VMware Communities
managedvm
Contributor
Contributor
‎01-22-2022 05:53 AM
Jump to solution

Re: TPM and Secure Boot errors on Windows 11 preview vm

This is good information and thank you!

I have performed these steps but still do not see the TPM virtual device.

Problem: In place upgrade of W10 to W11 fails with no TPM 2.0 device found using VTPM.
Problem: Clean install of W11 fails with no TPM 2.0 device found using VTPM.

Platform: VMW Workstation 16.2.1 for Linux
Host: Slackware Linux, kernel 5.15.15
CPU: Intel i7-1065G7
TPM enabled on host bios
System RAM: 16GB
Guest OS: Windows 10 x64
VMDK upgraded to 16.2.1
MBR converted to GPT
UEFI enabled
Secure Boot Enabled
Key settings from VMX:

 

#!/usr/bin/vmware
.encoding = "ISO-8859-1"
config.version = "8"
virtualHW.version = "19"
numvcpus = "8"
firmware = "efi"
uefi.secureBoot.enabled = "TRUE"
uefi.allowAuthBypass = "TRUE"
vvtd.enable = "TRUE"
windows.vbs.enabled = "TRUE"
vhv.enable = "TRUE"
managedVM.autoAddVTPM = "software"

 

 Restarting host services, reopening either VMW Workstation or Player, no TPM device is found or displayed.

I also tried doing a clean install of W11 using a brand new VMDK using above parameters, and still no VTPM is displayed. Encrypting a disk and using the Add Device button I am able to add TPM and installation continues.

QUESTION: What is wrong with settings that prevents VTPM from being used?

I am perfectly happy to encrypt the entire disk and use the VMW TPM device if needed, but just want to know more about this issue.

Thank you

0 Kudos
1 Solution

Accepted Solutions
managedvm
Contributor
Contributor
‎01-24-2022 07:38 AM
Jump to solution

@wila wrote:

Hi,

@managedvm wrote:

I wasn't "complaining!" ;-).

No you didn't. Sorry, my bad, wrong choice of words.

--
Wil

No need to apologize. I know what you mean. Just to tie a bow around this:

  1. managedvm.autoAddVTPM = "software" does not appear to work with a Linux host.
  2. Encrypting a drive allows the vmware workstation TPM device to be added.
  3. Assuming all other criteria are met, W11 passes health check.

Thank you again for your feedback.

managedvm_1-1643038647912.png

 

managedvm_0-1643038557566.png

 

View solution in original post

0 Kudos
7 Replies
Technogeezer
Immortal
Immortal
‎01-22-2022 03:44 PM
Jump to solution

You might want to ask this over in the VMware Workstation Discussions forum. This forum deals with VMware Fusion on the Mac.

Although there are similarities in the platforms, and many of the same people hang out in both forums, the products are not the same and you may get a more focused look at it over there.

 

- Paul (Technogeezer)
Editor of the Unofficial Fusion Companion Guides
0 Kudos
wila
Immortal
Immortal
‎01-23-2022 06:20 AM
Jump to solution

Hi,

Detached this reply from post:

https://communities.vmware.com/t5/VMware-Fusion-Discussions/TPM-and-Secure-Boot-errors-on-Windows-11...

to a new thread.

--
Wil

| Author of Vimalin. The virtual machine Backup app for VMware Fusion, VMware Workstation and Player |
| More info at vimalin.com | Twitter @wilva
0 Kudos
wila
Immortal
Immortal
‎01-23-2022 06:23 AM
Jump to solution

Hi,

It is not the first time that I see people complain that the "managedVM.autoAddVTPM" option does not work on Linux hosts.
Haven't tested it myself, sorry.

You should still be able to encrypt the VM via normal ways and manually add a TPM device after that (which is what you did).

Hopefully Linux hosts will not be forgotten once this feature makes it in an officially supported state.

--
Wil

| Author of Vimalin. The virtual machine Backup app for VMware Fusion, VMware Workstation and Player |
| More info at vimalin.com | Twitter @wilva
0 Kudos
managedvm
Contributor
Contributor
‎01-23-2022 06:35 AM
Jump to solution

Apologies if I mis-posted. I saw 

VMware Technology Network  Desktop Hypervisor  VMware Workstation  VMware Workstation Pro Discussions

 

and just assumed this was the right forum and certainly right thread.

0 Kudos
managedvm
Contributor
Contributor
‎01-23-2022 06:39 AM
Jump to solution

@wila wrote:

Hi,

It is not the first time that I see people complain that the "managedVM.autoAddVTPM" option does not work on Linux hosts.
Haven't tested it myself, sorry.

You should still be able to encrypt the VM via normal ways and manually add a TPM device after that (which is what you did).

Hopefully Linux hosts will not be forgotten once this feature makes it in an officially supported state.

--
Wil

I wasn't "complaining!" ;-). Just curious as to why things did not work as expected. And yes, I will remake the drive at some point. Thank you for following up.

0 Kudos
wila
Immortal
Immortal
‎01-23-2022 06:46 AM
Jump to solution

Hi,

@managedvm wrote:

I wasn't "complaining!" ;-).

No you didn't. Sorry, my bad, wrong choice of words.

--
Wil

| Author of Vimalin. The virtual machine Backup app for VMware Fusion, VMware Workstation and Player |
| More info at vimalin.com | Twitter @wilva
0 Kudos
managedvm
Contributor
Contributor
‎01-24-2022 07:38 AM
Jump to solution

@wila wrote:

Hi,

@managedvm wrote:

I wasn't "complaining!" ;-).

No you didn't. Sorry, my bad, wrong choice of words.

--
Wil

No need to apologize. I know what you mean. Just to tie a bow around this:

  1. managedvm.autoAddVTPM = "software" does not appear to work with a Linux host.
  2. Encrypting a drive allows the vmware workstation TPM device to be added.
  3. Assuming all other criteria are met, W11 passes health check.

Thank you again for your feedback.

managedvm_1-1643038647912.png

 

managedvm_0-1643038557566.png

 

0 Kudos