- Block or force upgrade to Windows 11 with Group Policy - Tue, Oct 26 2021
- Compress SMB data in Windows 11 and Server 2022 - Mon, Oct 4 2021
- Install Windows 11 in a virtual machine - Tue, Sep 28 2021
While Microsoft did make some concessions in the required hardware for Windows 11 by adding more CPUs to the compatibility list, a TPM is still a condition and is likely to be the biggest hurdle for older PCs.
However, Windows 11 can still be installed in a VM on these devices if the hypervisor can emulate a Trusted Platform Module (TPM). This applies to Hyper-V and VMware Workstation. VirtualBox does not yet offer this feature.
CPU limitations can generally be circumvented by installing the OS from the media. On the other hand, you only get the automatic upgrade from Windows 10 to 11 if the processor also meets the required criteria.
Configuring a new VM for Windows 11 ^
The following guide will take you through the configuration process using Hyper-V, whereby we generate the VM using the GUI. After starting the wizard to create a VM in the Hyper-V Manager, we assign a name and a storage location to the VM.
In the next step, we select Generation 2 in the Specify Generation tab. This is necessary to obtain the UEFI firmware, which is a prerequisite for the required Secure Boot.
A generation 2 VM is required for Windows 11 as a guest OS
In the following dialog box, we select the size of the RAM. For Windows 11, the minimum requirement is 4 GB. However, if we activate dynamic memory, we can assign less RAM to the startup.
Configuring settings ^
The next step is to check and configure several settings in the newly created VM. To do so, go to the Security section and make sure that the Secure Boot option is selected, which should be the case by default. In addition, make sure that the Trusted Platform Module setting is activated.
Activating Secure Boot and the virtual TPM
Another area where settings must be altered is the Processor tab. Typically, the Hyper-V Manager equips a new VM with only one CPU. This value is not enough for Windows 11 and must be increased to at least two.
The VM must be assigned to more than one vCPU
Check existing VMs ^
If you want to automatically upgrade existing Windows 10 VMs to version 11 via Windows Update or WSUS, you should first check whether they meet all requirements. As already mentioned, such an upgrade only works on machines with a supported CPU.
You can get a quick overview of all the VMs' properties using PowerShell:
Get-VM | select VMName, ProcessorCount, Generation, DynamicMemoryEnabled, `
@{Name="Start-RAM in MB";Expression={$_.MemoryStartup/1MB}}
Output of VM settings with PowerShell
The above command shows the configuration for vCPUs, generation, and RAM. Information on the status of Secure Boot can be retrieved this way:
Get-VM | Get-VMFirmware -ErrorAction SilentlyContinue | select VMname, SecureBoot
The existence of a vTPM can be checked with this command:
Get-VM | %{ $\_.Name + "\`n==="; Get-VMSecurity -VMName $\_.Name}
Changing VM settings using PowerShell ^
If a VM parameter needs to be changed, this can be done using PowerShell as well. You can increase the number of CPUs with this command to two:
Set-VMProcessor -VMName <Name-of-VM> -Count 2
You can extend the RAM with Set-VMMemory. Secure Boot is activated using:
Set-VMFirmware -VMName <Name-of-VM> -EnableSecureBoot On
A TPM can be added with this cmdlet:
Subscribe to 4sysops newsletter!
Enable-VMTPM -VMName <Name-of-VM>
After installing Windows 11 as a guest OS you can obtain information about the vTPM there
If it turns out that you are dealing with a Generation 1 VM, then further configuration doesn't make sense. In this case, the only way to proceed is by converting the VM to Gen2.
