But wouldn't you want to own the tpm chip, if you don't own the chip then you cant manage it remotely once the machine has been joined to the domain.
John Bain - CIC Engineering [email protected]<mailto:[email protected]> Office: JETS B657 | Tel: 613-954-2536 | Fax: 613-952-7171 From: [email protected] [mailto:[email protected]] On Behalf Of Jeremy Sihassen Sent: May 6, 2014 10:23 AM To: [email protected] Subject: Re: [MDT-OSD] Is it worth managing TPM ownership If ownership is already taken then an error code will be thrown. Just continue on error or add the error code to the success list. Ownership will stay the same and bitlocker will be enabled. Le 6 mai 2014 16:12, "Bain.John" <[email protected]<mailto:[email protected]>> a écrit : Hey Guys and Gals, I've been working with MDT 2013 and Windows 7 and we are currently looking to add bitlocker to our deployment process. Ive been mentally going through the various scenarios that a workstation may be in and have come to a problem. In a refresh scenario how are people handling a TPM chip that has already been owned ? I would preferably like for a technician to start a deployment and then walk away but with a tpm chip that has already been owned this doesn't seem possible. A tech would need to clear the tpm owner before starting the deployment and clearing the owner without knowing the owner password requires a reboot and a bios prompt. Would it be better to initialize the tpm chip with a random password and not worry about managing the TPM chips ? John
