I am looking for a way to determine if the TPM is present on Windows 7 and later workstations. I accept that in some cases the chip may be present but turned off in the bios. I can accept that fault tolerance in reporting.
I am currently trying:
(exists wmi "root\CIMv2\Security\MicrosoftTPM")
under the impression that if there is no TPM there will be no MicrosoftTPM in this WMI space.
Does anyone have a better idea or experience with this task?
Thank you!
// TPM Chip Activation Status
if (exists wmi "root\CIMV2\Security\MicrosoftTpm") then ((if (exists (select objects "IsActivated_InitialValue from Win32_Tpm" of wmi "root\CIMV2\Security\MicrosoftTpm") whose ((string value of property "IsActivated_InitialValue" of it = "True") )) then "Activated" ELSE "Not Activated") as string) else "Undetected"If these are Dell systems, then you can install Dell Command Monitor and it will give you much more detailed information about the state of the hardware through WMI. Vendors other than Dell may have equivalent functionality.
TPM PPI ACPI Support
tuple string item ( (it - 1) of integer (string value of selects "CurrentValue from DCIM_BIOSEnumeration where AttributeName='TPM PPI ACPI Support'" of wmi "root\dcim\sysman") ) of concatenation ", " of (string values of selects "PossibleValuesDescription from DCIM_BIOSEnumeration where AttributeName='TPM PPI ACPI Support'" of wmi "root\dcim\sysman") | ERROR "UNKNOWN"
Trusted Execution
tuple string item ( (it - 1) of integer (string value of selects "CurrentValue from DCIM_BIOSEnumeration where AttributeName='Trusted Execution'" of wmi "root\dcim\sysman") ) of concatenation ", " of (string values of selects "PossibleValuesDescription from DCIM_BIOSEnumeration where AttributeName='Trusted Execution'" of wmi "root\dcim\sysman") | ERROR "UNKNOWN"
See BigFix.Me for more.
Related: TPM WMI Query Fails To Debug