Forum Discussion
PS_83
Oct 31, 2019Brass Contributor
Trusted Platform Module has malfunctioned, error code 80090016
"The server message is “Keyset does not exist Keyset does not exist”
I have a user that just received this error this AM. So far I’ve tried the steps here but nothing has worked. I think I’ll need to create him a new Windows profile but he’s a regional user and he’s at the airport which will make things more fun.
Disabled Bitlocker and cleared the TPM
Renamed the folder here “C:\users\$dir\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy”
Uninstalled the TPM driver
Disabled MFA for his 365 account
I’ve come across the two posts here but is there anything else I can do remotely once he is able to get his laptop connected other than creating him a new profile? I don’t mind doing that but he’s traveling all day/night and I won’t have access to his machine for long. He’s going to be using a hotspot.
https://www.askwoody.com/2019/patch-lady-seeing-outlook-authentication-issues/
Also, what would cause this out of the blue? It’s a new Dell Latitude that I set up for him two days ago???
- He was waiting for a flight so I only had about 30 min. Cut my losses and created him a new user profile. Working fine but still curious to see what would cause this???
- Vadim_AntonovCopper ContributorWe started facing TPM malfunctioning error when replacing motherboards on AutoPilot machines. No any suggested solutions helped. But we found an easy and effective solution. At least it worked in our case. Rejoining PC to domain. We have a hybrid AD. I did nothing with AAD account or Intune. Just join the affected PC to a workgroup, reset its account in on-prem AD, join the PC back to domain. It resolved the issue.
- kev_revCopper Contributor
Vadim_Antonov Was the solution for me too! Thanks so much!
I tried renaming and deleting the AAD.Broker and Account.Control folders. I renamed the NGC folder, reset TPM, ran the SARA utility, and no success. Then I unjoined from the AD domain, rejoined, and signed in under the user's AD account. When opening the first O365 app I was prompted to register the device in O365. After that all the apps opened fine.
I will note that about two weeks ago the same error/issue appeared on a laptop that had just had the motherboard replaced, and all it took was renaming the AAD Broker folder to fix it.
Wish I knew more about the underlying connections between a device and O365 to figure out what is causing this, but at least now I have a growing list of things to try.
- richard1964Copper Contributor
I had this weird problem and it turned out to be Zone Alarm Pro Firewall.
As soon as I (temporarily) disabled it and ran the Outlook 365 sign-in procedure again everything worked. I did notice that when Outlook started, even with the user signed in there it did not pick up his email account and I had to add it manually using 'Add Account'
Cheers
- mcgoo2000Copper Contributor
we had to replace a motherboard in a staff members laptop and started to receive this error after the new one was installed. Fixed the issue using this site below. Basically just had to rename a AAD Broker folder.
http://itwalkthroughs.com/knowledge-base/your-computers-trusted-platform-module-has-malfunctioned/
- hermanbroodCopper Contributor
Still got the same error, despite all above. Using a VM with Windows 10 and a virtual TPM.
- SamK50Brass Contributor
Open up the Windows Explorer and navigate to the following directory:C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\If you are not able to see the AppData folder, you will have to enable the hidden folders by clicking on File and then selecting ‘Change folder and search options’. Switch to the View tab and make sure ‘Show hidden files, folders, and drives’ option is checked. Hit Apply and then click OK.You will not be able to access the Ngc folder without taking over the ownership.To take over ownership, right-click on the folder and click Properties.Switch to the Security tab and click Advanced.Click Change in front of OwnerType in the username of the account that you are currently using.Afterward, click Check Names and then hit OKMake sure that the ‘Replace owner on subcontainers and objects’ box is checked.Click Apply and then hit OK.Open up the Ngc folder and delete the all the contents of the folder.Try adding a PIN again.PS_83
- GatorayCopper Contributor
I tried this same thing described in SysInfoTools (https://www.sysinfotools.com/solve-error/outlook-365-module-error-code-80090016.html) and it wouldn't allow me to empty contents of the NGC file. That didn't fix my Office activation and, at some point, it let me enter my account username and password but failed to let me create a Pin (not sure why that disappeared). Unfortunately, after a reboot and hoping it worked, I am now locked out of my computer--It reads "you'll need the internet for this" to login to my microsoft account, but it is connected to the WiFi network.
Once I can re-access my computer, I can try mcgood2000's solution since my motherboard was just replaced.
- DavidG2PCopper ContributorThis didn't do it. The Ngc folder was empty.
- ursula2005Copper Contributor
not sure if that has worked - will find out when using the computer tomorrow as it only does this randomly - I suddenly find that i have to login to an app such as office 365 and outlook again and again - also adobe DC- all this after the latest W10 update! i use my computer 12+ hours aday and am very busy at the moment so do not have time for messing around with my computer.
Thank you for your input I will see if all is resolved.
- PS_83Brass ContributorI've been using these steps to clear the TPM error's
https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm
To clear the TPM
Open the Windows Defender Security Center app.
Click Device security.
Click Security processor details.
Click Security processor troubleshooting.
Click Clear TPM.
You will be prompted to restart the computer. During the restart, you might be prompted by the UEFI to press a button to confirm that you wish to clear the TPM.
After the PC restarts, your TPM will be automatically prepared for use by Windows 10.
- PS_83Brass ContributorHe was waiting for a flight so I only had about 30 min. Cut my losses and created him a new user profile. Working fine but still curious to see what would cause this???