locked
Enable TPM on Hyper-V Machine RRS feed

  • Question

  • Hello

    As always I have a hard time deciding in which forum to post, so feel free to move if there is a better option.

    I have a Hyper-V client that I got here:
    https://developer.microsoft.com/en-us/windows/downloads/virtual-machines

    Now I need to be able to create a Virtual smart card on this machine. (tpmvscmgr.exe  create /name tpmvsc /pin default /adminkey random /generate)

    However I get:

    Creating TPM Smart Card...
    TPM Virtual Smart Card management cannot be used within a Terminal Services session.
            (0x800704d3) The request was aborted.

    If I enter tpm.msc on the machine it says:

    Compatible TPM cannot be found

    It works on my local machine and the cards created there can be found in the virtual machine. How to do so I can create them in my hyper-V?

    • Moved by BrianEhMVP Thursday, January 12, 2017 5:24 PM
    Thursday, January 12, 2017 4:49 PM

Answers

  • Hello, this seems to be wrong, my collegue got it to work in pro.
    the solution for us seems to have been to turn off enhanced session mode.

    https://social.msdn.microsoft.com/Forums/en-US/1e8c6efe-5d89-4df0-9a17-5c687aa8b80d/hyperv-generation-2-windows-10?forum=winserverhyperv

    • Proposed as answer by Leo Han Wednesday, January 18, 2017 1:42 AM
    • Marked as answer by Johannes HC Wednesday, January 18, 2017 9:18 AM
    Tuesday, January 17, 2017 1:58 PM

All replies

  • First of all, lets clear up terminology.

    'Hyper-V' is the hypervisor itself, it allocates resources to and runs virtual machines.

    You downloaded a Virtual Machine - this is a full OS that runs within an isolated resource container.  It is a full OS.

    When you open the console of your VM, you most likely have Enhanced Session Mode enabled, which is an RDP session - this is why you get your first error.

    Your second error is because the vTPM is not enabled.

    You want to follow this blog: https://blogs.technet.microsoft.com/askds/2016/05/11/setting-up-virtual-smart-card-logon-using-virtual-tpm-for-windows-10-hyper-v-vm-guests/

    Note the hardware requirements for your physical machine (the Hyper-V Server itself)


    Brian Ehlert
    http://ITProctology.blogspot.com
    Learn. Apply. Repeat.

    Thursday, January 12, 2017 5:24 PM
  • Hello

    Tried to run the instructions but got some problems. I did not have a Isolated User Mode in my appwiz.cpl.

    And on my virtual client it looks like this, so no Security options:

    Do you know what is wrong and if it can be fixed?

    Realize now it says Windows 10 Enterprise Edition in the instructions, I have Pro, maybe that is a problem


    • Edited by Johannes HC Friday, January 13, 2017 8:57 AM
    Friday, January 13, 2017 8:55 AM
  • OK I got it up now with generation 2 and the security settings as in the instruction.

    Still the same error, only difference from yur link is that I have pro instead of enterprise and so have no  Isolated User Mode. So question is if it can not work on windows pro.

    Friday, January 13, 2017 1:46 PM
  • Hi Johannes,

    >>Realize now it says Windows 10 Enterprise Edition in the instructions, I have Pro, maybe that is a problem

    Yes. Enterprise edition is required.

    Best Regards,

    Leo


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Johannes HC Monday, January 16, 2017 8:29 AM
    • Unmarked as answer by Johannes HC Tuesday, January 17, 2017 1:56 PM
    Monday, January 16, 2017 2:36 AM
  • Hello, this seems to be wrong, my collegue got it to work in pro.
    the solution for us seems to have been to turn off enhanced session mode.

    https://social.msdn.microsoft.com/Forums/en-US/1e8c6efe-5d89-4df0-9a17-5c687aa8b80d/hyperv-generation-2-windows-10?forum=winserverhyperv

    • Proposed as answer by Leo Han Wednesday, January 18, 2017 1:42 AM
    • Marked as answer by Johannes HC Wednesday, January 18, 2017 9:18 AM
    Tuesday, January 17, 2017 1:58 PM
  • Hi Johannes,

    Thanks for sharing the information. 

    I would wait to see if there would be any more official documents about it and post here.

    Best Regards,

    Leo


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, January 18, 2017 2:07 AM