New machines have the same vTPM thumbprint as the master image in vSphere. This can be seen using PowerCLI and comparing the machines with the following command:

Get-VTpm -vm <machine_name> | Get-VTpmCertificate

Citrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items.

After creating new machines you will see duplicate vTPM thumbprints from the Get-VTpm command. A new vTPM thumbprint will be generated for them once they have been powered on for the first time. This specific thumbprint will remain with the VM instance in vSphere. This will not be reset when the VM refreshes in the case of non persistent machine catalogs.

 

For some configurations, you may need to add the following to the master image under the Advanced Parameters of the VM in vSphere:

Attribute: vpxd.clone.tpmProvisionPolicy
Value: REPLACE

This will set the vTPM to be replaced when the machine is cloned.

 

---

Problem Cause

vTPM settings are cloned with the master image.