Trusted Platform Module (TPM) option is not available for certain users when creating a new virtual machine using the New Virtual Machine wizard in vCenter Server.
search cancel

Trusted Platform Module (TPM) option is not available for certain users when creating a new virtual machine using the New Virtual Machine wizard in vCenter Server.

book

Article ID: 413593

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

A new virtual machine with a Trusted Platform Module (TPM) has been successfully created using the administrator credentials, confirming that TPM functionality is working as expected for the admin account.  

However, when other user accounts attempt to create a virtual machine, the option to add or enable TPM does not appear in the configuration settings.

Environment

vCenter Server 7.x

vCenter Server 8.x 

Cause

The role currently assigned to the users lacks the required Cryptographic Operations privileges, which are essential for provisioning virtual machines equipped with a Trusted Platform Module (TPM). Without these permissions, users are unable to access or configure TPM settings during the VM creation process.

Resolution

To enable TPM functionality during VM creation, ensure that the user’s role is granted the appropriate cryptographic privileges within vCenter.

On the vCenter Server UI navigate to Menu -> Administration -> Roles -> Select the role assigned for the specified user -> Edit -> Add the following privileges : 

  • Cryptographic operations - Clone
  • Cryptographic operations - Encrypt
  • Cryptographic operations- Encrypt new
  • Cryptographic operations - Migrate
  • Cryptographic operations - Register VM

 

Refer Create a Virtual Machine with a Virtual Trusted Platform Module

Powered by Wolken Software