![\"\"](\"https:\/\/i.imgur.com\/z0Hvgov.png\")
<\/a><\/p>\nWhat.. what does that mean…. Oh wait is this cause of when I blogged about adding vTPMs to VMs<\/a>?<\/p>\n Re-checked the linked video from VMware<\/a>… 2 min in … “Failure to save your key backup will result in unrecoverable data loss”…. mhmmm, OK I thought all I did was add a TPM device to my VM and enabled secure boot, that’s the deal here?<\/p>\n Somewhere I read that the VM config files get encrypted, but I don’t think that’s the case here either.\u00a0 Even checking the Pre-reqs from VMware I can’t see anything nothing this:<\/p>\n Prerequisites<\/strong><\/p>\n Ensure that your vSphere environment is configured with a key provider. See the following for more information: What I think is happening here is my NKP that IS a Prerequisite went poof (the vCenter server that was used to create it is shutdown and not being used), and another temp vCenter is being used.<\/p>\n My first thought was maybe I could just add a new NKP and go as I figured the TPM physical module that’s installed simply needs this, and I think it’s this hardware that’s faulting the boot.<\/p>\n I didn’t want to muck the with original I just recovered so I tried to clone it, but the clone failed too complaining about encryption before adding a TPM, further validating my assumption. What I don’t understand it how the VM was allowed to be created from backup in the first place if I can’t even clone it…?<\/p>\n Any since I know recovery is possible (since I just did it), I guess maybe I can just remove it? Or I could also create a new VM and use vmkfstools to clone the hdd… let’s try that first…<\/p>\n Go to boot VM, well got past that error but the Machine was bitlocked, I was hoping it wasn’t going to be.. go to AD server, open ADUC… no bitlocker tab… ughhhh…<\/p>\n
\nConfiguring vSphere Trust Authority
\nConfiguring and Managing a Standard Key Provider
\nConfiguring and Managing vSphere Native Key Provider
\nEnsure that host encryption mode is enabled. See Enable Host Encryption Mode Explicitly.
\nThe guest OS you use can be Windows Server 2008 and later, Windows 7 and later, or Linux.
\nThe ESXi hosts running in your environment must be ESXi 6.7 or later (Windows guest OS), or 7.0 Update 2 (Linux guest OS).
\nThe virtual machine must use EFI firmware.
\nVerify that you have the required privileges:
\nCryptographic operations.Clone
\nCryptographic operations.Encrypt
\nCryptographic operations.Encrypt new
\nCryptographic operations.Migrate
\nCryptographic operations.Register VM<\/p>\n