After posting on this topic for Toshiba machines I was going to do the same for Hewlett-Packard machines today, but there is a fair bit of information out there already on this topic so I will not repeat it. There wasn't when I originally built my task sequences in 2010 for our HP fleet and it took me a while to discover how to do it. Anyway, here are a several of good links:
Wednesday 30 May 2012
Friday 25 May 2012
Checking if TPM is Enabled and Activated
Yesterday I posted about a tool that you can use to configure TPM on Toshiba machines. In our task sequence we also check to see if TPM is already enabled and activated and skip running the TPM tool if it is. How?
We just have the following two WMI queries as conditions on in the task sequence group where that contains the task sequence action that runs the Toshiba tool. The other task sequence action in this group is a 'Restart Computer' TSA.
Query One
WMI Namespace:
root\CIMV2\Security\MicrosoftTpm
SQL Query:
SELECT * FROM Win32_Tpm WHERE IsEnabled_InitialValue = FALSE
Query Two
WMI Namespace:
root\CIMV2\Security\MicrosoftTpm
SQL Query:
SELECT * FROM Win32_Tpm WHERE IsActivated_InitialValue = FALSE
The Deployment Guys at Microsoft have a more sophisticated way of doing this. See their post over here:
http://blogs.technet.com/b/deploymentguys/archive/2010/12/22/check-to-see-if-the-tpm-is-enabled.aspx
We just have the following two WMI queries as conditions on in the task sequence group where that contains the task sequence action that runs the Toshiba tool. The other task sequence action in this group is a 'Restart Computer' TSA.
Query One
WMI Namespace:
root\CIMV2\Security\MicrosoftTpm
SQL Query:
SELECT * FROM Win32_Tpm WHERE IsEnabled_InitialValue = FALSE
Query Two
WMI Namespace:
root\CIMV2\Security\MicrosoftTpm
SQL Query:
SELECT * FROM Win32_Tpm WHERE IsActivated_InitialValue = FALSE
The Deployment Guys at Microsoft have a more sophisticated way of doing this. See their post over here:
http://blogs.technet.com/b/deploymentguys/archive/2010/12/22/check-to-see-if-the-tpm-is-enabled.aspx
Thursday 24 May 2012
Toshiba, TPM and Task Sequences
TPM can be activated on Toshiba notebooks using the 'Toshiba TPM Control Utility'.
This utility allows the activation of TPM and can suppress the prompt to
authorise this activation at the next reboot. At time of writing, the utility is not available on the Toshiba web site, but talk to you sales team and your sales engineer should be able to source it for you.
This tool, when packaged in Configuration Manager and called using a ConfigMgr program causes the Task Sequence to fail, I'm not sure why. However, using a 'Run Command Line' task sequence action instead gets around this problem. Package the utility in a software package but instead of creating a program just use the following command from a Run Command Line task sequence action and reference the package with the utility in it.
TTpmCtrl.exe /Enable /NoPPIProvision
This tool, when packaged in Configuration Manager and called using a ConfigMgr program causes the Task Sequence to fail, I'm not sure why. However, using a 'Run Command Line' task sequence action instead gets around this problem. Package the utility in a software package but instead of creating a program just use the following command from a Run Command Line task sequence action and reference the package with the utility in it.
TTpmCtrl.exe /Enable /NoPPIProvision
Friday 11 May 2012
Hello World
So I thought I'd give blogging a go as a way of saving things I learn as I build and support IT solutions. This blog is starting off as something for me, but if the information becomes useful for others, who knows where it might go.
Now all I have to do is come up with what I'll post first.
Now all I have to do is come up with what I'll post first.
Subscribe to:
Posts (Atom)