Hello everyone. It’s Rafal Sosnowski from Microsoft Dubai Security PFE Team. Today we will focus on TPM Owner Password – quite misunderstood secret that is usually linked to the Bitlocker.
TPM (Trusted Platform Module) is a small chip on the motherboard (discrete TPM) or part of the CPU implementation (firmware TPM) where we can store secret information (private keys, virtual smartcards, Bitlocker keys etc.). TPM is also responsible for measuring integrity of the platform when used with Bitlocker, Measured Boot or Devide Health Attestation.
To use TPM you need to enable it in the BIOS/UEFI. During this process, special TPM Owner Password gets generated. This password can be later used to reset TPM Lockout state. TPM can go into the lockout state when too many incorrect authorization attempts are made to get access to these secrets. For example, when user enters too many incorrect PINs when prompted by Bitlocker pre-boot authentication or by virtual smartcard.
For older Operating Systems (Windows Vista/Windows 7) TPM had to be manually initialized from the tpm.msc (or from Bitlocker configuration wizard). During that process user had opportunity to save TPM Owner Password to a file.
For never operating systems (Windows 8.1/10) TPM is auto-provisioned – that means TPM is automatically activated after OS installation and in case of failure in repetitive attempts during the OS lifetime (triggered by scheduled task). Windows uses the randomly-generated Lockout Auth to provision the TPM, then destroys the Lockout Auth without ever revealing it to the user. However, depending on the GPO settings shown below, TPM Owner Password can be stored additionally in the registry. This GPO is located under:
Computer Configuration\Administrative Templates\System\Trusted Platform Module Services\
Configure the level of TPM owner authorization information available to the operating system
When GPO is configured to store Full authentication data, TPM Owner password will be stored as “OwnerAuthFull” in the registry:
When GPO is configured with option “Delegated” or “None” – TPM Owner Password will not be stored additionally in the registry during (auto)provisioning.
Note: “LockoutHash” value has nothing to do with TPM Owner Password.
As said before, TPM Owner Password can be useful when TPM got locked out and in some scenarios, it is important to store it in central and secure location for your computers.
There are 2 ways of doing this:
1) MBAM Infrastructure – MBAM agent (Microsoft Bitlocker Administration and Monitoring) is capable of saving TPM Owner Password from the registry to the MBAM SQL Database. Of course this is for scenarios where we use Bitlocker on the machine and have MBAM infrastructure set up. This also assumes that:
a. TPM Owner Password is stored as “Full” in the registry
b. MBAM agent is responsible for initializing and taking ownership of the TPM
2) Active Directory – Windows Clients are capable of exporting TPM Owner Password to computer attributes in AD. This assumes that:
a. Client has connectivity to AD during export
b. GPO “Turn on TPM backup to Active Directory Domain Services” is enabled
Note: In most cases when you install MBAM agent TPM is already initialized automatically by the system. You can disable this behavior via PowerShell cmdlet Disable-TpmAutoProvisioning, clear TPM and let MBAM take ownership of it. When MBAM agent initializes TPM, it will escrow TPM Owner PWD to the SQL Database and delete it from registry, despite of “OwnerAuthFull” value in the registry.
TPM Owner Password in AD
When you initialize TPM from tpm.msc or via Bitlocker wizard in Control Panel, process called tpminit.exe will communicate with TPM and initialize it. During this time, random TPM Owner Password gets generates by leveraging TPM RNG (Random Number Generator).
Now if the GPO “Turn on TPM backup to Active Directory Domain Services” is enabled, your TPM Owner password will be escrowed to one of the attributes in Active Directory:
For Windows 7
TPM Owner password is stored in msTPM-OwnerInformation attribute of the Computer object.
For Windows 8 and above:
TPM Owner Password is stored in the msTPM-OwnerInformation attribute of the TPM object. This object is stored in the TPM Devices container located in the root of your domain.
This attribute is back linked to the Computer object by using msTPM-OwnerInformationForComputer attribute.
For Windows 10 1607 and above:
TPM Owner Password is not stored in the AD at all. Even though you can configure GPO on previous operating system (Windows 8/Windows Server 2012 R2) “Turn on TPM backup to Active Directory Domain Services” or registry keys directly on the client machine:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\TPM\ActiveDirectoryBackup = 1
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\TPM RequireActiveDirectoryBackup = 1
Windows 10 1607 will ignore these values.
Another thing which is worth to mention that GPO
Computer Configuration\Administrative Templates\System\Trusted Platform Module Services\Turn on TPM backup to Active Directory Domain Services
has been removed from ADMX templates in Windows 10 1607 and Windows Server 2016. Thus most of information provided in this article is for pre Windows 10 1607 editions.
TPM object and permissions
TPM Objects is unique for every machine and doesn’t change when you reinstall Operating system. This means when you rebuild/reinstall your machine you might encounter some issues while activating TPM.
For example, very common error is 0x80070005 E_ACCESSDENIED
This error occurs because by default new Operating System (after reinstallation) cannot write TPM Owner Password to the old TPM object. Let’s have a look at the default permissions on msTPM-InformationObject:
- "Write all properties" for an SID: S-1-3-0 Creator Owner (original computer)
- "Read all properties" for "Domain Computers" (but no write)
We can check this by going to the TPM object in “TPM Devices” container, select original computer (in our case TABLET) and check Special Permissions.
In order to fix this issue, you need to extend the schema by using LDF file published on the TechNet : “TPMSchemaExtensionACLChanges.ldf” which will change default TPM Object’s ACLs. Unfortunately, only new TPM Objects will be affected as we modify the AD schema but not the existing objects.
If you want to change ACLs of existing TPM objects you can just add "Write all properties" and "Read all properties" for "Domain Computers" to the specific or all msTPM-InformationObjects.
Using TPM Owner Password
If you want to change TPM Owner Password, you need to retrieve current password from the MBAM database or Active Directory and copy it to the XML file between <ownerAuth> and </ownerAuth>. In example below, my TPM owner password is 7O66EMj9LFFRhwfFsw+gVAIVkR8=
<?xml version="1.0" encoding="UTF-8"?>
This page is a backup of TPM (Trusted Platform Module) owner authorization information. Upon request, use the authorization information to prove ownership of the computer's TPM. Please keep this file in a secure location away from your computer's local hard drive.
<tpmOwnerData version="1.0" softwareAuthor="Microsoft Windows [Version 6.0.5461]" creationDate="2016-07-09T17:41:00-00:00" creationUser="contoso\user1" machineName="Laptop">
You don’t need to fill out all other details like computer or user name. TPM.msc will only validate password. So, it is fine if you use shorter syntax:
<?xml version="1.0" encoding="UTF-8"?>
Save the file with .tpm extension and then go to the TPM.msc, select “Change Owner Password..”
and then “I have the owner password file”.
Once TPM.msc validates current password you will be able to generate new one.
If you change TPM Owner password manually from tpm.msc this change will be reflected in AD if export is configured via GPO.
If you apply GPO “Turn on TPM backup to Active Directory Domain Services” after TPM has been initialized, Owner Password will not be exported automatically. You will have to use scripts or manually change the password.
Changing or entering TPM Owner Password have a tolerance of 1 failure. After that, option of using password will be locked for 24 hours. This is not the same as “TPM Lockout” which is part of TPM anti-hammering capability.
Remember: starting from Windows 10 1607 we dropped export of TPM Owner password to AD. This (change) is because TPM Owner Password could be retrieved from the registry in some scenarios and be used in offline attacks against TPM anti-hammering. Additionally, most lockouts of TPM come from Bitlocker thus you don’t even have access to tpm.msc to unlock your TPM. When TPM is completely locked by Bitlocker, you are stuck in preboot phase of Windows. So the workflow was not very convenient for both users and helpdesk people.
As always I hope this was informative.