This behavior is by design. The prompt cannot be disabled because its purpose is to prevent operating system instability. All the manufacturers who provide Windows 2000, Windows XP, and Windows Server 2003 drivers are encouraged to have their drivers signed. In the past, manufacturers could bypass this requirement by incorporating a registry change to the Driver Signing key that prevented the prompt and allowed an unsigned driver to be installed without the user knowing that the driver was unsigned.
- Incorporate the driver installation into Setup by using the DriverSigningPolicy=ignore setting. (See related articles.)
- Implement a driver signing policy in a Windows 2000 or Windows Server 2003 domain by using Group Policy:
- Under Administrator Tools, in the Active Directory Users and Computers snap-in, right-click the domain root, click Properties, and then click the Group Policy tab.
- Click the default domain policy, and then click Edit.
- Expand Computer Configuration, expand Windows Settings, and then expand Security Settings. Expand Local Policies, expand Security Options, and then modify Device: Unsigned driver installation Behavior to the setting that you want to use.
Note This policy is a domain-wide policy.
- We recommend that manufacturers submit their drivers to the Windows Hardware Quality Lab (WHQL) for logo certification.
- On the desktop, right-click My Computer, and then click Properties.
- Click the Hardware tab, and then click Driver Signing in the Drivers area.
- In the What action do you want Windows to take? area, click the desired action, and then click OK two times.
Windows also logs one or more messages into the Setupapi.log file whenever the Driver Signing Policy registry key is tampered with:
Article ID: 298503 - Last Review: Oct 23, 2008 - Revision: 1