Configure the system to clear the TPM if it is not in a ready state.

Supported OS tags: Windows10, Windows10RT, Windows11, WindowsServer2016

This policy setting configures the system to prompt the user to clear the TPM if the TPM is detected to be in any state other than Ready. This policy will take effect only if the system’s TPM is in a state other than Ready, including if the TPM is “Ready, with reduced functionality”. The prompt to clear the TPM will start occurring after the next reboot, upon user login only if the logged in user is part of the Administrators group for the system. The prompt can be dismissed, but will reappear after every reboot and login until the policy is disabled or until the TPM is in a Ready state.

This policy has no additional user input fields.

• Computer
  Configure the level of TPM owner authorization information available to the operating system

  At least Windows Server 2012, Windows 8 or Windows RT
• Computer
  Configure the list of blocked TPM commands

  At least Windows Vista
• Computer
  Configure the system to use legacy Dictionary Attack Prevention Parameters setting for TPM 2.0.

  At least Windows Server 2016, Windows 10 Version 1703
• Computer
  Ignore the default list of blocked TPM commands

  At least Windows Vista
• Computer
  Ignore the local list of blocked TPM commands

  At least Windows Vista
• Computer
  Standard User Individual Lockout Threshold

  At least Windows Server 2012, Windows 8 or Windows RT
• Computer
  Standard User Lockout Duration

  At least Windows Server 2012, Windows 8 or Windows RT
• Computer
  Standard User Total Lockout Threshold

  At least Windows Server 2012, Windows 8 or Windows RT