http://blogs.technet.com/b/askcore/archive/2010/08/03/how-to-use-hash-of-tpm-from-ad-to-reset-your-tpm-password.aspxHello, my name is Manoj Sehgal. I am a Support Escalation Engineer in the Windows group and today’s blog will cover “How to use Hash of TPM from AD to reset your TPM password”. As per Best Practices for Bitlocker we configure a Group Policy for TPM toen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)http://blogs.technet.com/b/askcore/archive/2010/08/03/how-to-use-hash-of-tpm-from-ad-to-reset-your-tpm-password.aspx#3571026Mon, 06 May 2013 20:21:19 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3571026Bryan Powell<p>I too am getting the error referenced by David. However, it still occurs whether or not the tpm file is accessed locally or from a USB or network share.</p> <p>One thing I noticed is Windows 8 backup seems to have a 27 character hash, but your example is 28. Is our backup not working correctly? It is in the format as follows for Windows 8:</p> <p>CN=&lt;27 chararcter hash&gt;,CN=TPM Devices,DC=domain,DC=company,DC=com</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3571026" width="1" height="1">http://blogs.technet.com/b/askcore/archive/2010/08/03/how-to-use-hash-of-tpm-from-ad-to-reset-your-tpm-password.aspx#3560246Thu, 21 Mar 2013 17:51:40 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3560246David Rich<p>hahaha DUMMY moment.</p> <p>this method works fine but the .tpm file you create cannot be used from the local bitlocker encrypted drive </p> <p>(duh you can&#39;t store your hash on the drive!)</p> <p>the same file can be used to reset the key from a network share flash drive etc</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3560246" width="1" height="1">http://blogs.technet.com/b/askcore/archive/2010/08/03/how-to-use-hash-of-tpm-from-ad-to-reset-your-tpm-password.aspx#3560237Thu, 21 Mar 2013 17:20:33 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3560237David Rich<p>I know this is an old thread but i&#39;m having the same problem as above. i have followed your steps, saved the file un utf-8 encoding, made sure file extensions were not hidden.</p> <p>first off i cannot browse to it, i have to type in the path so it isn&#39;t showing up properly as a .tpm file. </p> <p>when i do put in the path manually the result is tpm.msc telling me:</p> <p>&quot;If you build the file manually, verify that it has the correct syntax for a tpm owner password file.&quot;</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3560237" width="1" height="1">http://blogs.technet.com/b/askcore/archive/2010/08/03/how-to-use-hash-of-tpm-from-ad-to-reset-your-tpm-password.aspx#3469777Thu, 08 Dec 2011 15:28:00 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3469777Darrell Poteet<p>The article is excellent, but unfortunately the process does not work in our environment. &nbsp;We are doing a copy and paste of the TPM Hash from AD into a template created from your example. &nbsp;We are naming the file &quot;machinename.tpm&quot; but are denied the reset after browsing to the file.</p> <p>Any thoughts as to what behavior would cause this?</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3469777" width="1" height="1">http://blogs.technet.com/b/askcore/archive/2010/08/03/how-to-use-hash-of-tpm-from-ad-to-reset-your-tpm-password.aspx#3353884Mon, 06 Sep 2010 20:15:01 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3353884Keenan Buck<p>A very good brief yet concise article ... Thank you </p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3353884" width="1" height="1">