How To Downgrade TPM from 2.0 to 1.2 Using HP TPM Configuration Utility

Introduction

I’m guessing that the first question you’re asking is: “Why should I downgrade from TPM version 2.0 to 1.2?”. In this blog post, I will cover how to downgrade your TPM from 2.0 to 1.2 using the HP TPM Configuration Utility if you are in any of the scenarios described in this post.

I would say that the main reason for downgrading from TPM 2.0 to TPM 1.2 would be that your environment is running Windows 7 SP1 or Windows Server 2008 R2 without the hotfix to enable TPM 2.0 support. Since most companies are in the process of moving away from Windows 7, it might not be worth the additional hassle to apply the hotfix but rather let these machines remain at the TPM 1.2 firmware.

Also, check out my other blog posts on how to do a firmware update from TPM 1.2 to 2.0.

How to downgrade TPM from version 2.0 to version 1.2 for HP

Prerequisites

• HP TPM Configuration Utility
• Latest HP BIOS version
• BIOS configured for “TPM Activation Policy” to Hidden. The TPM Activation Policy is required to be configured to Hidden if you wish to skip the “Press F1” requirement upon reboot following a TPM firmware change.

Assumptions

• Knowledge about creating packages in SCCM.

Download HP TPM Configuration Utility

Download the TPM Configuration Utility and extract the files. For more information on how to download the HP TPM Configuration Utility refer to my other blog post on how to upgrade TPM from 1.2 to 2.0.

Extract the following files to a directory of your choice:

If you have a look in the Firmware folder, there are many firmware files.

Move these files to the main folder.

Retrieve TPM information

First of all, we need to gather the TPM information from a reference computer to know what TPM firmware to use.

To know which firmware file to use, we gather the Manufacturerversion.

In this example, we gather it using Powershell, but it is also possible to retrieve this information as part of the hardware inventory sent to SCCM.

Open an administrative Powershell prompt and run:

Get-TPM

Add files to share

Select the firmware files you want and add them to a share accessible by SCCM.

Create a package in SCCM

Download and extract the latest version of  HP TPM Configuration Utility

If you are using a BIOS password, you need to create a *.bin file containing your password using <tool>, which is included in the HP TPM Configuration Utility files.

As I mentioned before, the TPM Upgrade Utility contains many firmware files that need to correspond with the Manufacturerversion.

Here are the files that are included in my package:

Create a standard package without a Program.

Configure the task sequence

Create a new custom Task Sequence.

To downgrade TPM, Bitlocker is required to be disabled.

Add a Disable Bitlocker step at the top of the Task Sequence and

For each Manufacturer Version in your environment, create a command-line step, with the following command line:

Tpmconfig64.exe -s -fTPMfirmware.BIN -ppasswordfile.bin

In the Options tab, use the following WMI query:

rootcimv2SecurityMicrosoftTpm

Select * From Win32_Tpm Where SpecVersion Like "%2.0%"

Select * From Win32_Tpm Where ManufacturerVersion Like "%7.40%"

That is all!

Conclusion

You might be faced with the task of downgrading TPM from 2.0 to 1.2 if you need to downgrade from Windows 10 to Windows 7.

I hope that the article has given you some pointers. Why did you have to downgrade TPM? Please leave a comment below! 🙂

References

• Microsoft Docs – Trusted Platform Module Overview

Related posts

• How to upgrade TPM from 1.2 to 2.0 using HP TPM Configuration Utility