09-10-2019 08:03 AM
We started to test the Windows 10 version 1903 and both feature upgrade and bare metal deployment ended with an issue with the TPM on all computers testes (Yoga 260 and X1 Yoga).
The TPM driver version 10.0.18362.1 has en error on Device manager (Decive cannot start - error 10 - a protocol error was detected
between the driver and the device).
The reboot takes around 4 minutes and in the event viewer there are 4 errors under System:
"The Device Driver for the trusted Platform Module encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) being used.
"The initialization of the TPM failed. The TPM maybe in failure mode. contact the manufacturer"
Anyone experiencing the same type of error when migrating to 1903 ?
09-10-2019 09:15 AM
Haven't heard this before. What do you see in TPM.msc?
Try clearing the security chip in BIOS Setup -> Security -> Security Chip (this is usually hidden unless you cold boot into BIOS setup)
What version of Win10 were you previously deploying (before 1903). As a test, please try deploying that version to confirm the issue doesn't happen - this will rule out a hardware problem.
09-10-2019 09:56 AM - edited 09-10-2019 09:57 AM
Those machines you are upgrading to 1903...
Did you update the BIOS, and make sure the BIOS system setting "Use Optimized OS Defaults" is set to Enabled...? This should put the system in pure UEFI mode.
Check also that the TPM is in PTT or 2.0 mode
You need to have both set. They may not be if you upgraded the system from W7.
Oh, and yes, also clear the TPM, as previously advised...
09-10-2019 09:56 AM
TPM.MSC says "Compatible TPN cannot be found on this computer. Verify that this computer has a TPM 1.2 or later and it is tunred on in te BIOS."
Before 1903 all machines were 1803, with the TPMs fully working. We tested running an upgrade to 1903 and redeploying with 1903 (we have 5 machines in this situation, pretty much all machines we tested so far for the models impacted). In both cases the TPM drivers stopped working and the reboot is taking 3-4 minutes with an error in the Event Viewer (events 15 and 27)
I can redeploy one of them to make sure it is specific to the OS version, and not a hardware failure.
We have also Yoga 370, which is not showing the same issue. Only the Yoga 260 and teh X1.
09-10-2019 12:13 PM
For the machines upgraded from 1803: they were previously 1607, then 1803 and in the future 1903. When they were migrated from W7, we wiped and loaded all machines, changed the BIOS settings (TPM 2.0 and UEFI only) and have been working fine since then. The only thing we don't have is the configuration for OS Optimized Defaults as ENABLED. It is disabled, following Lenovo's directions.
Cleared the Security chip for one of the machines, updated the setting to ENABLE the OS Optimized Default and made sure TPm 2.0 is selected. Same issue. Before doing all this, I suspended bitlocker. Tried to resume and got an error saying there is no valid TPM to enable bilocker. So, even with the TPM not working fine, the machine was still configured with bitlocker.
We have around 5.000 users using Lenovo laptops with no issues related to the TPM, until now.
09-10-2019 02:32 PM
I deployed Win10 1903 + SCCM driver pack to a ThinkPad Yoga 260 and didn't have any trouble with the TPM. Have you tried a clean-install of Win10 1903 (not your corporate image) using the Microsoft ISO? I think you need to rule out a possible problem with your corporate image.