This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Surface 4 with SGN 8.0 and TPM 2.0

Hi all 

...Some questions

i've Surface Pro 4 with SGN 7.0 and TPM 2.0. When users fails to insert initial pin many time (lockoutmax 32 times ), the Surface went into lockout mode, I communicate to the user the challenge for unlocking and when user login on his desktop the new pin change request appeared and i see that LockoutCount is cleared, clear TMP is done automatically. After update to SGN 8.0 (on the same device) the new change pin request (after blocking and unblocking Surface) it does not look anymore, Lockedout does not change and I need to clear TPM module. This is the procedure as described on Sophos Article.

The same thing happens with either C/R or C recovery.

Why with SGN 7.0 the pin change automatically appeared, but with SGN 8.0 i must clear TPM?

How can I restore this feature, even using Windows policies?

A rollback of behavior is expected?

Thanks for all 

Franco

 



This thread was automatically locked due to age.
Parents Reply Children
  • Thank you for the interventions and apologize for my delay in answering. 

     

    In fact is a Windows issue and more precisely it is lockout TPM chip after too many wrong entries which blocks the computer.

    Sophos support said me that with new version SGN when i insert a C/R it reset automatically TPM chip and so when i access my profile Windows ask me to insert new PIN.

    In my opinion, will greatly simplify the recovery process.

     

    Thanks for all

    Bye

    Franco