Fixing a VM that had AutoAddVTPM set

From VI-Toolkit
Revision as of 18:55, 22 September 2023 by Wila (talk | contribs)
Jump to navigation Jump to search

You might have made the mistake to use an experimental solution that was offered for a while by VMware to install Windows 11 as guest OS. It involved adding a line to the .vmx file and after that you could add a TPM and thus install Windows 11. This would encrypt parts of the VM, but not give you a password and as such some people to find out that their VM won't work on some other hosts. The good part is that your data isn't actually encrypted, the bad part is that it isn't easy perse to get the data out.

Here's one solution where you have a few manual steps

The steps to recover your VM are as follows:

I've written out the steps here: https://www.reddit.com/r/vmware/comments/qy9wns/comment/hmokzl7/

Let me quote myself from one of my replies...

The steps are basically:

  • Create a new VM with a virtual disk of the same size as the encrypted one, make sure it has the same name.
  • use the new descriptor file ('MK Win Desktop.vmdk')
  • use the old vmdk data files ('MK Win Desktop-s001.vmdk' (001 to 016)
  • use the old .vmx file, but remove the lines that start with:
   managedVM.autoAddVTPM
   managedVM.ID
   encryption.encryptedKey
   encryption.keySafe
   encryption.data

If there's no snapshots then you don't need .vmsd (don't copy it in the new vm, delete if there)

Normally also no need for .nvram and .vmxf

That should be all.

Retrieved from "https://wiki.vi-toolkit.com/index.php?title=Fixing_a_VM_that_had_AutoAddVTPM_set&oldid=1547"