Windows-itpro-docs: "reinstall Windows"? Really?

Please forgive my ignorance, you may want to wait for answers from someone who is familiar with this and has got direct experience with TPM usage. Based on the general idea that the TPM acts as an ID key or identifying security component to be read by the encryption subsystem, I would see this as changing a key component if you replace either a mainboard or a TPM, making it unsustainable for the encryption to work as before with the new TPM and also necessitating an OS reinstallation. (Feel free to ignore my comment and wait for a more authoritative answer.)

Also: Please note that this repository is intended for improving the IT Pro documentation pages only. Unless you have got improvement suggestions or would like to point out obvious mistakes in the documentation, you may find it easier to get help by contacting your nearest Microsoft Support tenant directly.

@i3v . did you disabled bitlocker protection before changing the new motherboard.
Also make sure now current TPM have device drivers and working good. Check in device manager. Also try to format the EFI partition and recreate bcdboot in EFI partition.
Afterwards you retry bitlocker

@RAJU2529 ,
Actually, I agree with @illfated , that this issue is hardly a good place for discussing my particular issue. My original intention was to bring your attention to the "reinstall Windows" statement, which, IMHO, deserves some detailed justification, at least.

But if it could help somehow:

• No, I've not disabled the bitlocker protection before changing the motherboard.
• TPM looks OK in device manager. It's using Microsoft driver 10.0.18362.693.
• This is a legacy (~11 years old) system with no UEFI. (BTW, TPM version is 1.2).
• I know that there's a newer BIOS available for this MB. Moreover, the original MB had newer BIOS version. Maybe I'll update it later, but I'd avoid this within the couple of months, just as a sort of precaution - everything works OK except BitLocker, and I don't want to take a chance to accidentally brick this system now.

@i3v. Currently reinstall windows. I never recommend this for simple problems. In mean you take system backup say C drive completely into single file INSTALL.WIM using windows PE bootable usb pendrive.

That file will be reused to install windows within 10 minutes. No need to reinstall applications and no need to reinstall driver's

@illfated . Today I have succeeded by integrated Microsoft edge browser directly into windows PE wim file , I created latest windows PE 10.0.19546.1000.. I can able to browse websites very fast with edge browser through windows PE. Watched YouTube channel
Today I am happy.

@RAJU2529 : That sounds good and neat. Glad you are making progress in advanced use of software tech from Microsoft. Keep up the good work.

@i3v : I can only keep my fingers crossed while waiting for feedback from the MS Docs team to see how they want to make use of your feedback. Maybe it can be forwarded to another department, maybe someone has got alternate or optional feedback for you, I don't know. We will just have to be patient in these times where we are affected by the COVID-19 pandemic and social distancing.

I know that there's a newer BIOS available for this MB. Moreover, the original MB had newer BIOS version. Maybe I'll update it later

Just-in-case:
After all, I've updated my BIOS. Nothing changed - TPM.msc still fails with TPM Console Error 0x8007007A. Clearing TPM changes nothing.

I've created a separate thread for the possible further discussion of the possible fixes/workaround for my specific case here.

Thank you for the update. Your ticket on answers.microsoft.com looks quite appropriate.

A revision attempt is going to be published for this feedback. Thank you for the discussion.

@i3v - Thank you for your query, please note that the TPM chip has RSA key pair called Endorsement Key (EK). This paired is maintained inside the chip and that is not accessible by the software. The storage root key is created when you install the windows and the key pair is generated by the TPM.

When you change the hardware this changes te EK because of the new chip. This breaks the pair. unfortunately for this, you have to reinstall the Windows for all this to work again.

Thanks.
Imran.

@joinimran ,
Thanks for your answer! But...

1. OK, I understand that the "Endorsement Key" embedded into the TPM chip cannot be changed, once created. And that it must be created before Bitlocker would be able to use the TPM, as mentioned here. And that changing the hardware breaks the pair (thus one must disable Bitlocker in advance or use some backup key to unlock the disk after the MB change). I think I understand why it is designed to work this way. But I do not understand how this limits my ability to re-initialize (I'm not sure if this is the correct word) the software thing, the Bitlocker (once the disk is unlocked).

   1. When I started this thread, I thought that Bitlocker was unable to use my TPM. I don't actually remember why exactly I thought so. Today I was able to successfully perform manage-bde -protectors -add c: -TPMAndPIN (just after enabling corresponding feature in gpedit.msc and doing gpupdate /force, nothing else... I'm not sure what was wrong before...). Now the PIN works. AFAIU, this means that Bitlocker is able to use my TPM, even after I've replaced my MB and not re-installed Windows (still v1909, no feature updates since then). Thus, AFAIU, this means that the statement that one must reinstall Windows is not true.

   2. The TPM.msc still fails to load (still 0x8007007A). I think that's some separate bug, actually...

It's interesting that this issue is both "Closed" and "in progress" now.
The article itself was not updated anyhow yet.
Personally, I still think that " you have to reinstall the Windows" is incorrect.

@i3v It has been verified by an independent contributor that Windows needs to be reinstalled and this is why the article has not been updated: an explanation has been provided instead.

@e0i ,
OK... So, any idea why everything works for me without reinstalling Windows?