< Back
Clear-Tpm
Post
NAME Clear-Tpm
SYNOPSIS
Resets a TPM to its default state.
SYNTAX
Clear-Tpm [[-OwnerAuthorization] <String>] [<CommonParameters>]
Clear-Tpm -File <String> [<CommonParameters>]
DESCRIPTION
The Clear-Tpm cmdlet resets the Trusted Platform Module (TPM) to its default state. A reset removes the owner authorization value and any keys stored in
the TPM. To reset a TPM, you must provide a valid owner authorization value. You can enter an owner authorization value or specify a file that contains
the value. If you do not provide a value, the cmdlet attempts to use a value stored in the registry.
For more information on TPM, see the Trusted Platform Module Technology Overview (http://technet.microsoft.com/en-us/libr ... 31725.aspx) in the
TechNet library.
PARAMETERS
-File <String>
Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.
Required? true
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-OwnerAuthorization [<String>]
Specifies the current owner authorization value for the TPM.
Required? false
Position? 2
Default value none
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
String
This cmdlet accepts the owner authorization value for the TPM.
OUTPUTS
TpmObject
This cmdlet returns a TpmObject object contains the following information:
-- TpmReady. Whether a TPM complies with Windows Server???? 2012 standards.
-- TpmPresent. Whether there is a TMP on the current computer.
-- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full.
-- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner
authorization value. If this value is False, the TPM can be reset through the operating system.
-- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot.
-- LockedOut. Whether a TPM is locked out.
-- SelfTest. Information returned by a test that TPM runs.
Example 1: Reset TPM
PS C:\\> Clear-Tpm
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth :
OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}
This command resets the TPM. The command uses the owner authorization value stored in the registry instead of specifying a value or using a value in a
file.
Example 2: Reset TPM with a supplied authorization value
PS C:\\> Clear-Tpm -OwnerAuthorization "vjnuW6rToM41os3xxEpjLdIW2gA="
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}
This command resets the TPM by using the specified owner authorization value.
Example 3: Reset TMP using authorization value from file
PS C:\\> Clear-Tpm -File "MyOwnerAuthFile.tpm"
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth :
OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}
This command resets the TPM by using the owner authorization value included in the specified file.
RELATED LINKS
Online Version:
Get-Tpm
Initialize-Tpm
Unblock-Tpm
SYNOPSIS
Resets a TPM to its default state.
SYNTAX
Clear-Tpm [[-OwnerAuthorization] <String>] [<CommonParameters>]
Clear-Tpm -File <String> [<CommonParameters>]
DESCRIPTION
The Clear-Tpm cmdlet resets the Trusted Platform Module (TPM) to its default state. A reset removes the owner authorization value and any keys stored in
the TPM. To reset a TPM, you must provide a valid owner authorization value. You can enter an owner authorization value or specify a file that contains
the value. If you do not provide a value, the cmdlet attempts to use a value stored in the registry.
For more information on TPM, see the Trusted Platform Module Technology Overview (http://technet.microsoft.com/en-us/libr ... 31725.aspx) in the
TechNet library.
PARAMETERS
-File <String>
Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.
Required? true
Position? named
Default value none
Accept pipeline input? false
Accept wildcard characters? false
-OwnerAuthorization [<String>]
Specifies the current owner authorization value for the TPM.
Required? false
Position? 2
Default value none
Accept pipeline input? true (ByValue)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
String
This cmdlet accepts the owner authorization value for the TPM.
OUTPUTS
TpmObject
This cmdlet returns a TpmObject object contains the following information:
-- TpmReady. Whether a TPM complies with Windows Server???? 2012 standards.
-- TpmPresent. Whether there is a TMP on the current computer.
-- ManagedAuthLevel. The level at which the operating system manages the owner authorization. Possible values are Legacy, Balanced, and Full.
-- OwnerClearDisabled. Whether TPM can be reset. If this value is True, the TPM cannot be reset through the operating system by using the owner
authorization value. If this value is False, the TPM can be reset through the operating system.
-- AutoProvisioning. Whether the computer can use auto-provisioning. Possible values are NotDefined, Enabled, Disabled, and DisabledForNextBoot.
-- LockedOut. Whether a TPM is locked out.
-- SelfTest. Information returned by a test that TPM runs.
Example 1: Reset TPM
PS C:\\> Clear-Tpm
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth :
OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}
This command resets the TPM. The command uses the owner authorization value stored in the registry instead of specifying a value or using a value in a
file.
Example 2: Reset TPM with a supplied authorization value
PS C:\\> Clear-Tpm -OwnerAuthorization "vjnuW6rToM41os3xxEpjLdIW2gA="
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}
This command resets the TPM by using the specified owner authorization value.
Example 3: Reset TMP using authorization value from file
PS C:\\> Clear-Tpm -File "MyOwnerAuthFile.tpm"
TpmReady : False
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth :
OwnerClearDisabled : True
AutoProvisioning : Disabled
LockedOut : False
SelfTest : {191, 191, 245, 191...}
This command resets the TPM by using the owner authorization value included in the specified file.
RELATED LINKS
Online Version:
Get-Tpm
Initialize-Tpm
Unblock-Tpm