Driver Signing\Policy

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

HKLM\SOFTWARE\Microsoft\Driver Signing

Data type Range Default value

REG_BINARY

00 | 01 | 02

01

Description

Specifies how the system responds when a user tries to install device driver files that are not digitally signed.

Value Meaning

00

Ignore. The installation proceeds, even if it includes unsigned files.

01

Warn. The system notifies the user that files are not digitally signed, and it prompts the user to decide whether to stop the installation or to proceed with it and permit unsigned files to be installed.

02

Block. The system will not install unsigned files. As a result, the installation stops, and none of the files in the driver package are installed.

This entry applies to all users of the computer. However, if a stricter setting is configured for the current user (in Policy Entry in HKCU) or a user Group Policy setting establishes a stricter setting (in BehaviorOnFailedVerify), then this value is ignored for the current user.

This entry stores the option selected in the File signature verification section of the Driver Signing Options dialog box when the Apply setting as system default box is selected. If the box is not selected, then the selection applies only to the current user, and it is stored in the value of Policy Entry in HKCU\SOFTWARE\Microsoft\Driver Signing.

Change Method

To change the value of this entry, use System in Control Panel. Click the Hardware tab, click Driver Signing, select an option in the File signature verification section, and then click the Apply setting as a system default box.

Note

  • This entry applies to all users of the computer. The Policy entry also can appear in HKCU for a particular user.

See Also

Concepts

Policy Entry