VMware Communities
itris666
Contributor
Contributor

Secure Boot on Windows VM on apple silicon

Currently I can't join my company mdm on a windows 11 guest on my Mac Studio ( Apple Silicon ). The support and activation of secure boot is required. Is there a way to activate Secure boot, if not, is it on your roadmap ? Parallels has it :winking_face:

Reply
0 Kudos
23 Replies
Technogeezer
Immortal
Immortal


@itris666 wrote:

I could verify that indeed I got secure boot activated in a new vm. I wonder why I didn't checked that **bleep** checkbox the first time :beaming_face_with_smiling_eyes:


You may have hit upon another wrinkle in my procedure. I always create my Windows 11 VMs with the option to "Only the files needed to support a TPM". My suspicion is that you chose "All the files".

If you choose "All the files", the entire .vmx file is indeed encrypted and remains encrypted even though you have the VM unlocked. In that case the only way to edit the .vmx file to add the parameter is to remove the TPM device, decrypt the VM, make the change, re-encrypt the VM, then re-add the TPM device. 

If you chose "Only the files required to support a TPM" for encryption. then the .vmx is able to be edited with my procedure without having to decrypt the VM.

The recommended encryption for Windows 11 VMs is to use "Only the files needed to support a TPM are encrypted". If you need to encrypt the data within the Windows VM consider enabling BitLocker and keep the VM encryption set to "Only the files needed to support a TPM" instead of configuring Fusion to encrypt all the files. 

 

- Paul (Technogeezer)
Editor of the Unofficial Fusion Companion Guides
Reply
0 Kudos
itris666
Contributor
Contributor

I took the long road and unencrypted the VM but it now works and I have secure boot, yay. 

VMWare fusion works great my my professional usage. It just needs good 3D hardware acceleration on windows and in my book, will beat parallels for everything.

Also it would be great if Ubuntu post 22.04 would work but that is another topic, 

Reply
0 Kudos
itris666
Contributor
Contributor

yes I was in full encryption. which is not very useful since FileVault is activated on the host. I have changed that to only files needed now

Reply
0 Kudos
Technogeezer
Immortal
Immortal


@itris666 wrote:

Also it would be great if Ubuntu post 22.04 would work but that is another topic, 



Try Ubuntu 23.04. In my testing it installs without issue.

The latest 22.10 updates have a broken kernel. I have a bug report open with them on that, and it looks like they are on the path to fix it. Until they do, I’m recommending avoiding it. 

- Paul (Technogeezer)
Editor of the Unofficial Fusion Companion Guides
Reply
0 Kudos