Install Windows 11 as VM on VMware vSphere / Workstation without TPM 2.0

Yesterday Windows 11 is officially released. Windows 11 require a Trusted Platform Module (TPM) version 2.0 (link). My VMware ESXi servers at home don’t have a TPM 2.0. During the installation, Windows will check for the presence of a TPM 2.0, if not available the installation will fail. There is a registry hack available to bypass the TPM 2.0 check. Use this only for demo purposes and not in production environments!

The first step is to download Windows 11. This can be done by visiting the Windows 11 download page (link) and download the ISO image or create an ISO image with the MediaCreationTool (Quick Tip: Download the latest Windows 10 ISO file). After the download put the ISO on a datastore and create a VM with the following specifications:

  • Hardware Specifications:
    • Compatibility: ESXi 7.0 U2 and later (I’m using ESXi 7)
    • Guest OS: Windows 10 (64-bit)
      • Enable Windows Virtualization Based Security: Check
    • CPU: 2
    • Memory: 4 GB
    • Hard Disk: 64 GB
    • CD/DVD: Datastore on ISO
      • Connect: Check
  • Boot the VM with the ISO connected and the installation of Windows 11 will begin.
  • Select the correct Language, Time and currency format, and keyboard layout

  • Select “Install Now”

  • A Message appears that this PC can’t run Windows 11

  • Press Shift + F10
  • A DOS box appears. Typ regedit and hit enter

  • Navigate to HKEY_LOCAL_MACHINE\SYSTEM\Setup and create a new Key named LabConfig
  • Create in the LabConfig Key a ByPassTPMCheck DWORD (32-bit) with the value of 1
  • Close the Regedit window (click on the Red X in the right corner)
  • Typ exit to leave the command prompt
  • Click on the Red X in the right corner and the setup will start again

  • The setup is now able to install Windows 11 as VM in VMware ESXi or VMware Workstation.
  • When the setup is finished you have a Windows 11 VM running.

With this procedure, you can run Windows 11 on hardware that doesn’t have a TPM 2.0 chip.  This procedure is not officially supported of course! For example, you may not receive security updates in the future if you bypass the hardware requirements such as TPM.

VMware vSphere supports a Virtual Trusted Platform Module (vTPM) that emulates a physical TPM 2.0 without having one. Want to know more? Read my other blog post called “Install Windows 11 on VMware vSphere with a virtual TPM“.


20 thoughts on “Install Windows 11 as VM on VMware vSphere / Workstation without TPM 2.0”

  1. Hi Ivo

    You saved my day!!! Thank you very much for this superb instruction. I’m on Esxi 7.0 Update 3 (released yesterday).

    Is there also a way to do an inplace update from latest win 10 pro edition? Seems not to work with those registry settings.

    Thank you very much.


  2. Hi Chris, for upgrades you can try this: Navigate to: HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup and create a AllowUpgradesWithUnsupportedTPMOrCPU DWORD (32-bit) with the value of 1

  3. Hi Ivo

    Windows Registry Editor Version 5.00


    unfortunately that did not work. if there is a solution that’s fine, but I’m also happy to build my daily VM from scratch again.

    thank you.

  4. There are a couple more:


  5. Thank you!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Thank you so much for this!!! I have been struggling to install Win11 on my lab ESXi 7 cluster (hosts HP DL380P G9/G10)

  6. I decided to install w10 for testing and expected problems. However, I installed it without a problem on the ESXi 7 u2 which is hoisted on the i3 – 4th gen. It is installed via a deployment server (win 2016) with a boot file of w10 (last version 600 MB). It went without a problem, and when I go to TMP, it can’t be found … It works great.

  7. Although Windows is not case sensitive, the entry is “BypassTPMCheck” and not “ByPassTPMCheck”

  8. @Godek @Damir

    In VMware Workstation/Player/Fusion, a vTPM will work fine – you just need to encrypt the HDD of the virtual machine, and you’re good to add the TPM in. vSphere, however, refuses to allow you to add a TPM until you set ESXi up with a key management provider (a KMS server) to provide the keys to do the encryption with. You can get something like that set up for your lab, but it’s a pain in the ass and it means that if you lose access to the VM that’s acting as your KMS, you’re in a bit of trouble.

Leave a Comment