Device Manager and Internet Communication (Windows Server 2003)
Updated: July 31, 2004
Applies To: Windows Server 2003 with SP1
This section provides information about:
The benefits of Device Manager
How Device Manager communicates with sites on the Internet
How to control Device Manager to limit the flow of information to and from the Internet
Device Manager interacts with the Internet through the hardware wizards by contacting Windows Update when you install or update hardware. For procedures related to disabling Windows Update, see Windows Update, Automatic Updates, and Internet Communication (Windows Server 2003) in this white paper.
Benefits and Purposes of Device Manager
Device Manager provides users and administrators with information about how the hardware on their computers is installed and configured, and how the hardware interacts with the computer's applications. With Device Manager, administrators can update the drivers (or software) for hardware devices, modify hardware settings, and troubleshoot problems.
|Only administrators or users with administrative credentials can install or update device drivers.|
Overview: Using Device Manager in a Managed Environment
In the Microsoft Windows Server 2003 family, you access Device Manager through Administrative Tools\Computer Management. Administrators or users with administrative credentials will typically use Device Manager to check the status of hardware and to update device drivers. Administrators who have a thorough understanding of computer hardware might also use Device Manager's diagnostic features to resolve device conflicts and change resource settings.
Device Manager works in conjunction with Windows Update to deliver updated drivers for installed hardware. When you are upgrading a driver or installing new hardware, and your computer has access to the Internet, your computer will automatically check Windows Update for an appropriate device driver. As an IT administrator in a highly managed environment you might want to block certain administrators from downloading drivers through Device Manager. You can do this by configuring Group Policy to disable Windows Update. If you disable Windows Update then Device Manager cannot communicate with the Internet. The following subsection provides details about how Device Manager interacts with the Internet.
How Device Manager Communicates with Sites on the Internet
Device Manager communicates with the Internet when an administrator uses it to update a driver. After you open Device Manager you select a hardware device and click Update Driver on the Action menu (or right-click a hardware device). This activates the Hardware Update Wizard. The way Device Manager communicates with the Internet is based on its interaction with Windows Update through the Hardware Update Wizard; therefore much of the information in this subsection is the same as for Windows Update. Additional details are described as follows:
Specific information sent or received: See the section Windows Update, Automatic Updates, and Internet Communication (Windows Server 2003) in this white paper.
Default and recommended settings: Device Manager is enabled by default. See the subsection "Controlling Device Manager to Limit the Flow of Information to and from the Internet," for recommended settings.
Triggers: Through Device Manager an administrator starts the Hardware Update Wizard, or adds new hardware to a computer.
User notification: See Windows Update, Automatic Updates, and Internet Communication (Windows Server 2003).
Logging: Errors that result from problems installing hardware devices without drivers are logged to the event log.
Encryption, access, privacy statement, transmission protocol, and port: See Windows Update, Automatic Updates, and Internet Communication (Windows Server 2003).
Ability to disable: You cannot disable Device Manager directly. You can, however, prevent interaction with the Internet through Device Manager by disabling Windows Update.
Controlling Device Manager to Limit the Flow of Information to and from the Internet
You can prevent the Internet from being accessed through Device Manager by disabling Windows Update or by configuring where computers search for drivers. You use Group Policy settings to perform both of these procedures.
If you disable automatic access to Windows Update, you can have selected administrators update drivers by manually downloading updates from the Windows Update Catalog, or from an intranet server, whereby they can be distributed on your managed network as needed.
For more information about the Windows Update Catalog, see the Windows Update Web site at:
Procedure for Controlling How Drivers Are Updated Through Device Manager
Group Policy settings for Windows Update and the automatic updating function are in Computer Configuration\Administrative Templates\Windows Components and User Configuration\Administrative Templates\Windows Components. For the procedure to disable Windows Update or configure automatic updating, see the section Windows Update, Automatic Updates, and Internet Communication (Windows Server 2003) in this white paper. The procedure to eliminate Windows Update as a driver search location using Group Policy is included here.
To disable Windows Update as a driver search location
Use the resources described in Appendix B: Resources for Learning About Group Policy (Windows Server 2003) to learn about Group Policy and the Group Policy Management Console. Apply Group Policy objects (GPOs) to an organizational unit, a domain, or a site, as appropriate for your situation.
Click User Configuration, click Administrative Templates, and then click System.
In the details pane, double-click Configure Driver Search Locations, and then click Enabled.
Select Don't Search Windows Update.