Share via

TPM Attestation timed out

Weston Strosser 0 Reputation points
2026-02-13T19:57:46.3033333+00:00

I have a series of Lenovo Yogas Yoga 7 2-in-1 16AKP10 - Type 83JU and we use white-glove to pre-provision our machines. We get the error message of "Something happened, TPM Attestation Timed out". The TPM tool come back as "Ready for storage", the network connection to ztd.dds.microsoft.com, cs.dds.microsoft.com, and login.live.com are fine. I have successfully pre-provisioned other models of these machines, the machine provides the same error message on other networks, and only other error message I could find that might be help is I ran the following command to review the AIK certificate details:

certreq -enrollaik -config “”

This returned a 404 error related to the trusted authority.

Is there something I missing?

**Edit, the machine is fully up to date with windows and bios updates and I have reset TPM module via tpm.exe and from the bios as well. Lenovo support strongly believes the issue is on microsoft's end, I have an open ticket with Intune support but no response yet.

Microsoft Security | Intune | Enrollment
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-02-13T19:58:29.24+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The error message "TPM Attestation Timed out" typically indicates that there is an issue with the Trusted Platform Module (TPM) not being able to complete the attestation process within the expected time frame. Here are some steps you can take to troubleshoot this issue:

    1. Check TPM Status: Ensure that the TPM is indeed in a ready state. You mentioned that the TPM tool shows "Ready for storage," which is a good sign.
    2. Network Connectivity: Although you have confirmed that the network connections to the required Microsoft services are fine, ensure that there are no firewall or proxy settings that might be interfering with the communication necessary for TPM attestation.
    3. Review AIK Certificate: The 404 error related to the trusted authority when running the certreq -enrollaik -config command suggests that there may be an issue with the certificate enrollment process. Ensure that the device can reach the certification authority and that the necessary certificates are properly configured.
    4. Firmware and Drivers: Make sure that the firmware and drivers for the TPM are up to date. Sometimes, outdated firmware can cause issues with TPM functionality.
    5. TPM Reset: If the above steps do not resolve the issue, consider resetting the TPM. This can be done through the TPM management console (tpm.msc). However, be aware that resetting the TPM can lead to data loss if there are keys stored in the TPM.
    6. Consult Lenovo Support: Since you are using specific Lenovo Yoga models, it may also be beneficial to reach out to Lenovo support for any known issues or additional troubleshooting steps specific to those devices.

    If you continue to experience issues after trying these steps, you may want to gather logs and additional error messages to further diagnose the problem.

    References:

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.