Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account


Photo

Software with expired driver certificate


  • Please log in to reply
3 replies to this topic

#1
adamt

adamt

    Kwisatz Haderach

  • Members
  • PipPip
  • 135 posts
  • OS:Windows 7 x64
Dear all,

I am trying to run silent/unattended installations of NetBackup client 7.1 - which includes the driver wimfltr.sys. Unfortunately, that driver's certificate http://www.symantec....docs/TECH177388 '>expired in 2008.
According to that article, this can be ignored should not prevent installation - but unfortunately, it does. At least on some Windows 2003 SP2 x86 servers.

They all have the group policy item "Devices: Unsigned driver installation behavior" set to "Silently succeed", and all have the "Driver Signing\Policy" registry key set to 00. But some are logging the following in the setupapi.log file:

[2013/06/20 08:43:34 5780.1]
#-198 Command line processed: "C:\WINDOWS\system32\rundll32.exe" setupapi,InstallHinfSection DefaultInstall 132 C:\WINDOWS\system32\drivers\Wimfltr.inf
#-011 Installing section [DefaultInstall] from "C:\WINDOWS\system32\drivers\Wimfltr.inf".
#W367 An unsigned, incorrectly signed, or Authenticode™ signed file "c:\windows\system32\drivers\wimfltr.inf" for will be installed (Policy=Warn, user said ok). Error 1168: Element not found.
#-024 Copying file "C:\WINDOWS\system32\drivers\WimFltr.sys" to "C:\WINDOWS\system32\DRIVERS\WimFltr.sys".
#W363 An unsigned, incorrectly signed, or Authenticode™ signed file "C:\WINDOWS\system32\drivers\WimFltr.sys" will be installed (Policy=Warn). Error 0xe000022f: The third-party INF does not contain digital signature information.

When this happens, the installation halts, waiting for somebody to click OK. As this is an unattended installation, nobody will see this prompt unless they logon to the console (session 0).

I can't find which setting it might be that is causing some of these servers to choke on the wimfltr.sys file, whereas others succeed. It happens on machines upgrading from the same previous NetBackup client versions, and with the same version of the setupapi.dll file.

Apart from the resultant set of policy, local computer policy and the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Driver Signing\Policy registry key, where else should I be looking to find out why some servers are logging "Policy=Warn" in the logs?

Many thanks,

Adam.


How to remove advertisement from MSFN

#2
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 9,515 posts
  • OS:Server 2012
  • Country: Country Flag

Donator

I would be interested in the answer as well. I have this happen for one certain situation and the current method involves someone needing to be there to click the button on the warning screen. I had looked into it in the past but most people were pointing towards automating cursor movement which I feel is cheating. :angel

#3
jaclaz

jaclaz

    The Finder

  • Developers
  • 13,428 posts
  • OS:none specified
  • Country: Country Flag
But what do you have in the "plain" System Properties?
http://www.sqldbadia...ing-in-windows/

jaclaz

#4
adamt

adamt

    Kwisatz Haderach

  • Members
  • PipPip
  • 135 posts
  • OS:Windows 7 x64
It's set to "Ignore", and the "Make this action the system default" is checked.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users



How to remove advertisement from MSFN