We are currently investigating enabling TPM for Windows Credential Guard and VBS. In my research, it seems that this would require Center 6.7 +. We do not use vCenter in our deployments. We have ESXi 6.7 installed on Hypervisor servers, but not vCenter. Can someone please confirm if the TPM can be enabled on our ESXi 6.7 VMs without using vCenter?
I can confirm you need vCenter for enabling the vTPM device on a VM. Which license are you using on your ESX hosts. If you have Essential Kit you have already vCenter included for free.
Regards Daniel
Yes on 6.7 KMS is necessary. For this reason I upgraded my lab to vSphere 7. There you no longer need the KMS. Check the requirements and how to here: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-4DBF65A4-4BA0-466...
Keep in mind. vSphere 6.7 goes End of Support in Oct 2022.
Regards Daniel
@bwolfe21 Please mark as solved so this thread get marked. The community will thank you.
I can confirm you need vCenter for enabling the vTPM device on a VM. Which license are you using on your ESX hosts. If you have Essential Kit you have already vCenter included for free.
Regards Daniel
It seems that a KMS is also going to be necessary?
Yes on 6.7 KMS is necessary. For this reason I upgraded my lab to vSphere 7. There you no longer need the KMS. Check the requirements and how to here: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-4DBF65A4-4BA0-466...
Keep in mind. vSphere 6.7 goes End of Support in Oct 2022.
Regards Daniel
This is great info. Thanks so much!
@bwolfe21 Please mark as solved so this thread get marked. The community will thank you.