Any risks in creating HGS Guardian?

Gordon Thomas 1 Reputation point
2022-04-08T14:53:46.63+00:00

I have a Windows Server 2019 with no physical TPM chip. I want to add a new Windows 11 VM to the several older VMs in Hyper-V on the box. If I run the Powershell scripts such as:

New-HgsGuardian -Name "Guardian11" -GenerateCertificates

and ending with:

Enable-VMTPM -VMNAME "TPM"

from a Microsoft article 34431.windows-10-enabling-vtpm-virtual-tpm.aspx is there any danger of the existoing VMs or the host getting messed or, or does the HGS only affect any VMs that I explicitly reference?

Hyper-V
Hyper-V
A Windows technology providing a hypervisor-based virtualization solution enabling customers to consolidate workloads onto a single server.
2,530 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Gordon Thomas 1 Reputation point
    2022-05-17T13:13:35.377+00:00

    On further investigation, this is a very complex feature to install and get right. Microsoft strongly recommend that it is installed in a cluster in case a node is lost. Otherwise, recovery is very difficult, if not impossible.

    While it isn't the answer I wanted, I have since found that you can interrupt the Windows 11 installation process and insert some registy keys that will allow you to install it without TPM. Search for 'Windows 11 LabConfig'.

    Not recommended for production or critical usage, but allows you to run Windows 11 for testing purposes at least.

    0 comments