Get the BitLocker TPM Platform Validation Profile in Windows 7 (and Windows 8.1 and 10)

 

Scenario: You want to check which TPM Platform Validation Profile is in effect on a BitLocker enabled volume on a Windows 7 computer.

In Windows 8 and newer Windows operating systems, you can get this information by running this command from an elevated CMD prompt or PowerShell console:

However, this doesn’t work in Windows 7 since you only get information about the key protector IDs and recovery password.

Instead, run this PowerShell script (also works in Windows 8 and later):

This will give you the TPM Platform Validation Profile for the BitLocker volume as shown below.

 

You can also modify the script to check for other TPM protectortypes e.g. “TPMandPin”. Check this link for the different key protector type values: https://msdn.microsoft.com/en-us/library/windows/desktop/aa376442(v=vs.85).aspx

1 Comment

Join the discussion and tell us your opinion.

Change BitLocker TPM Platform Validation Profile on the go – windowstech.netreply
2017-06-30 at 17:57

[…] To check which TPM Platform Validation Profile is active for a BitLocker volume, check out my other blog post. […]

Leave a reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.