HKCU\Software\Policies\Microsoft\Windows NT\Driver Signing
Data type | Range | Default value |
---|---|---|
REG_DWORD | (Not in registry) | 0 | 1 | 2 | 1 |
Determines how the system responds when a user tries to install device driver files that are not digitally signed.
This entry stores the setting of the Code signing for device drivers Group Policy. Group Policy adds this entry to the registry when you enable the Code signing for device drivers policy. If you disable the policy or set it to Not configured, Group Policy deletes the entry from the registry.
This entry establishes the least secure response permitted on the systems of users in the group. Users can use System in Control Panel to select a more secure setting, but when this policy is enabled, the system does not implement any setting less secure than the one the policy established.
Value | Meaning |
---|---|
0 | Ignore. The system proceeds with the installation even if it includes unsigned files. |
1 | Warn. The system notifies the user that files are not digitally signed and lets the user decide whether to stop or to proceed with the installation and whether to permit unsigned files to be installed. |
2 | Block. The system to refuses to install unsigned files. As a result, the installation stops, and none of the files in the driver package is installed. |
To change the value of this entry, use Group Policy. This entry corresponds to the Code signing for device drivers policy (User Configuration\Administrative Templates\System). Use the drop-down box to specify the desired response.
To change driver file security without setting a policy, use System in Control Panel. Right-click My Computer, click Properties, click the Hardware tab, and then click the Driver Signing button.
Note
The system's response to unsigned driver files is determined by comparing the value of this entry to the values of the Policy entry in HKCU and the Policy entry in HKLM. The entry with the highest (most secure) value is used.
Tip
To change driver file security without setting a policy, use System in Control Panel. Right-click My Computer, click Properties, click the Hardware tab, and then click the Driver Signing button.
For detailed information about particular Group Policy settings, see the Group Policy Reference (Gp.chm) on the Windows 2000 Resource Kit companion CD.
For general information about Group Policy, see Group Policy in Windows 2000 Help.
To see a table associating policies with their corresponding registry entries, see the Group Policy Reference Table.
Related Entries