Remove TPM (Trusted Platform Module) from a Virtual Machine

With few simple steps, you can remove TPM (Trusted Platform Module) from a virtual machine. If you have encrypted a virtual machine and enabled Trusted Platform Module on it, you can remove it easily.

TPM also known as Trusted Platform Module, is a standard type of hardware component included in many PCs to more securely store and process cryptographic data.

Windows 11 requires TPM to be enabled before installing it on your laptop or PC. If you are creating and managing Virtual Machines using VMware, it is easy and simple to add or remove TPM from a virtual machine.

In my previous post, I showed you how to enable TPM on a virtual machine. Enabling TPM on a VM requires you to encrypt the virtual machine first, and then you can enable the TPM module.

However, while removing the Trusted Platform Module from a virtual machine, you don’t need to decrypt the VM. You can remove the trusted platform module while the VM is in encrypted state.

Note that you can add or remove TPM device on an encrypted virtual machine with a minimum hardware version of 14 that uses the UEFI firmware type.

Check TPM Status and Version Details

Before you remove TPM from virtual machine, you can check the TPM status and version details on the VM. Login to the VM and run the command TPM.msc. This opens the TPM management on local computer. Under Status, it shows TPM is ready for use. This confirms the TPM is present on the VM.

To check the TPM version details, look for the details under TPM Manufacturer Information. The Specification version is either 2.0 or 2.1.

If you are using SCCM to manage your Windows computers, you can use CMPivot query to find TPM status and details.

Check TPM Status and Version Details
Check TPM Status and Version Details

Remove TPM from Virtual Machine

To remove Trusted Platform Module (TPM) from a virtual machine:

  • First of all power off the virtual machine.
  • Select VM > Settings.
  • Select Trusted Platform Module and click Remove. Click OK.
Remove TPM from Virtual Machine
Remove TPM from Virtual Machine

If you wish to re-enable or add the TPM on the virtual machine, under VM settings, select Trusted platform module and click Add.

2 thoughts on “Remove TPM (Trusted Platform Module) from a Virtual Machine”

  1. “However, while removing the Trusted Platform Module from a virtual machine, you don’t need to decrypt the VM. You can remove the trusted platform module while the VM is in encrypted state.”
    *** I have to decrypt my machine before I can even go to the settings

    “Select Trusted Platform Module and click Remove. Click OK.”
    *** Also this button is greyed out so I cannot simply remove it like you

    Any other suggestions?

    Reply
  2. I don’t like the warning ‘Removing TPM with render all encrypted data on this VM unrecoverable’ when I want to remove TPM.
    Is the data on VMDK file accessible after removing TPM and if so why this warning?
    thanks

    Reply

Leave a Comment