You cannot install programs with unsigned drivers in non-interactive mode in Windows Server 2003 or in Windows XP (840257)
The information in this article applies to:
- Microsoft Windows Server 2003, Datacenter Edition
- Microsoft Windows Server 2003, Enterprise Edition
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows XP Professional
- Microsoft Windows XP Home Edition
SYMPTOMSWhen you install a program in non-interactive mode in Microsoft Windows Server 2003 or in Microsoft Windows XP, the installation may fail with a warning message that states that the Microsoft digital signature is not found. (Non-interactive mode is also known as unattended install mode.)CAUSEThis behavior may occur if the program contains driver files that are not digitally signed by Microsoft. You cannot install a program in non-interactive mode if the program contains driver files that are not digitally signed by Microsoft. To provide greater system stability, Microsoft provides digital signature cryptographic technology for third-party drivers and for Microsoft drivers that pass Windows Hardware Quality Lab (WHQL) tests.
Encryptions of the driver binary and other relevant information are stored in a catalog (.cat) file. A .cat file is a collection of tags. Each tag corresponds to a file that is installed by the driver package. Each driver package that is submitted to WHQL for cryptographic signing has a catalog file entry in the .inf file that specifies the name of the catalog file. During WHQL tests, a digitally signed .cat file is created that corresponds to the catalog file entry in the .inf file of the driver package.
During driver package installation, the .cat file is registered with the operating system. The operating system references the registered .cat file during the installation of driver files that are contained in the driver package. RESOLUTIONTo install a program in non-interactive mode, the driver package must have a .cat file that is digitally signed by Microsoft.
Note In Microsoft Windows 2000 Server, the driver signing policy level can be set to "ignore" when you install unsigned drivers. In Windows Server 2003, the default setting for driver signing policy is "warn." The "ignore" policy setting is ignored for non-interactive driver installations in Windows Server 2003.
REFERENCES
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
298503
Driver signing registry values cannot be modified directly in Windows
224404 Windows 2000 code signing: Digitally signed drivers
Modification Type: | Major | Last Reviewed: | 6/2/2006 |
---|
Keywords: | kbwinservsetup kbprb KB840257 kbAudEndUser |
---|
|