SSL VPN and Tap Driver
Alex Dunlop
Hi All,
I am trying to install SSL VPN.
The VPN client software installs fine but the tap driver (which is included in the exe file) will not.
When i run the installation normally a windows security popup appears asking if i would "like to install ths device software". (see attached screen shot)
Is there any way for PDQ Deploy to accept and install this driver? Or does anyone kow a way for me to make this signed driver automatically approved on a network?
Hope this makes sence
Thanks in advance
Alex
Windows Security warning screen shot.jpg
0
Comments
You can't change the behavior at runtime, but you can use a group policy.
1.Expand Administrative Templates.
2.Select System folder in the tree.
3.Right click on Code signing for device drivers, and then select Properties.
4.In the “Settings” tab, you should see “Enable” as the default action. Select Ignore from the drop down list to silently allow all unsigned drivers to install.
Users can also select Disable to stop all unsigned drivers installation, which cannot be overriden during installation process.
Dont fortget to gpupdate /force before you deploy the package.
The alternative is to sign the driver by yourself. But thats a bit more complicated.
Hi SelfMan,
Thanks for your quick reply.
I tried to create a GPO and I went to Computer Configuration > Administrative Templates > System but I could not find Code signing for device drivers (I'm assuming I should be doing this on the server (Server 2008 R2)
I'm not sure about allowing all unsigned drivers install. (I thought this driver was signed). Is there a way to whitelist them through GPO
Sorry if I'm being a bit daft.
Oh I forgot one important thing, sorry. This is valid for XP and was removed for windows 7.
Check this link http://www.deploymentresearch.com/Research/tabid/62/EntryId/63/Sign-your-unsigned-drivers-Damn-It.aspx