Cmdlets

Choose a cmdlet from the list on the left or search for a specific cmdlet. Choose a cmdlet from the list or search for a specific cmdlet.
About Help  Providers
 

Set-TpmOwnerAuth

Set-TpmOwnerAuth

microsoft.tpm.commands.dll

Synopsis

Changes the TPM owner authorization value.

Syntax

Set-TpmOwnerAuth [-File] [-NewFile] [<CommonParameters>]

Set-TpmOwnerAuth [-File] [-NewOwnerAuthorization] [<CommonParameters>]

Set-TpmOwnerAuth [-OwnerAuthorization] [-NewFile] [<CommonParameters>]

Set-TpmOwnerAuth [-OwnerAuthorization] [-NewOwnerAuthorization] [<CommonParameters>]

Detailed Description

The Set-TpmOwnerAuth cmdlet changes the current owner authorization value of the Trusted Platform Module (TPM) to a new value. You can specify the current owner authorization value or specify a file that contains the current owner authorization value. If you do not specify an owner authorization value, the cmdlet attempts to read the value from the registry.

Use the ConvertTo-TpmOwnerAuth cmdlet to create an owner authorization value. You can specify a new owner authorization value or specify a file that contains the new value.

An owner authorization file is not a simply a password. It is generated for a specific system. For more information on TPM, see the Trusted Platform Module Technology Overview in the Technet library at http://technet.microsoft.com/en-us/library/jj131725.aspx.

Parameters

-File <String>

Specifies a file that contains the current owner authorization value for the TPM. You can use the TPM Management Console to create this file.

Aliases

None

Required?

true

Position

named

Default value

None

Accept pipeline input?

false

Accept wildcard characters?

false

-NewFile <String>

Specifies a file that contains the new owner authorization value for a TPM.

Aliases

nf

Required?

true

Position

named

Default value

None

Accept pipeline input?

false

Accept wildcard characters?

false

-NewOwnerAuthorization <String>

Specifies a new owner authorization value for a TPM.

Aliases

no

Required?

true

Position

named

Default value

None

Accept pipeline input?

True (ByValue)

Accept wildcard characters?

false

-OwnerAuthorization <String>

Specifies the current owner authorization value for a TPM.

Aliases

o

Required?

false

Position

1

Default value

None

Accept pipeline input?

false

Accept wildcard characters?

false

Input Type

String

Return Type

TpmObject

Notes

None

Examples

Example 1: Replace imported owner authorization value

This command replaces the current owner authorization value with the specified owner authorization value. The command does not specify the current owner authorization value, so the cmdlet attempts to find it in the registry. This command does not import the owner authorization value into the registry. After you run this command, you can use the Import-TpmOwnerAuth cmdlet to import the new value into the registry, if necessary.

PS C:\> Set-TpmOwnerAuth -NewOwnerAuthorization "h4FCmNeWVNp5IMHxRfFL9QEq4vM="
TpmReady           : True
TpmPresent         : True
ManagedAuthLevel   : Full
OwnerAuth          : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning   : DisabledForNextBoot
LockedOut          : False
SelfTest           : {191, 191, 245, 191...} 

Example 2: Replace owner authorization value with value in file

This command replaces the current owner authorization value with the owner authorization value in the specified file.

PS C:\> Set-TpmOwnerAuth -NewFile "NewOwnerAuth.tpm"
TpmReady           : True
TpmPresent         : True
ManagedAuthLevel   : Full
OwnerAuth          : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning   : DisabledForNextBoot
LockedOut          : False
SelfTest           : {191, 191, 245, 191...} 

Example 3: Replace owner authorization value

This command replaces the specified owner authorization value with a new owner authorization value.

PS C:\> Set-TpmOwnerAuth -OwnerAuthorization "oaVq17hNcFS2KSnHwpZa4AlrWBo=" -NewOwnerAuthorization "h4FCmNeWVNp5IMHxRfFL9QEq4vM="
TpmReady           : True
TpmPresent         : True
ManagedAuthLevel   : Full
OwnerAuth          : h4FCmNeWVNp5IMHxRfFL9QEq4vM=
OwnerClearDisabled : True
AutoProvisioning   : DisabledForNextBoot
LockedOut          : False
SelfTest           : {191, 191, 245, 191...} 

Online Version
ConvertTo-TpmOwnerAuth
Import-TpmOwnerAuth