locked
Virtual TPM with Hyper-V on Windows 10 Enterprise 1607 x64: No Isolated User Mode RRS feed

  • Question

  • I am trying to run a Hyper-V VM of Windows 10 Enterprise 1607 x64 on a host running the same.  The VM runs properly if I don't have TPM enabled in the VM's settings.  If I click "Enable Trusted Platform Module" under the Security section of the VM's settings, however, I get "The virtual machine can't start because the host's Isolated User Mode is off.  Enable Isolated User Mode feature in the host to start the virtual machine."

    From what I've read (https://technet.microsoft.com/en-us/itpro/windows/whats-new/whats-new-windows-10-version-1607), Isolated User Mode is installed with Hyper-V in 1607.  I don't know of any way to install/start it separately.  Is anyone successfully running vTPM in the Anniversary Update?

    Thursday, August 11, 2016 8:42 PM

Answers

All replies

  • From what I understand, your host OS has to be booted in Secure Mode as well.

    The physical TPM validates the physical OS, which in turn provides validation to the virtual OS.  It is an all up the stack chain of validation.

    (I could be wrong / it could be a specific case I have confused with yours)

    That said, I also seem to recall seeing some bugs fly by with vTPM in the anniversary update.  So hold that thought.


    Brian Ehlert
    http://ITProctology.blogspot.com
    Learn. Apply. Repeat.

    Thursday, August 11, 2016 9:31 PM
  • Both the host OS and the guest are Secure Boot enabled, but I just looked and it appears that the host does not have TPM enabled!  I'll check my UEFI settings and try again.
    Thursday, August 11, 2016 9:43 PM
  • Hi ,

    We have been reported that TPM have issues after upgrading to Windows 10 version 1607. We have reported the issue on our side. You could try the built-in "Feedback" tool to submit the issue on your side. I hope it could be fixed in the near future.

    Here is a similar cases for reference. Please check the workaround provided by Darrell Gorter, hope it can be helpful for you to deal with TPM issue when upgrading to 1607.
    After Update 1607 no TPM function
    https://social.technet.microsoft.com/Forums/windows/en-US/7b754050-f8e5-4bc0-821a-fa8c5a0feaac/after-update-1607-no-tpm-function?forum=win10itprosecurity

    Best regards


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, August 17, 2016 8:50 AM
  • Thanks for the update.  I'd forgotten to come back here and reply that, in my case, enabling the TPM in UEFI settings allowed the vTPM to work.
    Monday, August 22, 2016 3:09 PM
  • Wasn't it already enabled? Mine is, and I have this issue with Win 10 1607.

    In advance: Sorry...

    Monday, January 9, 2017 2:10 PM
  • Wasn't it already enabled? Mine is, and I have this issue with Win 10 1607.

    In advance: Sorry...

    Looks like a similar issue as I had

    https://social.technet.microsoft.com/Forums/en-US/b3d8d281-e4fe-4924-8019-e35373aef493/vtpm-stopped-working-on-a-pc-without-physical-tpm-since-installing-kb3206632?forum=win10itprovirt


    Tuesday, January 10, 2017 9:35 PM