Show TPM Values

Version: SCCM 2012 R2 CU2

To create a report showing Trusted Platform Module Values or TPM Values, there are a few things that should be completed in advance.

1. Enable TPM in the BIOS – Machines should have the TPM values enabled in the BIOS either by doing this manually or using a vendor tool (for example CCTK for Dell machines). Please note, the Win32_TPM class will not be stored locally on machines (in the WMI repository) unless Windows can see the TPM hardware.

2. Enable the TPM WMI Class – The Win32_TPM class in Hardware Inventory will be disabled by default.  Please also note, the initial values for IsEnabled, IsActivated, and IsOwned do not exist in SCCM 2012 by default. Use the following instructions as described here to include Boolean properties representing these initial values:  Win32_TPM class in hardware inventory is missing data by default in Configuration Manager 2012

After a custom MOF file has been imported and Win32_TPM has been enabled, the hardware inventory options should look as follows: HWInventoryTPM

3. Verify TPM View in SQL – After allowing sufficient time for clients to report hardware inventory, a new view will appear in the CM database called v_GS_TPM.  TPM_View

4. Create Report – Use the below SQL query to create a report providing detailed TPM information like version and initial state values. This query will also do a series of joins to provide other useful information like hardware model, operating system, etc. Please note if any changes are made to the TPM, a reboot will be required to see updated initial state values for the TPM along with a hardware inventory refresh cycle.

SELECT distinct S.AD_Site_Name0 as 'AD-Site', CS.Manufacturer0 as 'Manufacturer',
(
CASE 
WHEN CSP.Version0 IS NULL THEN CS.Model0
WHEN CS.Manufacturer0 IN ('LENOVO','IBM') THEN CSP.Version0
ELSE CS.Model0
END
) AS Model, CS.Name0 as 'Name', TPM.SpecVersion0 as 'SpecVersion', TPM.IsActivated_InitialValue0 as 'IsActivated_InitialValue', TPM.IsEnabled_InitialValue0 as 'IsEnabled_InitialValue', TPM.IsOwned_InitialValue0 as 'IsOwned_InitialValue', OPSYS.Caption0 as 'OS', OPSYS.CSDVersion0 as 'ServicePack', GSBIOS.SMBIOSBIOSVersion0 as 'BIOS', GSBIOS.SerialNumber0 as 'Serial No.' 
FROM v_GS_COMPUTER_SYSTEM CS 
left outer join (SELECT Name0 as LenovoModel, Version0 FROM v_GS_COMPUTER_SYSTEM_PRODUCT) CSP ON CS.Model0 = CSP.LenovoModel
left join v_R_System S on S.ResourceID=CS.ResourceID
left join v_GS_OPERATING_SYSTEM OPSYS on CS.ResourceID = OPSYS.ResourceID
left join v_GS_PC_BIOS GSBIOS on CS.ResourceID = GSBIOS.ResourceID
join v_GS_TPM TPM on TPM.ResourceID=CS.ResourceID
Order by  S.AD_Site_Name0, CS.Manufacturer0, Model, CS.Name0

TPMReport