Friday, January 13, 2017

Retrieve TPM Module Version Using PowerShell

Hi folks,

I would love to share with you two quick ways to retrieve version of TPM module. What is TPM module and how it helps in BitLocker encryption you can find here.

I found it thanks to this article from Dell. I have adapted this command to retrieve the hostname and version of TPM module installed there. My code looks like below:

Get-WMIObject –class Win32_Tpm –Namespace root\cimv2\Security\MicrosoftTpm |select PsComputerName,SpecVersion

This will produce output as below:

The SpecVersion corresponds to the version of the TPM module. Above is the output for TPM 2.0

Finally, there is a nice way to report it for more than one server remotely. This can be achieved by using TPM management module which has been published here in TechNet gallery. ZIP file can be downloaded from the same link and exported. After which module needs to be imported into PS session. Since in my case I'm trying to report information on TPM module installed on Exchange servers I imported it to EMS session.

The command Get-OSCTPMChip is needed to retrieve information from the computer and can be run against remote computers. For it to work successfully you will need to create variable for credentials.

I have composed the below code to connect to all Exchange 2016 servers in the environment and retrieve server host name and TPM module version:

$Cred = Get-Credential
Import-Module 'C:\Scripts\GetTPMChipsStatus (PowerShell)\GetTPMChipsStatus.psm1'
$Exch2016 = Get-ExchangeServer | where-object {$_.AdminDisplayVersion -like "*Version 15.1*"}
$Exch2016 |foreach {Get-OSCTPMChip -ComputerName $_.Name -Credential $Cred} |select ComputerName,SpecVersion |Export-Csv C:\Scripts\TPMExchangeReport.csv

I hope you will find it useful.