So in my Lab vCenter went completely POOOOOF. So, I installed it fresh.
After vCenter was installed, I updated my Veeam configuration to ensure my backup chains wouldn’t break which still works great by the way.
One VM was missing from my vSphere. So I went to restore it when all of a sudden:
I remembered by post about configuring a Native Key Provider cause it was required as such to have a vTPM. So I thought, is this a “PC Load Letter” problem, and it’s actually just complaining that I didn’t configure a NKP for it to “apply encryption policy”?
Follow the same old steps to configure a NKP.
- Log in to the vSphere Client:
- Open the vSphere Client and log in with your credentials.
- Navigate to Key Providers:
- Select the vCenter Server instance.
- Click on the Configure tab.
- Under Security, click on Key Providers.
- Add a Native Key Provider:
- Click on Add.
- Select Add Native Key Provider.
- Enter a name for the Native Key Provider.
- If you want to use hosts with TPM 2.0, select the option Use key provider only with TPM protected ESXi hosts.
- Complete the Setup:
- Click Add Key Provider.
- Wait for the process to complete. It might take a few minutes for the key provider to be available on all hosts.
- Backup the Native Key Provider:
- After adding the Native Key Provider, you must back it up.
- Click on the Native Key Provider you just created.
- Click Backup.
- Save the backup file and password in a secure location.
Once I did all that…
No way that actually worked. But will it boot? Well it def “booted” but it asked for the BitLocker key (which makes sense since we created a new TPM and it doesn’t have the old keys). I checked my AD and sadly enough for some reason it didn’t have any BitLocker keys saved for this AD object/VM.
Guess this one is a loss and the importance of saving your encryption keys.