New
#11
Well MS rep was wrong this error is normal for a TPM 1.2 model for anyone wanting more info on this error check this out. so if you got this error Device Encryption Support Reasons for failed automatic device encryption: PCR7 binding is not supported, Hardware Security Test Interface failed and device is not InstantGo, Un-allowed DMA capable bus/device(s) detected, Disabled by policy, make sure you have a TPM 2.0 model and not a TPM 1.2 as the error is related to your TPM chip not beeing compatible see chart below. This is something new according to the page would explain why it use to be supported and is now not according to the page the changed it to TPM 2.0 going forward but kept some of the stuff compatible for older systems all new system will need TPM 2.0 is what i read and understand. Hope this helps others god bless all.
taken from TPM recommendations (Windows 10) | Microsoft Docs
TPM and Windows Features
The following table defines which Windows features require TPM support.
Windows Features TPM Required Supports TPM 1.2 Supports TPM 2.0 Details Measured Boot Yes Yes Yes Measured Boot requires TPM 1.2 or 2.0 and UEFI Secure Boot BitLocker Yes Yes Yes TPM 1.2 or 2.0 is required Device Encryption Yes N/A Yes Device Encryption requires InstantGo/Connected Standby certification, which requires TPM 2.0. Device Guard No Yes Yes Credential Guard No Yes Yes Windows 10, version 1507 (End of Life as of May 2017) only supported TPM 2.0 for Credential Guard. Beginning with Windows 10, version 1511, TPM 1.2 and 2.0 are supported. Device Health Attestation Yes Yes Yes Windows Hello/Windows Hello for Business No Yes Yes Azure AD join supports both versions of TPM, but requires TPM with keyed-hash message authentication code (HMAC) and Endorsement Key (EK) certificate for key attestation support. UEFI Secure Boot No Yes Yes TPM Platform Crypto Provider Key Storage Provider Yes Yes Yes Virtual Smart Card Yes Yes Yes Certificate storage No Yes Yes TPM is only required when the certificate is stored in the TPM.