Problem: 

Unable to take ownership or use the Trusted Platform Module.

Applies To: 

EMBASSY Trust Suite version 2.2.3 installed on:

Latitude D420, D620, D820

Precision M65, M90, 490, 690 WS390

Optiplex 530, 730

(XP and Vista 32-bit OS only)

See Solution: EMBASSY Trust Suite

 

EMBASSY Trust Suite 3.3.0.26 installed on:

Latitude D430, D530, D531, D630 (ATG, c, XFR), D631, D830, XT
Precision Mobile M65, M90, M2300, M4300, M6300
Precision WorkStation 390, T3400, R5400, T5400

OptiPlex 740, 745, 745c, 755

(XP and Vista 32-bit OS only)

See Solution: EMBASSY Trust Suite

 

EMBASSY Trust Suite – Acer Edition Versions 7.3.4.7 (32 bit), 7.3.4.9 (64 bit)
installed on Acer ProShield with TPM: BXD50/BAP50

See Solution: EMBASSY Trust Suite - Acer Edition

 

EMBASSY Trust Suite – Asus Edition PBA 7.5.2.63 (32 bit) PBA 2.5.2.23 (64 bit)
installed on Asus models B53F, B53J, B43F, B43J

See Solution: EMBASSY Trust Suite - Asus Edition

 

EMBASSY Trust Suite – Enterprise (Purchased Full) Edition- Version 7.5.2.60
installed on enterprise PC’s equipped with a Trusted Platform Module (TPM).

See Solution: EMBASSY Trust Suite

Solution: 

To utilize the TPM, it needs to be enabled and activated in the BIOS, the appropriate services need to be running, and the TPM cannot be in a locked state. 
Some or all of the actions listed below may be required to make the TPM available. 

 

EMBASSY Trust Suite

 

  1. Check the TPM status in the BIOS.
  • Enter the BIOS (Select F2 during boot at the Dell splash screen)
  • Navigate to Security or TPM Security (varies by machine)
  • Confirm the TPM is ON and ACTIVATED. If these actions are needed, a second boot to the BIOS to activate after turning the TPM on will be necessary.
  1. If the TPM is ON and ACTIVE; confirm the Operating System (OS) recognizes the TPM driver.

Vista – Select Start > Control Panel > System > Device Manager > Security Devices to view the TPM.

XP – Select Start > Control Panel > System > System Properties > Hardware > Device Manager > Security Devices to view the TPM.
 

If there is no listing; the driver has either not been installed or was corrupted during installation.  Installation should be performed with firewalls and antivirus disabled.
The driver is available on the OEM support site for your make and model of equipment.

  1. Once the TPM is on, activated and recognized within Device Manager; verify the NTRU service is present and started.

Navigate to the Control Panel > Admin Tools > Services and look for a listing for NTRU TSS.  If the Status is not listed as Started; select Start the Service. The Startup Type should be listed as Automatic to make the service available on boot up.

NTRU is installed as part of the driver packages. Installation of the driver pack should be performed with firewalls and antivirus disabled.
Drivers are available on the OEM support site for your make and model of equipment. 

  1. If the TPM remains inaccessible, it may be locked.

Determine if the TPM is locked:

Using the paths below, search for listed files, and delete if the exact match of file (.lock extension) is found.  DO NOT remove files that do not have the .lock extension on the file. (Please enable ‘show view of hidden files and folders’)


Windows XP:

  • C:\Documents and Settings\\Local Settings\Application Data\NTRU Cryptosystems\TSS\user_keys.keys.lock
  • C:\Documents and Settings\NetworkService\Local Settings\Application Data\NTRU CryptoSystems\Key_registry.dat.lock

Vista:

  • C:\Users\\AppData\Local\NTRU Cryptosystems\TSS\user_keys.keys.lock
  • C:\Windows\ServiceProfiles\NetworkService\AppData\Local\NTRU Cryptosystems\Key_Registry.dat.lock
  1. Perform a TPM Clear and Enable/Activate in the BIOS and then take ownership of the TPM in EMBASSY Security Center.
  • Select Trusted Platform Modules and click the Manage tab.
  • Select Establish under the Ownership section
  • Follow on screen prompts to set the OWNER password.

A backup of the TPM is strongly suggested.  The TPM chip resides physically on the motherboard.  If this board is corrupted or replaced, only a pre-existing backup of this chip can provide access to TPM data through a restore. 

 

EMBASSY Trust Suite – Acer Edition

Acer representatives are familiar with their hardware and the Acer EMBASSY Trust Suite (ETS) version software and provide the initial support for these machines and for the ETS provided on this platform.  
Please contact Acer at: support.acer.com

 

EMBASSY Trust Suite – Asus Edition

Asus representatives are familiar with their hardware and the Asus EMBASSY Trust Suite (ETS) version software and provide the initial support for machines with ETS provided on this platform.  Please contact Asus at: support.asus.com

 

If the information provided above did not resolve your issue or you have any additional questions, please complete our Support Request Form