- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Servers - General
- >
- Powershell TPM config
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-27-2024 07:29 AM - last edited on 08-28-2024 10:21 PM by support_s
08-27-2024 07:29 AM - last edited on 08-28-2024 10:21 PM by support_s
Powershell TPM config
I'm new to TPM and my company has a security initiave to enable TPM on our ESXi hosts. My initial thought is to collect information about all our ESXi hosts first to get a view of where we're at. However, I'm not sure what all I can get via powershell? What is my best approach here? What should I be looking for? Is TPM chip present? Is UEFI BIOS enabled? I could really use some guidance here. Also, should I be doing this using iLO Powershell cmdlets/ module?
Thanks for any help!
RH
- Tags:
- ProLiant Server
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-28-2024 01:27 AM - last edited on 09-16-2024 02:10 AM by support_s
08-28-2024 01:27 AM - last edited on 09-16-2024 02:10 AM by support_s
Re: Powershell TPM config
Dear RogerH1
TPM stands for Trusted Platform Module is A security chip that's embedded into a motherboard or processor to improve security. TPMs use cryptography to store sensitive information like passwords, certificates, and encryption keys. They can also help protect against malware and cyberattacks. It shoul be enable from BIOS configuration menu. Please go though the link to check, is it assist/fullfilment of your requairment. if yes you may configure it. HPE have support for ESXi tools and drivers. Please find support matrix and check your server compatible ESXi version.
ESXI configuration for TPM : https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-10F7022C-DBE1-47A2-BD86-3840C6955057.html
HPE Support matrix : https://www.hpe.com/us/en/collaterals/collateral.a50010841enw.html
TPM enable Procedure :
- During the server startup sequence, press the F9 key to access System Utilities.
- From the System Utilities screen, select System Configuration > BIOS/Platform Configuration (RBSU) > Server Security > Trusted Platform Module options.
- Verify the following:
"Current TPM Type" is set to TPM 2.0.
"Current TPM State" is set to Present and Enabled.
"TPM Visibility" is set to Visible.
- If changes were made in the previous step, press the F10 key to save your selection.
- If F10 was pressed in the previous step, do one of the following:
If in graphical mode, click Yes.
If in text mode, press the Y key.
- Press the ESC key to exit System Utilities.
- If changes were made and saved, the server prompts for reboot request. Press the Enter key to confirm reboot.
If the following actions were performed, the server reboots a second time without user input. During this reboot, the TPM setting becomes effective.
Changing from TPM 1.2 and TPM 2.0
Changing TPM bus from FIFO to CRB
Enabling or disabling TPM
Clearing the TPM
- Enable TPM functionality in the OS, such as Microsoft Windows BitLocker or measured boot.
Hope, I could provide you with clear and helpful instructions. If you have any more questions or need further assistance, don't hesitate to ask. I'm here to help! Have a great day!
Thanks & Regards...
Rabindra
- Tags:
- Systemboard
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2024 07:13 AM - last edited on 09-16-2024 02:31 AM by support_s
09-05-2024 07:13 AM - last edited on 09-16-2024 02:31 AM by support_s
Re: Powershell TPM config
Hi Rabindra,
Thank you for your reply! Do you know if there's a way to automate this process? Using Powershell for example? I have a large number of hosts that need to have this configuration and I would like to automate the process if possible.
Also, just a note, when I attempt to make this change view BIOS settings. The settings below are either missing or grayed out and can't modify.
-
"Current TPM Type" is set to TPM 2.0.
-
"Current TPM State" is set to Present and Enabled.
-
"TPM Visibility" is set to Visible.
- Tags:
- bios
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-10-2024 04:24 AM
09-10-2024 04:24 AM
Re: Powershell TPM config
Dear RogerH1
for TPM grey out option, please go through the document do needful to isolate the issue. it might be resolved your issue.
https://support.hpe.com/hpesc/public/docDisplay?docId=sf000087663en_us&docLocale=en_US
Thanks & Regards...
Rabindra
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-26-2024 12:42 AM
11-26-2024 12:42 AM
Query: Powershell TPM config
Hello,
Let us know if you were able to resolve the issue.
If you have no further query, and you are satisfied with the answer then kindly mark the topic as Solved so that it is helpful for all community members.
Please click on "Thumbs Up/Kudo" icon to give a "Kudo".
Thank you for being a HPE valuable community member.