameters><command:parameter required="true" variableLength="false" globbing="false" pipelineInput="false" position="named" aliases=""><maml:name>File</maml:name><maml:description><maml:para>Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter><command:parameter required="false" variableLength="false" globbing="false" pipelineInput="true (ByValue)" position="2" aliases=""><maml:name>OwnerAuthorization</maml:name><maml:description><maml:para>Specifies the current owner authorization value for the TPM.</maml:para></maml:description><command:parameterValue required="true" variableLength="false">String</command:parameterValue><dev:type><maml:name>String</maml:name><maml:uri /></dev:type><dev:defaultValue></dev:defaultValue></command:parameter></command:parameters><command:inputTypes><command:inputType><dev:type><maml:name></maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description></maml:description></command:inputType></command:inputTypes><command:returnValues><command:returnValue><dev:type><maml:name>TpmObject</maml:name><maml:uri></maml:uri><maml:description><maml:para /></maml:description></dev:type><maml:description><maml:para>A TpmObject object contains the following information: </maml:para><maml:para>-- TpmReady. Whether a TPM complies with Windows Server® 2012 standards. -- TpmPresent. Whether there is a TMP on the current computer. -- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full. -- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner authorization value. If this value is False, the TPM can be reset through the operating system. -- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot. -- LockedOut. Whether a TPM is locked out. -- SelfTest. Information returned by a test that TPM runs. </maml:para></maml:description></command:returnValue></command:returnValues><command:terminatingErrors /><command:nonTerminatingErrors /><maml:alertSet><maml:title /><maml:alert><maml:para>Be sure to understand the protection logic TPM uses. The TPM allows at least one attempt to reset the TPM lockout by using the owner authorization value. For more information, see the <maml:navigationLink><maml:linkText>Reset the TPM Lockout</maml:linkText><maml:uri></maml:uri></maml:navigationLink> topic in the Technet library at http://technet.microsoft.com/en-us/library/dd851452.aspx.</maml:para></maml:alert><maml:alert></maml:alert></maml:alertSet><command:examples><command:example><maml:title>Example 1: Reset a lockout</maml:title><maml:introduction><maml:para></maml:para></maml:introduction><dev:code>PS C:\>Unblock-Tpm -OwnerAuthorization "vjnuW6rToM41os3xxEpjLdIW2gA=" </dev:code><dev:remarks><maml:para>This command resets a TPM lockout. The command specifies the owner authorization value vjnuW6rToM41os3xxEpjLdIW2gA=.</maml:para></dev:remarks><command:commandLines><command:commandLine><command:commandText /></command:commandLine></command:commandLines></command:example></command:examples><maml:relatedLinks><maml:navigationLink><maml:linkText>Online Version:</maml:linkText><maml:uri>http://go.microsoft.com/fwlink/p/?linkid=306673</maml:uri></maml:navigationLink><maml:navigationLink><maml:linkText>Clear-Tpm</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Get-Tpm</maml:linkText><maml:uri /></maml:navigationLink><maml:navigationLink><maml:linkText>Initialize-Tpm</maml:linkText><maml:uri /></maml:navigationLink></maml:relatedLinks></command:command> </helpItems> |