Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Remotely enable TPM on Dell Computers

Sep 9, 2013 4:05AM PDT

Does anyone know a good way to remotely enable the TPM on dell laptops. I am looking to do this on all laptop on my domian.
Most our computers are running either windows 7 enterprise or ultimate and are the Dell Lattitude series

Discussion is locked

- Collapse -
Answer
Absolutely.
Sep 9, 2013 4:09AM PDT
- Collapse -
Answer
And absolutely not.
Sep 9, 2013 4:20AM PDT

Read http://en.community.dell.com/techcenter/os-applications/w/wiki/how-to-enable-trusted-platform-module-using-a-configmgr-2007-task-sequence.aspx and you see many prerequisites to get this enabled.

One of them is to set something in the BIOS and most IT staffers never deployed the systems with remote management that allowed such changes.

There's also some issue that not all Latitudes had the TPM chip. https://neosmart.net/forums/showthread.php?t=4154 is such a discussion so here's my final thought on this.

-> I've seen IT staff get fired over destroying a company's ability to carry on business in the name of security. I can't guess why you want to do this or why it must be done remotely but there's a lot of work you would have done up front to enable this later. I could take bets that the IT didn't prepare for this.
Bob

- Collapse -
Bitlocker
Sep 9, 2013 6:31AM PDT

I need to enable TPM so that we can enable bitlocker. You cant have one without the other. There are over a 100 employees in the company and doing them all one by one is just not an option. So I was hoping that there is something that could be ran or pushed through GPO. I've been looking into this and I have a script that when ran from the computer will enable the TPM upon reboot but when I put that script into a GPO it doesn't work. I already have the Bitlocker GPO configures so if the TPM is enabled when users in that OU log in it will turn bitlocker on and start drive encryption. So now my last step is to figure out the most effective way to enable the TPM on over 100 computers.

- Collapse -
Then absolutely not.
Sep 10, 2013 5:43AM PDT
- Collapse -
TPM
Sep 11, 2013 9:26AM PDT

Thanks for the link. I've seen the bitlocker without a TPM but having to enter the key everytime the computers starts wont wont. With the TPM as long as no changes are made then the computer boots without question. From what I can find I will just need to turn TPM manually... its not going to be a great process.

- Collapse -
From the past.
Sep 11, 2013 9:29AM PDT

I can write that long ago this was possible with some Intel remote access system. It was very long ago but you would call up Intel's own remote admin and Intel had everything in the BIOS all set for remote management.

However today I think such would be too dangerous to put on the net.
Bob