Powershell allows you quick commands to find TPM (Trusted Platform Module) compatibility and presence on a Windows computer. TPM and SecureBoot are mandatory conditions for installing Windows 11 or upgrading from Windows 10 to Windows 11 on a computer.
You can check TPM and Secure Boot compatibility through the control panel. However, Powershell can be quicker and easier in fetching TPM and Secure Boot capabilities on a Windows computer.
Below, we will take a look at the Powershell cmdlets that can bring up the status of TPM (Trusted Platform Module) on the Windows computer.
To get TPM and Secure Boot status on your Windows 11 computer using Powershell, you will need to run Powershell as an administrator.
Get-TPM
The Get-TPM cmdlet will bring up a window with the current status of TPM on the computer. If your system is compatible with TPM, you should see TPMReady status as ‘TRUE’. The screenshot from a notebook computer that is compatible with TPM standards is shared below. You can see that it has TPMReady set to ‘TRUE’.
You can also use the following command to get the TPM compatibility status directly:
Get-TPM | Select TPMReady
This command’s output will check for the TPMReady status and report back in the form of the screenshot shared below. You can see that the command output shows ‘True’ or ‘False’. The output depends upon a computer’s compatibility with the TPM chip.
Another important part to note in this cmdlet is the status of TPMEnabled attribute. There may be cases wherein the TPM is available on the computer, but it is not enabled. To check if TPM is enabled on a Windows computer, you can use the following Powershell command directly:
Get-TPM | Select TPMEnabled
The command output will state TRUE or FALSE values, as per the screenshot displayed below.
If your system has TPMReady status ‘True’, but TPMEnabled is ‘False’, you will need to enable TPM on your computer. This is akin to initializing TPM on your computer.
To enable TPM on your computer, you can use the following command:
Initialize-TPM
The Initialize-TPM cmdlet will initiate the TPM provisioning process on your computer.
When you type the ‘initialize-tpm’ command on the Powershell command prompt, you will get a command output that may look like the one shared below in the screen capture. Since TPM is already enabled on the computer, you can see that the status of TPMReady is ‘True’. No further action is needed and hence all the other items of the command output are set to ‘False’.
For a system that is not enabled with TPM, the initialize-tpm command will begin the provisioning process for TPM. The following switch options for the initialize-tpm command are available:
- TpmReady. Whether the TPM is complies with latest Windows standards.
- RestartRequired. Whether the computer requires a restart to continue the provisioning process.
- ShutdownRequired. Whether the computer must be shut down to continue the provisioning process.
- ClearRequired. If this has a value of True, you must import an owner authorization value or remove the owner authorization value.
- PhysicalPresenceRequired. Whether a person must be at the computer during restart to continue the provisioning process.
Summary
In this tutorial, we have gone through Powershell commands to check the status of TPM on your computer. We also discussed a Powershell cmdlet to initialize or enable TPM on a computer that is compatible with TPM standards.
Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.