PowerShell Logo Small

Set-TpmOwnerAuth



This is the built-in help made by Microsoft for the command 'Set-TpmOwnerAuth', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Changes the TPM owner authorization value.

SYNTAX


Set-TpmOwnerAuth -File <String> -NewFile <String> [<CommonParameters>]
Set-TpmOwnerAuth -File <String> -NewOwnerAuthorization <String> [<CommonParameters>]
Set-TpmOwnerAuth [[-OwnerAuthorization] <String>] -NewFile <String> [<CommonParameters>]
Set-TpmOwnerAuth [[-OwnerAuthorization] <String>] -NewOwnerAuthorization <String> [<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Set-TpmOwnerAuth cmdlet changes the current owner authorization value of the Trusted Platform Module (TPM) to a new value. You can specify the current owner
authorization value or specify a file that contains the current owner authorization value. If you do not specify an owner authorization value, the cmdlet attempts to read
the value from the registry.


Use the ConvertTo-TpmOwnerAuth cmdlet to create an owner authorization value. You can specify a new owner authorization value or specify a file that contains the new value.


An owner authorization file is not a simply a password. It is generated for a specific system. For more information on TPM, see the Trusted Platform Module Technology
Overview in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.



<

RELATED LINKS

Online Version: http://go.microsoft.com/fwlink/p/?linkid=306672
ConvertTo-TpmOwnerAuth
Import-TpmOwnerAuth

REMARKS

<

Examples


Example 1: Replace imported owner authorization value

PS C:\> Set-TpmOwnerAuth -NewOwnerAuthorization "h4FCmNeWVNp5IMHxRfFL9QEq4vM="
TpmReady : True
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}



This command replaces the current owner authorization value with the specified owner authorization value. The command does not specify the current owner authorization value,
so the cmdlet attempts to find it in the registry. This command does not import the owner authorization value into the registry. After you run this command, you can use the
Import-TpmOwnerAuth cmdlet to import the new value into the registry, if necessary.




Example 2: Replace owner authorization value with value in file

PS C:\> Set-TpmOwnerAuth -NewFile "NewOwnerAuth.tpm"
TpmReady : True
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}



This command replaces the current owner authorization value with the owner authorization value in the specified file.




Example 3: Replace owner authorization value

PS C:\> Set-TpmOwnerAuth -OwnerAuthorization "oaVq17hNcFS2KSnHwpZa4AlrWBo=" -NewOwnerAuthorization "h4FCmNeWVNp5IMHxRfFL9QEq4vM="
TpmReady : True
TpmPresent : True
ManagedAuthLevel : Full
OwnerAuth : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning : DisabledForNextBoot
LockedOut : False
SelfTest : {191, 191, 245, 191...}



This command replaces the specified owner authorization value with a new owner authorization value.