Fixing a VM that had AutoAddVTPM set: Difference between revisions

From VI-Toolkit
Jump to navigation Jump to search
Created page with "You might have made the mistake to use an experimental solution that was offered for a while by VMware to install Windows 11 as guest OS. It involved adding a line to the .vmx file and after that you could add a TPM and thus install Windows 11. This would encrypt parts of the VM, but not give you a password and as such some people to find out that their VM won't work on some other hosts. The good part is that your data isn't actually encrypted, the bad part is that it is..."
 
mNo edit summary
Line 4: Line 4:
The good part is that your data isn't actually encrypted, the bad part is that it isn't easy perse to get the data out.
The good part is that your data isn't actually encrypted, the bad part is that it isn't easy perse to get the data out.


=== Here's one solution where you have a few manual setps ===
=== Here's one solution where you have a few manual steps ===




Line 29: Line 29:
Normally also no need for .nvram and .vmxf
Normally also no need for .nvram and .vmxf


That __should__ be all.
That ''should'' be all.

Revision as of 17:55, 22 September 2023

You might have made the mistake to use an experimental solution that was offered for a while by VMware to install Windows 11 as guest OS. It involved adding a line to the .vmx file and after that you could add a TPM and thus install Windows 11. This would encrypt parts of the VM, but not give you a password and as such some people to find out that their VM won't work on some other hosts. The good part is that your data isn't actually encrypted, the bad part is that it isn't easy perse to get the data out.

Here's one solution where you have a few manual steps

The steps to recover your VM are as follows:

I've written out the steps here: https://www.reddit.com/r/vmware/comments/qy9wns/comment/hmokzl7/

Let me quote myself from one of my replies...

The steps are basically:

  • Create a new VM with a virtual disk of the same size as the encrypted one, make sure it has the same name.
  • use the new descriptor file ('MK Win Desktop.vmdk')
  • use the old vmdk data files ('MK Win Desktop-s001.vmdk' (001 to 016)
  • use the old .vmx file, but remove the lines that start with:
   managedVM.autoAddVTPM
   managedVM.ID
   encryption.encryptedKey
   encryption.keySafe
   encryption.data

If there's no snapshots then you don't need .vmsd (don't copy it in the new vm, delete if there)

Normally also no need for .nvram and .vmxf

That should be all.