A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

Bypass Windows 11 TPM Setup Checks

Quick one – I’m doing some testing in my home lab environment with Windows 11 and this box doesn’t have a TPM (so it’s not enabled in Hyper-V). Booting up the Windows 11 iso and trying to install will tell you that it’s unsupported. To get around that, load the setup as normal and once you reach the language and time screen press Shift+F10 to bring up the command prompt.  Type regedit and hit enter to launch Reg Edit for the pre-install environment.  Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\Setup registry hive and create a new Key called LabConfig.  Now under LabConfig create two DWROD (32-bit) values, one BypassTPMCheck and the other BypassSecureBootCheck and set both of these to a value of 1.  If you don’t have enough RAM allocated you can also add a DWORD of BypassRAMCheck and value of 1.

Once you’re done close up Regedit and the Command Prompt and you can start the setup process and install as normal.

As a side – once you hit the connect to a network screen, press Shift+F10 and enter the following command to bypass the Microsoft Account requirement.

oobe\bypassnro

Hope that helps.

Leave a Reply

More Posts

Getting Started with Maester and Entra Security Hardening

So I’ve known about PingCastle and Purple Knight for a little while now and have used them for on-premises audits and Azure AD audits a while back.  I recently stumbled on Maester which is a testing framework that can be used to automate testing for your Entra environment.  I finally had some time to give […]

Using the Google Maps API with PHP to display a Map and place a Marker on the map using Geocoding

So I was recently developing a new feature for a client’s website where we wanted to display an interactive Google Map with the address of a particular item (in this case a customer) along with a marker to show where it was on the map. So I set about looking around on the Internet for […]

Reset the Default Domain and Domain Controller Group Policy Objects to their out of box state

So, I recently inherited a small client with SBS 2011 and their previous IT admin only ever used the Default Domain Policy to apply computer and users settings (such as mapped drives and printers). Microsoft has quite a strong recommendation of best practice for the two policies which goes along the lines of; So I […]