Easy Way to Check TPM Status from Command Line

Prajwal Desai
Posted by Prajwal Desai

If you have a question – Can I check TPM status from command line during OSD ?. The answer is yes. You can find a lot about TPM status by running a simple command. We will jump onto that but let’s see a bit about TPM.

It is quite some time ago, I had shared a post on enabling BitLocker on Windows 10 without TPM. BitLocker is an encryption feature available in Windows 10 Professional and Enterprise editions. However, it requires a Trusted Platform Module (TPM) on the system. Furthermore, BitLocker provides the best security when used with TPM.

What is Trusted Platform Module

As per Microsoft “A Trusted Platform Module (TPM) is a microchip designed to provide basic security-related functions, primarily involving encryption keys. The TPM comes installed on motherboard of a computer, and it communicates to the system by using a hardware bus”. You can read more about TPM fundamentals here.

Check TPM Status from the Command Line

Coming to the actual topic, some organizations require TPM to be enabled and activated before you image the machine. The TS halts if TPM isn’t enabled (that’s the way the TS is configured). The task sequence checks the TPM status and halts if it is not activated. For example, I had covered an issue about BitLocker Error Configuration change was requested to disable TPM.

Ad imageAd image

To Check TPM Status from Command Line

  • Press F8 key while you are in WinPE phase.
  • Enter the below command to get the TPM status.
wmic /namespace:\\root\CIMV2\Security\MicrosoftTpm path Win32_Tpm get /value

To find out if TPM on a computer is Enabled, Activated and Owned, enter the below commands.

wmic /namespace:\\root\cimv2\security\microsofttpm path win32_tpm get IsEnabled_InitialValue
wmic /namespace:\\root\cimv2\security\microsofttpm path win32_tpm get IsActivated_InitialValue
wmic /namespace:\\root\cimv2\security\microsofttpm path win32_tpm get IsOwned

Here is what you see as output when you enter the above command.

Check TPM Status from Command Line
Check TPM Status from Command Line

From the above screenshot we see several options in the output. We see Manufacturer ID, version. In addition to that, we see the TPM version and SpecVersion. The TPM version is either 1.2 or 2.0. Most of all, the first three lines of output mean a lot.

Share This Article
Prajwal Desai
Posted by Prajwal Desai
Prajwal Desai is a Microsoft MVP in Intune and SCCM. He writes articles on SCCM, Intune, Windows 365, Windows Server, Windows 11, WordPress and other topics, with the goal of providing people with useful information.