Step-by-Step Guide: Enabling TPM 2.0 and Installing Windows 11 Pro on Mitac system

Step-by-Step Guide: Enabling TPM 2.0 and Installing Windows 11 Pro on Mitac system

Step-by-Step Guide: Enabling TPM 2.0 and Installing Windows 11 Pro on system

 

In this guide we will show you how to install win 11 pro on Mitac system with tpm2.0 installed on the mb(motherboard) the board used is the Mitac S5642AGM3NRE-2T with Infineon SLB9665TT20 tpm 2.0 installed no gpu is installed on the system. As listed on our website avl list https://www.mitaccomputing.com/en/compatibility/Motherboards/S5642_S5642AGM3NRE-2T?FRQid=25#com

Below is the pic of mb with the Infineon tpm 2 installed on the lower right (next to sata connection area)


A close up of a motherboard AI-generated content may be incorrect.

 

Figure
1
S5642AGM3NRE-2T with tpm2 installed

For simplicity all other components can be installed back once the system is up and running with win11 pro installed

Step 1: Create Windows 11 Pro Bootable USB

  1. On another Windows 11 PC, download the Windows 11 Media Creation Tool from https://www.microsoft.com/en-us/software-download/windows11.
  2. Run the tool as administrator , select "Create installation media (USB flash drive, DVD, or ISO file) for another PC."
  3. Choose Windows 11 Pro edition, language, and architecture (64-bit).
  4. Select "USB flash drive" and insert your USB drive (min 8gb).
  5. Follow the prompts to create the bootable USB. Once finished plugged into theboard usb port

Step 2: Enter BIOS Setup

  1. Power on the system.
  2. During the POST screen (when the TYAN/MiTAC logo appears), repeatedly press the Del key to enter BIOS setup. (If it doesn't work, try F2.)
  3. The BIOS interface will load (AMI BIOS, typically blue/white theme). Use arrow keys to navigate, Enter to select, and ESC to go back.
  4. Enable TPM 2.0 in BIOS
  5. Navigate to the Advanced tab (top menu).
  6. Select Trusted Computing (or search for it under sub-menus like "Security Device" or "Platform Security").
  7. Set Security Device Support to Enabled. This activates the discrete TPM module (TM-TPM2-I-3353). The OS will now detect TPM 2.0.

8.    
A computer screen with text on it AI-generated content may be incorrect.

 

  1. Note: If the option is grayed out, ensure the TPM module is properly seated, and the system is powered off/on again. No further configuration (e.g., ownership) is needed here—Windows will handle it.
  2. Proceed to installing windows 11 pro after you created the usb installer and boot off the usb installer we will enable the secure boot later for easier process
  3.  Boot off the usb installer to install win11 pro follow the screen instructions to finish installing.
  4. Once finished boot into os to go through the initial setup process.

Once finished, setup boot back into bios and enables secure boot as shown below

A computer screen with a white screen AI-generated content may be incorrect.

When booting up into win11 verify windows can detect by running win+r and run tpm.msc service confirm the tpm validness

A computer screen with a message AI-generated content may be incorrect.

Reenable secure boot

Boot back into bios security menu and select secure boot enabled under key management select select pk for module save and exit settings

A computer screen with text on it AI-generated content may be incorrect.

 

 

Boot back into windows 11 to make sure the secure boot works if you encounter signature invalid messages or changing boot order etc please try restoring factory key again to reset and secure the secure boot again

A computer screen with white text AI-generated content may be incorrect.

 

For any questions concerns, please contact Alvin Chong @ alvin.chong@mitaccomputing.com