TPMAPI_E_TOO_MUCH_DATA (0x80290102) on Windows 10/11
Windows throws this when a TPM command buffer gets overloaded, usually from BitLocker or certificate operations. Here's the fix chain: quick registry tweak, then service restart, then firmware update.
What's actually happening with 0x80290102
Windows throws error 0x80290102 (TPMAPI_E_TOO_MUCH_DATA) when the TPM command buffer fills up. This hits most often during BitLocker key escrow, certificate enrollment with TPM-protected keys, or Windows Hello setup. The TPM has a fixed-size input buffer (typically 396 bytes for TPM 2.0), and when you cram too much data into a single command — like a long authorization session — it overflows.
The real trigger? A stuck TPM session from a previous encryption operation. Windows doesn't always clean up properly after failed BitLocker or credential guard attempts.
Fix 1 (30 seconds): Clear the TPM session buffer via registry
Skip any complex stuff for now. This registry tweak flushes the TPM command buffer without rebooting or clearing your keys.
- Press Win + R, type
regedit, hit Enter. - Navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tpm\Parameters - If
CommandBufferSizedoesn't exist as a DWORD, create it. Set value to0(zero). - Restart the TPM Base Services service: open
services.msc, find TPM Base Services, right-click → Restart.
Why this works: Setting CommandBufferSize to 0 forces Windows to reinitialize the buffer on next service start. It doesn't delete your TPM keys or clear your BitLocker PIN — just dumps the stuck data.
Test immediately: retry the operation that failed. If it works, you're done.
Fix 2 (5 minutes): Restart TPM service and clear pending commands
If the registry tweak didn't cut it, the buffer might have a corrupted session handle. We'll kill it harder.
- Open PowerShell as Administrator.
- Run these in order:
Stop-Service TBS Clear-Tpm -Blocked Start-Service TBS - Then:
Get-Tpmto verify the TPM is ready.
Don't skip the Clear-Tpm -Blocked step. That flag says "ignore any pending locked sessions." Without it, Get-Tpm might still show a busy TPM. The whole sequence takes about 10 seconds.
This handles the case where a BitLocker credential guard session got orphaned — common after a Windows Update that touched the TPM driver.
Fix 3 (15+ minutes): TPM firmware update
If the error keeps coming back after fixing it, your TPM firmware is the problem. Intel and AMD have shipped buggy TPM 2.0 firmware on several platforms — notably Lenovo ThinkPad X1 Carbon Gen 8 and Dell XPS 13 (9310) had this issue in 2021.
Before you update, check your current firmware version:
Get-WmiObject -Namespace Root\CIMv2\Security\MicrosoftTpm -Class Win32_Tpm | Select-Object SpecVersionCompare against your motherboard vendor's support page. For Dell: "TPM 2.0 Firmware Update Utility". For Lenovo: "TPM Firmware Update" under Drivers & Downloads.
Procedure:
- Disable BitLocker temporarily (manage-bde -off C:).
- Install the firmware update EXE from vendor. Do not interrupt the process.
- Reboot twice — some updates require a second boot to finish flashing.
- Re-enable BitLocker.
Why firmware matters: The TPM command buffer size is baked into the firmware. A buggy early revision might report a smaller buffer than actual hardware supports, or it might not flush completed sessions. Newer firmware fixes both the size negotiation and session cleanup.
When none of these work
If you're still seeing the error after all three fixes, the TPM might be physically failing. Run tpmtool getdeviceinformation and look for TPM WMI errors. If you see any, replace the motherboard or disable the TPM in firmware and use a software TPM (Windows 11 Pro/Enterprise only).
Also check if you're running third-party security software that hooks into the TPM — McAfee and Symantec endpoint products have caused buffer issues. Uninstall them temporarily to test.
Was this solution helpful?