- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- HP Proliant DL380 Gen10 (Windows Server 2016 Hyper...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-11-2018 02:48 AM
тАО10-11-2018 02:48 AM
Hi guys,
I have a HP Proliant DL380 Gen10 server here which doesn't have a TPM chip. I have installed Windows Server 2016 Datacenter on it and enabled Hyper-V.
I want to enable virtual TPM on generation 2 VMs enabled on them. To enable vTPM on the VM's it doesn't require the host server to have a TPM chip according to microsoft.
The server is running UEFI and I have secure boot enabled. This is confirmed from the host OS (msinfo32).
The problem: when trying to start a Hyper-V generation 2 machine with vTPM enabled, it will prompt "The virtual machine xxx can't start because the host's Isolated User Mode is off." The error message itself is old, because "Isolated User Mode" has been deprecated in Server 2016 and Windows (1607 and later).
"Isolated User Mode" has been replaced with Virtualization Based Security which I have enabled with (tried all ways of enabling it; GPO and Registry) as per MS guide on Deploy Windows Defender Device Guard: enable virtualization-based security.
The core issue is that I can't get the status of "Device Guard Virtualization based security" (VBS) to change from "Enabled but not running" to "Running" (as seen in msinfo32).
What I have tried so far in this order:
Upgrading to newest BIOS/UEFI.
Upgrading to latest Windows Server 2016 October CU.
All possible combinations of the GPO for Turn On Virtualization Based Security.
In bios, unchecked secure boot and re-checked secure boot from UEFI, including remove all secure boot keys, reset bios to factory default settings.
Reinstalled with Windows Server 2016 Datacenter and enable Hyper-V role.
Tried not to update to latest CU with no effect and the updated with latest CU (October 2018).
Installed the HostGuardian windows feature.
Alas all attempts fails with the same deprecated error message, and the "Device Guard Virtualization based security" is still stuck at "Enabled but not running".
I know that this it not an easy question to answer, but any help would be greatly appreciated.
The end result that I am looking IS possible. Because I have another Gen10 server with same model, specs and it had no issue turning on vTPM. Also tested on older HP Proliant servers Gen9, 8, 7, 6 as well. I would like to point out that on the working ones, I did not have to change any BIOS/UEFI/GPO settings to get VBS running.
So I know it can be done, but I am stuck.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-24-2018 07:07 PM
тАО10-24-2018 07:07 PM
Re: HP Proliant DL380 Gen10 (Windows Server 2016 Hyper-V vTPM issue)
Hi,
This is Windows specific issue, You should raise a case with software team.
Regards,
Sudhir
>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-12-2019 12:25 PM
тАО04-12-2019 12:25 PM
Re: HP Proliant DL380 Gen10 (Windows Server 2016 Hyper-V vTPM issue)
Did you get this issue resolved? We are having this same problem with our BL460c Gen10 servers.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-22-2019 01:55 AM