Microsoft KB Archive/840257

= You cannot install programs with unsigned drivers in non-interactive mode in Windows Server 2003 or in Windows XP =

Article ID: 840257

Article Last Modified on 6/2/2006

-

APPLIES TO


 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows XP Professional
 * Microsoft Windows XP Home Edition

-





SYMPTOMS
When you install a program in non-interactive mode in Microsoft Windows Server 2003 or in Microsoft Windows XP, the installation may fail with a warning message that states that the Microsoft digital signature is not found. (Non-interactive mode is also known as unattended install mode.)



CAUSE
This behavior may occur if the program contains driver files that are not digitally signed by Microsoft. You cannot install a program in non-interactive mode if the program contains driver files that are not digitally signed by Microsoft. To provide greater system stability, Microsoft provides digital signature cryptographic technology for third-party drivers and for Microsoft drivers that pass Windows Hardware Quality Lab (WHQL) tests.

Encryptions of the driver binary and other relevant information are stored in a catalog (.cat) file. A .cat file is a collection of tags. Each tag corresponds to a file that is installed by the driver package. Each driver package that is submitted to WHQL for cryptographic signing has a catalog file entry in the .inf file that specifies the name of the catalog file. During WHQL tests, a digitally signed .cat file is created that corresponds to the catalog file entry in the .inf file of the driver package.

During driver package installation, the .cat file is registered with the operating system. The operating system references the registered .cat file during the installation of driver files that are contained in the driver package.



RESOLUTION
To install a program in non-interactive mode, the driver package must have a .cat file that is digitally signed by Microsoft.

Note In Microsoft Windows 2000 Server, the driver signing policy level can be set to “ignore” when you install unsigned drivers. In Windows Server 2003, the default setting for driver signing policy is “warn.&quot; The “ignore” policy setting is ignored for non-interactive driver installations in Windows Server 2003.

