I am trying to run silent/unattended installations of NetBackup client 7.1 - which includes the driver wimfltr.sys. Unfortunately, that driver's certificate http://www.symantec....docs/TECH177388 ' class='bbc_url' title='External link' rel='external'>expired in 2008.
According to that article, this can be ignored should not prevent installation - but unfortunately, it does. At least on some Windows 2003 SP2 x86 servers.
They all have the group policy item "Devices: Unsigned driver installation behavior" set to "Silently succeed", and all have the "Driver Signing\Policy" registry key set to 00. But some are logging the following in the setupapi.log file:
[2013/06/20 08:43:34 5780.1]
#-198 Command line processed: "C:\WINDOWS\system32\rundll32.exe" setupapi,InstallHinfSection DefaultInstall 132 C:\WINDOWS\system32\drivers\Wimfltr.inf
#-011 Installing section [DefaultInstall] from "C:\WINDOWS\system32\drivers\Wimfltr.inf".
#W367 An unsigned, incorrectly signed, or Authenticode signed file "c:\windows\system32\drivers\wimfltr.inf" for will be installed (Policy=Warn, user said ok). Error 1168: Element not found.
#-024 Copying file "C:\WINDOWS\system32\drivers\WimFltr.sys" to "C:\WINDOWS\system32\DRIVERS\WimFltr.sys".
#W363 An unsigned, incorrectly signed, or Authenticode signed file "C:\WINDOWS\system32\drivers\WimFltr.sys" will be installed (Policy=Warn). Error 0xe000022f: The third-party INF does not contain digital signature information.
When this happens, the installation halts, waiting for somebody to click OK. As this is an unattended installation, nobody will see this prompt unless they logon to the console (session 0).
I can't find which setting it might be that is causing some of these servers to choke on the wimfltr.sys file, whereas others succeed. It happens on machines upgrading from the same previous NetBackup client versions, and with the same version of the setupapi.dll file.
Apart from the resultant set of policy, local computer policy and the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Driver Signing\Policy registry key, where else should I be looking to find out why some servers are logging "Policy=Warn" in the logs?
Welcome to MSFN ForumRegister now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account
Software with expired driver certificate
Posted 21 June 2013 - 02:39 AM
Posted 21 June 2013 - 07:28 AM
I would be interested in the answer as well. I have this happen for one certain situation and the current method involves someone needing to be there to click the button on the warning screen. I had looked into it in the past but most people were pointing towards automating cursor movement which I feel is cheating.
Posted 24 June 2013 - 05:38 AM
It's set to "Ignore", and the "Make this action the system default" is checked.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users