When deploying MBAM via Gpo, one of the things that needs to be done is to activate the TPM on your devices.
After setting up the Gpo for it, even if you use a script to automatically do this for you, there can be some devices which will require you to do this manually, in just a few simple steps.
In order to check the TPM availability, press the Start button, type tpm.msc, right click on it and Run as Administrator if you run it from the Domain Users accounts. On the management window,first thing that you’ll have to look at is the Specification Version. If the version is 1.2 you can skip at the next step, otherwhise you’ll have keep in mind the fact that the 2.0 version doese’t work with MBR partition table, and if you don’t want to convert it to GPT and reinstall your operating system for it to work and show as compliant in the MBAM Monitoring Agent, you’ll have to go to the manufacturer website and download the conversion software in order to change it to 1.2.
With these things out of the way, the only thing left to do is to click the Prepare the TPM.. button on the upper right side of the TPM Management window, wait for the computer to restart and press F1 when you are prompted to activate it.