Win11 Autopilot TPM attestestation timed out

L

Lazarus

Active Member
Apr 26, 2019
22
2
43
125
I'm trying to set up a VM with Win11 and install it with Microsoft's Autopilot and Intune. The machine has been pre-added, and the machine is identified for my company. So I try to install a preprovision package. Then about 5-7min are spent before the process fails with message "Something happened, and TPM attestestation timed out".

Did anyone else run into this?

Here's the VM config:
Code: 
agent: 1
bios: ovmf
boot: order=scsi0
cores: 4
cpu: host,flags=+pcid;+ibpb;+hv-tlbflush;+aes
efidisk0: volatile:vm-126-disk-2,efitype=4m,pre-enrolled-keys=1,size=1M
ide0: local:iso/virtio-win-0.1.266.iso,media=cdrom,size=707456K
ide2: local:iso/Win11_24H2_EnglishInternational_x64.iso,media=cdrom,size=5695402K
machine: pc-q35-9.0
memory: 10240
meta: creation-qemu=9.0.2,ctime=1740672871
name: intunemachine
net0: e1000=ab:cd:ef:12:34:56,bridge=vmbr0,firewall=1
numa: 0
ostype: win11
scsi0: volatile:vm-126-disk-1,cache=writeback,discard=on,size=80G
scsihw: virtio-scsi-pci
smbios1: uuid=12345678-1234-1234-1234-123456789abc,manufacturer=YWJjMTIz,product=YWJjMTIz,version=YWJjMTIz,serial=YWJjMTIz,sku=YWJjMTIz,family=YWJjMTIz,base64=1
sockets: 1
tpmstate0: volatile:vm-126-disk-0,size=4M,version=v2.0
vmgenid: 12345678-1234-1234-1234-123456789abc

*Some of the details redacted for privacy.
 
  • Like
Reactions: chrdumas
Running into this same issue and curious if anyone has resolved it.

tpmtool getdeviceinformation shows the TPM2.0 is there and ready for attestation but Autopilot still fails on the "Securing your device" step every time.
 
Sadly this can mean anything from “can’t reach the Microsoft servers” to “TPM chip isn’t in setup mode”. Any logs from the system or details when you run tpm.msc?
 
Hi @Lazarus , may I know if you have checked the following?
  • TPM is enabled in the BIOS/UEFI, and the machine has TPM 2.0 (which is required for Autopilot).
  • Secure Boot is also enabled.
  • The system firmware is up-to-date.
  • The machine has a stable internet connection.
  • I’ve verified that the device is properly registered in Intune and Autopilot.
 
You must log in or register to reply here.
Top Bottom