Can't upgrade to 25110 because of Win11 TPM/SecureBoot requirements

New Contributor

Setup won't allow the upgrade, it applies the same restrictions as Windows 11. Is this new ?

 

actionthomas_0-1651853950984.png

 

3 Replies

@actionthomas 

 

Hello actionthomas,

 

I hope you are doing well! 

 

Are you trying to upgrade your PC but run into the danger 'The PC can't run Windows 11' error message? Please don't worry. 

 

This could be due to two security settings not being enabled on your system: TPM 2.0 and Secure Boot. The Windows server requires TPM 2.0, so if your PC is not currently running or is not capable of running on TPM 2.0. Then, Windows 11 Upgrade Helper will let you know your server specifications. 

 

Check whether the Secure Boot is enabled on your device by following the steps below: 

 

  1. 1. Type "System Information" in the Windows search box and launch the System Information. 
  2. 2. Go to the System Summary and look in the right panel for the "Secure Boot State." and select it. 
  3. 3. The value indicates Secure Boot status. For example, the value "On" indicates it is turned on, the value "Off" indicates it is disabled, and the value "Unsupported" indicates your hardware doesn't support Secure Boot. 

 

Follow the steps below to find out if your device has TPM

 

  1. 1. In the Windows search box, you will have to type "tpm.msc" and click Open. OR Make a Right-click on the Windows Start menu icon on the lower-left corner of your screen, then select Device Manager. 
  2. 2. Click on Security Devices from the list, and It will tell you which TPM chip you have on your server. If it is Trusted Platform Module 2.0, then you're all set. 

 

How to enable TPM and Secure Boot from the server 

 

Restarting the computer is necessary to access the BIOS settings and enable TPM and Secure Boot. After restarting the server, press on the computer's BIOS access key on the boot screen. DEL and F2 are the most common BIOS access keys. 

 

  1. 1. You can access Advanced Mode by pressing F7 at the UEFI BIOS Utility screen. 
  2. 2. You will have to select "PCH-FW Configuration" under the "Advanced" tab. 
  3. 3. Nextly, select the option "Enable Firmware TPM" next to "TPM Device Selection." 

 

Try the below steps to enable Secure Boot in the "Boot" tab: 

 

  1. 1. Select "Secure Boot." 
  2. 2. Next, select "OS Type," and beside it, choose "Windows UEFI Mode." 
  3. 3. Save your changes on the "Exit" tab and restart the computer. TPM and Secure Boot will be enabled once the computer has been restarted. 

 

What if your server doesn't have a TPM chip? 

 

You may have a TPM chip in your device, but you must update your BIOS to access it. Please get in touch with your PC or motherboard manufacturer to learn more about enabling TPM on your server. 

 

Alternatively, you can also buy a TPM module online, but you must know which TPM module is compatible with your motherboard. 

 

Hope the information above will help you resolve this issue.

 

----------------------

Regards,

Austin_M

@actionthomas If you dont have secure boot open cmd with admin and type mbr2gpt /convert

 

Go to your BIOS and select to your boot option or turn secure boot on and then boot off of your Hard Drive or SSD

Thank you both, but the question was whether this requirement was new for Windows Server, as previous versions if the preview didn't require any of this.