Bypassing TPM and SecureBoot requirements in NTLite Settings
- Thread starter garlin
- Start date
- Messages
- 3,867
- Reaction score
- 1,612
Hi Phearin,
set the machine to EFI type with SecureBoot, and add TPM device under hardware.
More info here:
core.vmware.com
In newer Win11 I believe the TPM disabling just allows for v1.2 instead of TPM 2.0 requirement.
Always boot the image, running setup.exe will complain anyway.
set the machine to EFI type with SecureBoot, and add TPM device under hardware.
More info here:
Windows 11 Support on vSphere | VMware
The goal of this article is to act as a single destination to guide you through the requirements needed to run Windows 11 virtual machines on vSphere.
In newer Win11 I believe the TPM disabling just allows for v1.2 instead of TPM 2.0 requirement.
Always boot the image, running setup.exe will complain anyway.
I'm running VMware Workstation 15.5.7 on W7. My laptop is a Lenovo Y50-70 with TPM 1.2.
While I've tried adding the software TPM 2.0 feature in VMware, it's a pain for me since it requires encrypting the entire VMDK and it's a performance hit. So I don't and must use the BypassTPM on every image.
My understanding is 24H2 doesn't enforce the TPM 2.0 bypass any differently.
While I've tried adding the software TPM 2.0 feature in VMware, it's a pain for me since it requires encrypting the entire VMDK and it's a performance hit. So I don't and must use the BypassTPM on every image.
My understanding is 24H2 doesn't enforce the TPM 2.0 bypass any differently.
Hi garlin , thank you for your comment. The image is working now just to update the MBR --> GPT.
bseklecki_ge
Member
- Messages
- 140
- Reaction score
- 21
Just one note for the Google search results:
If you build a Win11 ISO with NTLite, and want/plan/desire to use it with RUFUS to apply the TPM bypass, it seems that the ISO cannot have an autounattend.xml config (RUFUS appears to use the presence of this existing config to decide whether to prompt the user for these advanced options)
So the two options are mutually exclusive.
Eventually hopefully these changes will eventually be public domain; as, for example, without the RUFUS bypass, recent versions of VMWare ESXI , v6.7 for example, cannot host a Win11 VM as that platform doesn't support encrypting VMDKs or vTPM hardware.
Nor do...really any other Type-1 hypervisors, other than VMWare vSphere/ESXi v8.x , or VMWare Workstation Pro v17.x ; each licensed CPU core one more gold coin in the swimming pool behind the house of the Broadcom CEO.
~BAS
1. The real problem is Rufus wants to use a "hidden" Windows\Panther\unattend.xml to implement the bypasses. There's nothing wrong with this strategy if you're not using your own autounattend.xml. Otherwise the two files can possibly conflict with each other.
If you don't have a licensed copy of NTLite it's still possible to integrate the same reg keys into boot.wim & install.wim. So there's no need to use these optional Rufus features.
2. There are VMware versions that can simulate a TPM 2.0 device, but you're required to enable disk encryption on the VMDK file.
If you don't have a licensed copy of NTLite it's still possible to integrate the same reg keys into boot.wim & install.wim. So there's no need to use these optional Rufus features.
2. There are VMware versions that can simulate a TPM 2.0 device, but you're required to enable disk encryption on the VMDK file.
bseklecki_ge
Member
- Messages
- 140
- Reaction score
- 21
Thx again; yes confirmed, those NTLite Preset settings allow one to bypass all Win11 hardware requirements except dual-socket/dual-core requirements, which one can do with older ESXi/vSphre v6.7.x
Luego de hacer esto me funcionó en la version 24H2 de windows 11 ejecutandolo en virtualbox con disco duro virtual minimo 52GB. Dato: el modo EFI en virtualbox debe estar desactivado.
Amplificator
New Member
- Messages
- 14
- Reaction score
- 0
Will checking these settings to skip hardware requirements "stick" in the installed OS so all future updates can be upgraded to using just Windows Update?
Such as being able to upgrade from 23H2 to 24H2 and eventually to the next big update as well from just using Windows Update on an already installed system?
Such as being able to upgrade from 23H2 to 24H2 and eventually to the next big update as well from just using Windows Update on an already installed system?
azur3orion
New Member
- Messages
- 3
- Reaction score
- 1
Hello everyone! I'm trying to make an ISO with TPM and Secure Boot requirements disabled, but it seems like not works.
These settings were applied to boot.wim (Windows PE, Windows Setup) and to install.wim. (original ISO name: en-gb_windows_11_consumer_editions_version_23h2_updated_oct_2024_x64_dvd_4728d672.iso, NTLite ver: 2024.12.10221 free)
Booting the completed ISO into Hyper-V looks like disabling RAM, TPM and Secure Boot requirements via NTLite not works. VM disk is empty, it will be a clean installation. VM settings allowed a W10 installation previously to a different vhd.
Is it possible that NTLite settings are not applicable to this version or not tested yet? Rufus was not tested, I want to use the installer for blank VM.
These settings were applied to boot.wim (Windows PE, Windows Setup) and to install.wim. (original ISO name: en-gb_windows_11_consumer_editions_version_23h2_updated_oct_2024_x64_dvd_4728d672.iso, NTLite ver: 2024.12.10221 free)
Booting the completed ISO into Hyper-V looks like disabling RAM, TPM and Secure Boot requirements via NTLite not works. VM disk is empty, it will be a clean installation. VM settings allowed a W10 installation previously to a different vhd.
Is it possible that NTLite settings are not applicable to this version or not tested yet? Rufus was not tested, I want to use the installer for blank VM.
Last edited:
Anonymous Internet User
Member
- Messages
- 69
- Reaction score
- 7
So is there a way to also implement installer CPU check bypass in NTLite? NTLite only allows to bypass RAM, TPM and Secure Boot installer checks but not the CPU check. I get "This PC can't run Windows 11 error" on a 6700K. Rufus also has a CPU check bypass option so if I create a Win 11 boot USB with Rufus I can install on a 6700 and even older machines without problems. Thanks!
- Messages
- 1,088
- Reaction score
- 205
With Windows 11 23h2, all it's good with NTLite and options already present (I'm installing 23h2 on a 2009 laptop)
With Windows 11 24h2 and SSE4.2 (or 4a) no bypass for this prerequisite exists
With a VM, you may need another option
To see with nuhi
EDIT : 1st link on Google
www.experts-exchange.com
Maybe this will help you
With Windows 11 24h2 and SSE4.2 (or 4a) no bypass for this prerequisite exists
With a VM, you may need another option
To see with nuhi
EDIT : 1st link on Google
Solved: Bypass Windows 11 Upgrade Requirements | Experts Exchange
Find answers to Bypass Windows 11 Upgrade Requirements from the expert community at Experts Exchange
www.experts-exchange.com
Maybe this will help you
Last edited:
Anonymous Internet User
Member
- Messages
- 69
- Reaction score
- 7
I'm confused, I'm sorry.
Rufus lets me create 24H2 boot USB drive from a vanilla Windows 11 ISO that boots an unsupported 6700K, so some bypass must exist. This 6700K PC will not otherwise boot from any vanilla Windows 11 ISO.
My NTLite 23H2 build can't boot that PC either but with that older 23H2 image I can "add" Rufus tweaks when copying the ISO to the USB drive and that works. I can boot the 6700K and install Windows.
But if I add Rufus tweaks to my NTLIte 24H2 ISO, it breaks the unattended part of the installer, Windows starts asking me all the questions.
This is getting confusing
Anyway, if this means that I simply need to stay on 23H2 on the three older PCs that I have then that's fine. That's an acceptable solution.
Thank you.
Rufus lets me create 24H2 boot USB drive from a vanilla Windows 11 ISO that boots an unsupported 6700K, so some bypass must exist. This 6700K PC will not otherwise boot from any vanilla Windows 11 ISO.
My NTLite 23H2 build can't boot that PC either but with that older 23H2 image I can "add" Rufus tweaks when copying the ISO to the USB drive and that works. I can boot the 6700K and install Windows.
But if I add Rufus tweaks to my NTLIte 24H2 ISO, it breaks the unattended part of the installer, Windows starts asking me all the questions.
This is getting confusing
Anyway, if this means that I simply need to stay on 23H2 on the three older PCs that I have then that's fine. That's an acceptable solution.
Thank you.
- Messages
- 1,088
- Reaction score
- 205
Yes, the Intel 6700k has the SSE4.2 instruction so no problem for the 24h2
I only use NTLite for 23h2 and 24h2 and bypass the prerequisites (TPM and SecureBoot in boot.wim / Windows Setup) and no problem for a "classic" installation
Never tried in VM, surely something else to do
I use the 22h2 installation files to install Windows 11 24h2 and therefore no problem with the "unattended"
I only use NTLite for 23h2 and 24h2 and bypass the prerequisites (TPM and SecureBoot in boot.wim / Windows Setup) and no problem for a "classic" installation
Never tried in VM, surely something else to do
I use the 22h2 installation files to install Windows 11 24h2 and therefore no problem with the "unattended"
azur3orion
New Member
- Messages
- 3
- Reaction score
- 1
If anyone has the same issue... My problem was the VM CPU count. If VM has only one CPU / Core set, increment it to 2 or more. Also, NTLite's bypass settings worked.
Another common mistake is not assigning a minimum system disk size of 54 GB. Sometimes when you're making a tiny VM for testing purposes, you forget this Setup requirement.
Unlike what the Internet says, there is no actual BypassStorageCheck key to get around it. Of course, you can manually run DISM /Apply-Image from WinPE if you really want to use a smaller system disk.