Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper resistant, and malicious software is unable to tamper with the security functions of the TPM.
Some of the Microsoft features that TPM can co-work with are BitLocker, Virtual Smart Card, Secure boot etc. TPM comes in 2 versions TPM 1.2 and TPM 2.0 (latest).
Dell is the first OEM to enable TPM 2.0 support on its 13G PowerEdge Servers running Microsoft Windows Server 2012 R2. Below is the list of Servers that we support currently for this enablement,
For enabling the TPM 2.0 on Dell PowerEdge Servers please refer to the below steps:
The boot mode on Dell PowerEdge Servers with TPM 2.0 and running windows (2012 and later) must be set to UEFI. Attempting to use TPM 2.0 in legacy BIOS mode will keep the TPM status in “TPM is ready for use, with reduced functionality”.
Refer this Microsoft KB for more details: https://support.microsoft.com/en-us/kb/3123365
There is a known issue with TPM 2.0 and Windows Server 2012 R2 and below is the hotfix for the same,
TPM 2.0 hotfix:
TPM 2.0 module is not detected on Windows Server 2012 R2 by default. Microsoft recommends to install the following update carrying the fix for TPM 2.0 to be recognized by the OS and function normally.
Refer this Microsoft KB for more details: https://support.microsoft.com/en-us/kb/3095701
Refer this Microsoft download page for the update package: https://www.microsoft.com/en-us/download/details.aspx?id=49480
TPM 1.2 vs TPM 2.0 differences
Configuring TPM 2.0 on Dell PowerEdge Servers