I just purchased and installed Workstation Pro and my Windows 10 VM runs great. I am trying to get it ready to migrate to Windows 11. To do this, I needed to encrypt the VM to then turn on TPM support and migrate the Boot sector from MBR to GPT to enable secure boot.
The issue am having is that when I try and add the Trusted Platform Module device, it's not available to add. I am running my windows 10 client VM under Ubuntu 20.10.
Any idea what I could have done wrong?
Thanks!
0. back up VM (in case something goes wrong)
1. convert the Windows 10 VM boot disk partition structure from MBR to GPT using MBR2GPT tool
2. shut down VM
3. change firmware from BIOS to UEFI, turn on secure boot
4. (optional) power on VM to check that GPT conversion is successful and VM is still bootable
5. encrypt VM
6. add vTPM
For encrypted VM, it will encrypt the virtual disk(s) as well. For encrypted VMs, the virtual disks need to be preallocated. If it is not preallocated, you can longer "Compact" the disks and it will continually grow. By definition, encrypted virtual disks will never have contiguous space that are zero-filled (such as using SDelete from within the Windows 10 VM) as the zeroes written will also have to be encrypted.
0. back up VM (in case something goes wrong)
1. convert the Windows 10 VM boot disk partition structure from MBR to GPT using MBR2GPT tool
2. shut down VM
3. change firmware from BIOS to UEFI, turn on secure boot
4. (optional) power on VM to check that GPT conversion is successful and VM is still bootable
5. encrypt VM
6. add vTPM
For encrypted VM, it will encrypt the virtual disk(s) as well. For encrypted VMs, the virtual disks need to be preallocated. If it is not preallocated, you can longer "Compact" the disks and it will continually grow. By definition, encrypted virtual disks will never have contiguous space that are zero-filled (such as using SDelete from within the Windows 10 VM) as the zeroes written will also have to be encrypted.
Thanks for the quick reply bluefirestorm. When I enable UEFI, the secure boot option is not present as shown in many of the online tutorials. Is there a secondary method to enable the secure boot?
The virtual hardware version needs to be at least 14.
Go to VM menu -> Managed -> Change Hardware Compatibility
Hey Bluefirestorm, thanks for the idea. I am digging and learning as I go. Seems the transition from MBR --> GPT was not without issue, I'll get that fixed first. Then see if the rest falls in place. I'll update here when I get something meaningful.
bluefirestorm, your directions worked. I ended up creating a new vmware session, and I am upgrading to windows 11 now. It worked better because the reinstall of windows 10 did not start with windows 7, so it had the UEFI by default and the GPT system. Thanks for the help!