TPM Utilities
TPM Utilities
This section details the utilities (helper applications) specific to TPM operation.
Obtain TPM status
The current status of the TPM can be obtained via the Matrix42 Full Disk Encryption Control Center module FDE status query (otherwise known as Nbstatus.exe) or via the command line (see Start a status query via the command line for details).
Start TPM status query (GUI)
- Double-click the FDE status query module in the Control Center.
- The dialog appears (information may differ). For details about the non-TPM icons and information displayed in the dialog, see The FDE status query GUI. The TPM icons have the following meaning:
Icon | Details |
---|---|
(Active) | The TPM has been enabled for operation with Matrix42 Full Disk Encryption |
(Not Active) | The TPM has not yet been enabled for operation with Matrix42 Full Disk Encryption. |
(Activating or activation error) |
This icon has one of the following meanings: The TPM has been enabled for operation with Matrix42 Full Disk Encryption, but the computer must be restarted to complete the support. An error occurred during the TPM activation procedure. |
- Click OK to close the module.
Log file interpretation
The Nbstatus application, via GUI or command line, updates the log file each time it is executed. When opened, a typical log file entry appears as follows:
Error status = 0 Driver letter = C Encrypt status = 0x1 Algorithm: ---------------------------------------------------------------- ---------------------------------------------------------------- Error status = 0 Driver letter = E Encrypt status = 0x1 Algorithm: ---------------------------------------------------------------- ---------------------------------------------------------------- Computer name: MB-WINXP-02 Date: 20090923 Exit code = 9 FDE installed: Yes Boot security installed: Yes TPM protection: 2 (Active) Unencrypted drivers = 2 Encrypted drivers = 0 Partly encrypted drivers = 0 Boot security errors = 0 Encrypted errors = 0 ---------------------------------------------------------------- MB-WINXP-02 20090429 9 1 1 2 0 0 0 0 2
Note that the details of TPM status (marked in bold) are as follows:
State | Description |
---|---|
0 (Not active) |
The TPM has not yet been enabled for operation with Matrix42 Full Disk Encryption. |
1 (Activating) |
The TPM has been enabled for operation with Matrix42 Full Disk Encryption, but the computer must be restarted to complete the support. |
2 (Active) |
The TPM has been enabled for operation with Matrix42 Full Disk Encryption. |
3 (Activation error) |
An error occurred during the TPM activation procedure. |
Test TPM compatibility
A command line utility is available in the Helper Applications directory called TPM_test.exe. This will allow you to test the availability and suitability of the TPM on your computer. For detailed information about this utility refer to Section 5.6 ‘TPM_test’.