Policy Entry
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Policy
HKCU\Software\Microsoft\Driver Signing
| Data type | Range | Default value |
|---|---|---|
REG_DWORD |
0 | 1 | 2 |
1 |
Description
Specifies how the system responds when a user tries to install device-driver files that are not digitally signed.
| Value | Meaning |
|---|---|
0 |
Ignore. The system proceeds with the installation even if it includes unsigned files. |
1 |
Warn. The system notifies the user that files are not digitally signed, and it lets the user decide whether to stop the installation or to proceed with it and permit unsigned files to be installed. |
2 |
Block. The system does not install unsigned files. As a result, the installation stops, and none of the files in the driver package are installed. |
This entry applies only to the current user of the computer. However, if a stricter setting is configured for all users of the computer (in the Driver Signing\Policy entry in HKLM) or if a user Group Policy setting establishes a stricter configuration (in the entry BehaviorOnFailedVerify in HKLM), then this value is ignored for the current user.
This entry stores the option selected in the File signature verification section of the Driver Signing Options dialog box when the Apply setting as system default box is not selected. If the box is selected, the selection applies to all users of the computer, and it is stored in the Driver Signing\Policy entry in HKLM.
Change Method
To change the value of this entry, in Control Panel double-click System, click the Hardware tab, click Driver Signing, and then select an option in File signature verification. (Do not select the Apply setting as a system default check box.)
Note
The system adds this entry to the registry when you change the default value by using System in Control Panel.
This entry applies to all users of the computer. The Policy entry also can appear in the HKCU\SOFTWARE\Microsoft\Driver Signing for a particular user. Also, you can use the Code signing for device drivers Group Policy setting to add the entryBehaviorOnFailedVerify to the registry.
Tip
- For more information about driver signing and code signing, see Windows Server 2003 Help and Support Center or Windows XP Professional Help and Support Center.