Actually I didn't discovery anything. This is already in their readme file
and Veritas is aware that they are not using signed drivers. I just wanted
the public to be aware of the issues and think twice before they upgrade as
I was in disbelief when I was upgrading. I am glad that Veritas is
addressing this issue with a hotfix/servicepack. I will just wait to upgrade
until their product is certified.

Rick

"Sethu Mohan" wrote in message
news:3fd03871@ROSASTDMZ05....
>
> Hi Rick,
>
> Thanking you for sharing this critical & vital information.
> I appreciate your critical discovery and congratulate you for the same.
> I would like to share that BEWS 9.1 is still under the evaluation. And
though
> its just a week of its release, a Hot fix is already available for
download.
> So this too can be fixed wih a service pack immediatley.
>
> The following URL gives a list of enhancements from BEWS 9.0
> http://seer.support.veritas.com/docs/258104.htm
>
> I encourage you to furnish this valiable discovery with proof
> at http://enhancement.veritas.com, its the Veritas Product Enhancement
Portal.
>
> All the Best an Good Job done
>
> With Regards
>
> Sethu Mohan
>
> "Rick" wrote:
> >I just upgraded my W2K that has Backup Exec v9.0. I attempted to upgrade
> >BE to version 9.1 because of the compatibility issues and that this
version
> >is compatible with W2K3. What I found out during the installation that
> >they are using drivers that HAVE NOT passed the Windows logo
certification.
> >I prompted stopped the installation. I can't believe that Veritas is
doing
> >this, don't they have a clue that these are servers and the importance of
> >drivers that have been certified by Microsoft? I have always recommend
their
> >product to my clients but I have changed my mind, I am considering
removing
> >it from my server. Can anyone make any recommendations on backup
software?
> I
> >guess I can use NTBackup but I like the idea of backing up individual
> >mailboxes in Exchange and the scheduling is easier.
> >Look at what the Veritas readme file says, can you believe that they are
> >instructing you to apply a group policy to your network to allow unsigned
> >drivers and let them install silently, UNBELIEVABLE!!
> >Beware,
> >
> >Rick in the Midwest
> >
> >Read below: (from the readme file)
> >After installing Backup Exec on a computer running Windows Server 2003,
> a
> >message displays during driver installation that indicates the drivers
about
> >to be installed have not gone through the Microsoft Windows Hardware
Quality
> >Labs (WHQL) program. The VERITAS drivers go through a similar
qualification
> >process. VERITAS recommends that you install the VERITAS drivers. Use the
> >following steps to make the necessary policy setting change.
> >
> > a.. Incorporate the driver installation into Setup by using the
> >DriverSigningPolicy=ignore setting. (See related articles.)
> >
> > b.. Implement a driver signing policy in a Windows 2000, Windows XP, or
> >Windows Server 2003 Domain by using Group Policy:
> >
> > 1.. Under Administrator Tools, in the Active Directory Users and
> >Computers snap-in, right-click the domain root, click Properties, and
then
> >click the Group Policy tab.
> >
> > 2.. Click the default domain policy, and then click Edit.
> >
> > 3.. Expand Computer Configuration, expand Windows Settings, and then
> >expand Security Settings. Expand Local Policies, expand Security Options,
> >and then modify Device: Unsigned driver installation Behavior to the
setting
> >that you want to use. Select "silently succeed".
> >
> > Note: This policy is a domain-wide policy.
> >
> > Note: To set the policy on the local computer where no Domain policy is
> >applied, click Start, point to Settings, click Control Panel, and then
> >double-click System. On the Hardware tab, click Driver Signing..., and
then
> >select a verification setting.
> >
> > Note: Windows XP queries for the policy and ensures that it matches the
> >entry that is stored for it in an alternate location. However, if the
> >operating system determines that the Driver Signing Policy registry key
> has
> >been tampered with, the operating system automatically resets to the
correct
> >values (or the default value, which is Warn and Ignore for non-driver
> >signing policy).
> >
> > Note: For silent installations, the /td: option to install VERITAS tape
> >device drivers will be ignored unless your driver signing policy is set
> for
> >Ignore.
> >
> >
> >
>

Hi Rick,

Thanking you for sharing this critical & vital information.
I appreciate your critical discovery and congratulate you for the same.
I would like to share that BEWS 9.1 is still under the evaluation. And though
its just a week of its release, a Hot fix is already available for download.
So this too can be fixed wih a service pack immediatley.

The following URL gives a list of enhancements from BEWS 9.0
http://seer.support.veritas.com/docs/258104.htm

I encourage you to furnish this valiable discovery with proof
at http://enhancement.veritas.com, its the Veritas Product Enhancement Portal.

All the Best an Good Job done

With Regards

Sethu Mohan

"Rick" wrote:
>I just upgraded my W2K that has Backup Exec v9.0. I attempted to upgrade
>BE to version 9.1 because of the compatibility issues and that this version
>is compatible with W2K3. What I found out during the installation that
>they are using drivers that HAVE NOT passed the Windows logo certification.
>I prompted stopped the installation. I can't believe that Veritas is doing
>this, don't they have a clue that these are servers and the importance of
>drivers that have been certified by Microsoft? I have always recommend their
>product to my clients but I have changed my mind, I am considering removing
>it from my server. Can anyone make any recommendations on backup software?
I
>guess I can use NTBackup but I like the idea of backing up individual
>mailboxes in Exchange and the scheduling is easier.
>Look at what the Veritas readme file says, can you believe that they are
>instructing you to apply a group policy to your network to allow unsigned
>drivers and let them install silently, UNBELIEVABLE!!
>Beware,
>
>Rick in the Midwest
>
>Read below: (from the readme file)
>After installing Backup Exec on a computer running Windows Server 2003,
a
>message displays during driver installation that indicates the drivers about
>to be installed have not gone through the Microsoft Windows Hardware Quality
>Labs (WHQL) program. The VERITAS drivers go through a similar qualification
>process. VERITAS recommends that you install the VERITAS drivers. Use the
>following steps to make the necessary policy setting change.
>
> a.. Incorporate the driver installation into Setup by using the
>DriverSigningPolicy=ignore setting. (See related articles.)
>
> b.. Implement a driver signing policy in a Windows 2000, Windows XP, or
>Windows Server 2003 Domain by using Group Policy:
>
> 1.. Under Administrator Tools, in the Active Directory Users and
>Computers snap-in, right-click the domain root, click Properties, and then
>click the Group Policy tab.
>
> 2.. Click the default domain policy, and then click Edit.
>
> 3.. Expand Computer Configuration, expand Windows Settings, and then
>expand Security Settings. Expand Local Policies, expand Security Options,
>and then modify Device: Unsigned driver installation Behavior to the setting
>that you want to use. Select "silently succeed".
>
> Note: This policy is a domain-wide policy.
>
> Note: To set the policy on the local computer where no Domain policy is
>applied, click Start, point to Settings, click Control Panel, and then
>double-click System. On the Hardware tab, click Driver Signing..., and then
>select a verification setting.
>
> Note: Windows XP queries for the policy and ensures that it matches the
>entry that is stored for it in an alternate location. However, if the
>operating system determines that the Driver Signing Policy registry key
has
>been tampered with, the operating system automatically resets to the correct
>values (or the default value, which is Warn and Ignore for non-driver
>signing policy).
>
> Note: For silent installations, the /td: option to install VERITAS tape
>device drivers will be ignored unless your driver signing policy is set
for
>Ignore.
>
>
>

Rick wrote:
> I just upgraded my W2K that has Backup Exec v9.0. I attempted to upgrade
> BE to version 9.1 because of the compatibility issues and that this version
> is compatible with W2K3. What I found out during the installation that
> they are using drivers that HAVE NOT passed the Windows logo certification.
> I prompted stopped the installation. I can't believe that Veritas is doing
> this, don't they have a clue that these are servers and the importance of
> drivers that have been certified by Microsoft? I have always recommend their
> product to my clients but I have changed my mind, I am considering removing
> it from my server. Can anyone make any recommendations on backup software? I
> guess I can use NTBackup but I like the idea of backing up individual
> mailboxes in Exchange and the scheduling is easier.
> Look at what the Veritas readme file says, can you believe that they are
> instructing you to apply a group policy to your network to allow unsigned
> drivers and let them install silently, UNBELIEVABLE!!
> Beware,
>
> Rick in the Midwest
>
> Read below: (from the readme file)
> After installing Backup Exec on a computer running Windows Server 2003, a
> message displays during driver installation that indicates the drivers about
> to be installed have not gone through the Microsoft Windows Hardware Quality
> Labs (WHQL) program. The VERITAS drivers go through a similar qualification
> process. VERITAS recommends that you install the VERITAS drivers. Use the
> following steps to make the necessary policy setting change.
>
> a.. Incorporate the driver installation into Setup by using the
> DriverSigningPolicy=ignore setting. (See related articles.)
>
> b.. Implement a driver signing policy in a Windows 2000, Windows XP, or
> Windows Server 2003 Domain by using Group Policy:
>
> 1.. Under Administrator Tools, in the Active Directory Users and
> Computers snap-in, right-click the domain root, click Properties, and then
> click the Group Policy tab.
>
> 2.. Click the default domain policy, and then click Edit.
>
> 3.. Expand Computer Configuration, expand Windows Settings, and then
> expand Security Settings. Expand Local Policies, expand Security Options,
> and then modify Device: Unsigned driver installation Behavior to the setting
> that you want to use. Select "silently succeed".
>
> Note: This policy is a domain-wide policy.
>
> Note: To set the policy on the local computer where no Domain policy is
> applied, click Start, point to Settings, click Control Panel, and then
> double-click System. On the Hardware tab, click Driver Signing..., and then
> select a verification setting.
>
> Note: Windows XP queries for the policy and ensures that it matches the
> entry that is stored for it in an alternate location. However, if the
> operating system determines that the Driver Signing Policy registry key has
> been tampered with, the operating system automatically resets to the correct
> values (or the default value, which is Warn and Ignore for non-driver
> signing policy).
>
> Note: For silent installations, the /td: option to install VERITAS tape
> device drivers will be ignored unless your driver signing policy is set for
> Ignore.
>
>
>

You really need to ratchet down a notch on your reaction. Windows
Driver Signing guarantees nothing. I've seen plenty of crashes related
to "signed" drivers. It may be nice that you can say hey all my stuff
is signed, but just because it's not doesn't mean there is anything
wrong with it. I've never had crashes related to my nvidia video
drivers and half the time their versions aren't signed, and that is a
critical component. They documented it in it's file and I understand
that you may want to make people aware of it before they upgrade, but to
say you are going to basically look at dumping their product line over
this is an extreme over-reaction. I've had lots of REAL issues with
their Netware versions that have now and then made that thought cross my
mind, but this really doesn't rate on that level.

You do make a very valid point however about the domain wide group
policy. That however is up to the administrator if he wants to do that
or not. I've considered it because when you push down an printer via
NDPS to an XP box, you always get the driver signing warning even though
the driver is properly signed. NDPS strips it off.

Getting back to the point now that I drifted, I really think you place
way to much emphasis on driver signing. It's not all it's cracked up to be.

Patrick

Rick wrote:

> I just upgraded my W2K that has Backup Exec v9.0. I attempted to upgrade
> BE to version 9.1 because of the compatibility issues and that this version
> is compatible with W2K3. What I found out during the installation that
> they are using drivers that HAVE NOT passed the Windows logo certification.
> I prompted stopped the installation. I can't believe that Veritas is doing
> this, don't they have a clue that these are servers and the importance of
> drivers that have been certified by Microsoft? I have always recommend their
> product to my clients but I have changed my mind, I am considering removing
> it from my server. Can anyone make any recommendations on backup software? I
> guess I can use NTBackup but I like the idea of backing up individual
> mailboxes in Exchange and the scheduling is easier.
> Look at what the Veritas readme file says, can you believe that they are
> instructing you to apply a group policy to your network to allow unsigned
> drivers and let them install silently, UNBELIEVABLE!!
> Beware,
>
> Rick in the Midwest
>
> Read below: (from the readme file)
> After installing Backup Exec on a computer running Windows Server 2003, a
> message displays during driver installation that indicates the drivers about
> to be installed have not gone through the Microsoft Windows Hardware Quality
> Labs (WHQL) program. The VERITAS drivers go through a similar qualification
> process. VERITAS recommends that you install the VERITAS drivers. Use the
> following steps to make the necessary policy setting change.
>
> a.. Incorporate the driver installation into Setup by using the
> DriverSigningPolicy=ignore setting. (See related articles.)
>
> b.. Implement a driver signing policy in a Windows 2000, Windows XP, or
> Windows Server 2003 Domain by using Group Policy:
>
> 1.. Under Administrator Tools, in the Active Directory Users and
> Computers snap-in, right-click the domain root, click Properties, and then
> click the Group Policy tab.
>
> 2.. Click the default domain policy, and then click Edit.
>
> 3.. Expand Computer Configuration, expand Windows Settings, and then
> expand Security Settings. Expand Local Policies, expand Security Options,
> and then modify Device: Unsigned driver installation Behavior to the setting
> that you want to use. Select "silently succeed".
>
> Note: This policy is a domain-wide policy.
>
> Note: To set the policy on the local computer where no Domain policy is
> applied, click Start, point to Settings, click Control Panel, and then
> double-click System. On the Hardware tab, click Driver Signing..., and then
> select a verification setting.
>
> Note: Windows XP queries for the policy and ensures that it matches the
> entry that is stored for it in an alternate location. However, if the
> operating system determines that the Driver Signing Policy registry key has
> been tampered with, the operating system automatically resets to the correct
> values (or the default value, which is Warn and Ignore for non-driver
> signing policy).
>
> Note: For silent installations, the /td: option to install VERITAS tape
> device drivers will be ignored unless your driver signing policy is set for
> Ignore.
>
>
>
By the way, it's worth noting that Microsoft patches and Service packs
are signed, and they break all sorts of things.

I agree that driver-signing is not a big deal, and I also agree that
requiring users to set a domain-wide policy over it is tacky.

GaryK

"Patrick Farrell" wrote in message
news:3fd3a00c@ROSASTDMZ05....
> Rick wrote:
> > I just upgraded my W2K that has Backup Exec v9.0. I attempted to upgrade
> > BE to version 9.1 because of the compatibility issues and that this
version
> > is compatible with W2K3. What I found out during the installation that
> > they are using drivers that HAVE NOT passed the Windows logo
certification.
> > I prompted stopped the installation. I can't believe that Veritas is
doing
> > this, don't they have a clue that these are servers and the importance
of
> > drivers that have been certified by Microsoft? I have always recommend
their
> > product to my clients but I have changed my mind, I am considering
removing
> > it from my server. Can anyone make any recommendations on backup
software? I
> > guess I can use NTBackup but I like the idea of backing up individual
> > mailboxes in Exchange and the scheduling is easier.
> > Look at what the Veritas readme file says, can you believe that they are
> > instructing you to apply a group policy to your network to allow
unsigned
> > drivers and let them install silently, UNBELIEVABLE!!
> > Beware,
> >
> > Rick in the Midwest
> >
> > Read below: (from the readme file)
> > After installing Backup Exec on a computer running Windows Server 2003,
a
> > message displays during driver installation that indicates the drivers
about
> > to be installed have not gone through the Microsoft Windows Hardware
Quality
> > Labs (WHQL) program. The VERITAS drivers go through a similar
qualification
> > process. VERITAS recommends that you install the VERITAS drivers. Use
the
> > following steps to make the necessary policy setting change.
> >
> > a.. Incorporate the driver installation into Setup by using the
> > DriverSigningPolicy=ignore setting. (See related articles.)
> >
> > b.. Implement a driver signing policy in a Windows 2000, Windows XP,
or
> > Windows Server 2003 Domain by using Group Policy:
> >
> > 1.. Under Administrator Tools, in the Active Directory Users and
> > Computers snap-in, right-click the domain root, click Properties, and
then
> > click the Group Policy tab.
> >
> > 2.. Click the default domain policy, and then click Edit.
> >
> > 3.. Expand Computer Configuration, expand Windows Settings, and then
> > expand Security Settings. Expand Local Policies, expand Security
Options,
> > and then modify Device: Unsigned driver installation Behavior to the
setting
> > that you want to use. Select "silently succeed".
> >
> > Note: This policy is a domain-wide policy.
> >
> > Note: To set the policy on the local computer where no Domain policy
is
> > applied, click Start, point to Settings, click Control Panel, and then
> > double-click System. On the Hardware tab, click Driver Signing..., and
then
> > select a verification setting.
> >
> > Note: Windows XP queries for the policy and ensures that it matches
the
> > entry that is stored for it in an alternate location. However, if the
> > operating system determines that the Driver Signing Policy registry key
has
> > been tampered with, the operating system automatically resets to the
correct
> > values (or the default value, which is Warn and Ignore for non-driver
> > signing policy).
> >
> > Note: For silent installations, the /td: option to install VERITAS
tape
> > device drivers will be ignored unless your driver signing policy is set
for
> > Ignore.
> >
> >
> >
>
> You really need to ratchet down a notch on your reaction. Windows
> Driver Signing guarantees nothing. I've seen plenty of crashes related
> to "signed" drivers. It may be nice that you can say hey all my stuff
> is signed, but just because it's not doesn't mean there is anything
> wrong with it. I've never had crashes related to my nvidia video
> drivers and half the time their versions aren't signed, and that is a
> critical component. They documented it in it's file and I understand
> that you may want to make people aware of it before they upgrade, but to
> say you are going to basically look at dumping their product line over
> this is an extreme over-reaction. I've had lots of REAL issues with
> their Netware versions that have now and then made that thought cross my
> mind, but this really doesn't rate on that level.
>
> You do make a very valid point however about the domain wide group
> policy. That however is up to the administrator if he wants to do that
> or not. I've considered it because when you push down an printer via
> NDPS to an XP box, you always get the driver signing warning even though
> the driver is properly signed. NDPS strips it off.
>
> Getting back to the point now that I drifted, I really think you place
> way to much emphasis on driver signing. It's not all it's cracked up to
be.
>
> Patrick
>
>

Sethu,

I don't see the hotfix to which you refer. What's the number please?

GaryK

"Sethu Mohan" wrote in message
news:3fd03871@ROSASTDMZ05....
>
> Hi Rick,
>
> Thanking you for sharing this critical & vital information.
> I appreciate your critical discovery and congratulate you for the same.
> I would like to share that BEWS 9.1 is still under the evaluation. And
though
> its just a week of its release, a Hot fix is already available for
download.
> So this too can be fixed wih a service pack immediatley.
>
> The following URL gives a list of enhancements from BEWS 9.0
> http://seer.support.veritas.com/docs/258104.htm
>
> I encourage you to furnish this valiable discovery with proof
> at http://enhancement.veritas.com, its the Veritas Product Enhancement
Portal.
>
> All the Best an Good Job done
>
> With Regards
>
> Sethu Mohan
>
> "Rick" wrote:
> >I just upgraded my W2K that has Backup Exec v9.0. I attempted to upgrade
> >BE to version 9.1 because of the compatibility issues and that this
version
> >is compatible with W2K3. What I found out during the installation that
> >they are using drivers that HAVE NOT passed the Windows logo
certification.
> >I prompted stopped the installation. I can't believe that Veritas is
doing
> >this, don't they have a clue that these are servers and the importance of
> >drivers that have been certified by Microsoft? I have always recommend
their
> >product to my clients but I have changed my mind, I am considering
removing
> >it from my server. Can anyone make any recommendations on backup
software?
> I
> >guess I can use NTBackup but I like the idea of backing up individual
> >mailboxes in Exchange and the scheduling is easier.
> >Look at what the Veritas readme file says, can you believe that they are
> >instructing you to apply a group policy to your network to allow unsigned
> >drivers and let them install silently, UNBELIEVABLE!!
> >Beware,
> >
> >Rick in the Midwest
> >
> >Read below: (from the readme file)
> >After installing Backup Exec on a computer running Windows Server 2003,
> a
> >message displays during driver installation that indicates the drivers
about
> >to be installed have not gone through the Microsoft Windows Hardware
Quality
> >Labs (WHQL) program. The VERITAS drivers go through a similar
qualification
> >process. VERITAS recommends that you install the VERITAS drivers. Use the
> >following steps to make the necessary policy setting change.
> >
> > a.. Incorporate the driver installation into Setup by using the
> >DriverSigningPolicy=ignore setting. (See related articles.)
> >
> > b.. Implement a driver signing policy in a Windows 2000, Windows XP, or
> >Windows Server 2003 Domain by using Group Policy:
> >
> > 1.. Under Administrator Tools, in the Active Directory Users and
> >Computers snap-in, right-click the domain root, click Properties, and
then
> >click the Group Policy tab.
> >
> > 2.. Click the default domain policy, and then click Edit.
> >
> > 3.. Expand Computer Configuration, expand Windows Settings, and then
> >expand Security Settings. Expand Local Policies, expand Security Options,
> >and then modify Device: Unsigned driver installation Behavior to the
setting
> >that you want to use. Select "silently succeed".
> >
> > Note: This policy is a domain-wide policy.
> >
> > Note: To set the policy on the local computer where no Domain policy is
> >applied, click Start, point to Settings, click Control Panel, and then
> >double-click System. On the Hardware tab, click Driver Signing..., and
then
> >select a verification setting.
> >
> > Note: Windows XP queries for the policy and ensures that it matches the
> >entry that is stored for it in an alternate location. However, if the
> >operating system determines that the Driver Signing Policy registry key
> has
> >been tampered with, the operating system automatically resets to the
correct
> >values (or the default value, which is Warn and Ignore for non-driver
> >signing policy).
> >
> > Note: For silent installations, the /td: option to install VERITAS tape
> >device drivers will be ignored unless your driver signing policy is set
> for
> >Ignore.
> >
> >
> >
>

Well, the drivers may not have been signed but the 9.1 version is MS Logo
Certified. Even MS does not require the drivers to be signed for Logo Cert.
They would have to pay MS for re-signing the driver everytime the driver
was updated for all tape devices. Not much value. Besides, if you dont like
VRTS drivers, use the MS ones. BE doesnt care.

Both 9.0 and 9.1 passed on W2K and W2K3.

http://cert.veritest.com/CfWreports/...arch&pr=0&pc=1







"Gary Karasik" wrote:
>I agree that driver-signing is not a big deal, and I also agree that
>requiring users to set a domain-wide policy over it is tacky.
>
>GaryK
>
>"Patrick Farrell" wrote in message
>news:3fd3a00c@ROSASTDMZ05....
>> Rick wrote:
>> > I just upgraded my W2K that has Backup Exec v9.0. I attempted to upgrade
>> > BE to version 9.1 because of the compatibility issues and that this
>version
>> > is compatible with W2K3. What I found out during the installation that
>> > they are using drivers that HAVE NOT passed the Windows logo
>certification.
>> > I prompted stopped the installation. I can't believe that Veritas is
>doing
>> > this, don't they have a clue that these are servers and the importance
>of
>> > drivers that have been certified by Microsoft? I have always recommend
>their
>> > product to my clients but I have changed my mind, I am considering
>removing
>> > it from my server. Can anyone make any recommendations on backup
>software? I
>> > guess I can use NTBackup but I like the idea of backing up individual
>> > mailboxes in Exchange and the scheduling is easier.
>> > Look at what the Veritas readme file says, can you believe that they
are
>> > instructing you to apply a group policy to your network to allow
>unsigned
>> > drivers and let them install silently, UNBELIEVABLE!!
>> > Beware,
>> >
>> > Rick in the Midwest
>> >
>> > Read below: (from the readme file)
>> > After installing Backup Exec on a computer running Windows Server 2003,
>a
>> > message displays during driver installation that indicates the drivers
>about
>> > to be installed have not gone through the Microsoft Windows Hardware
>Quality
>> > Labs (WHQL) program. The VERITAS drivers go through a similar
>qualification
>> > process. VERITAS recommends that you install the VERITAS drivers. Use
>the
>> > following steps to make the necessary policy setting change.
>> >
>> > a.. Incorporate the driver installation into Setup by using the
>> > DriverSigningPolicy=ignore setting. (See related articles.)
>> >
>> > b.. Implement a driver signing policy in a Windows 2000, Windows XP,
>or
>> > Windows Server 2003 Domain by using Group Policy:
>> >
>> > 1.. Under Administrator Tools, in the Active Directory Users and
>> > Computers snap-in, right-click the domain root, click Properties, and
>then
>> > click the Group Policy tab.
>> >
>> > 2.. Click the default domain policy, and then click Edit.
>> >
>> > 3.. Expand Computer Configuration, expand Windows Settings, and
then
>> > expand Security Settings. Expand Local Policies, expand Security
>Options,
>> > and then modify Device: Unsigned driver installation Behavior to the
>setting
>> > that you want to use. Select "silently succeed".
>> >
>> > Note: This policy is a domain-wide policy.
>> >
>> > Note: To set the policy on the local computer where no Domain policy
>is
>> > applied, click Start, point to Settings, click Control Panel, and then
>> > double-click System. On the Hardware tab, click Driver Signing..., and
>then
>> > select a verification setting.
>> >
>> > Note: Windows XP queries for the policy and ensures that it matches
>the
>> > entry that is stored for it in an alternate location. However, if the
>> > operating system determines that the Driver Signing Policy registry
key
>has
>> > been tampered with, the operating system automatically resets to the
>correct
>> > values (or the default value, which is Warn and Ignore for non-driver
>> > signing policy).
>> >
>> > Note: For silent installations, the /td: option to install VERITAS
>tape
>> > device drivers will be ignored unless your driver signing policy is
set
>for
>> > Ignore.
>> >
>> >
>> >
>>
>> You really need to ratchet down a notch on your reaction. Windows
>> Driver Signing guarantees nothing. I've seen plenty of crashes related
>> to "signed" drivers. It may be nice that you can say hey all my stuff
>> is signed, but just because it's not doesn't mean there is anything
>> wrong with it. I've never had crashes related to my nvidia video
>> drivers and half the time their versions aren't signed, and that is a
>> critical component. They documented it in it's file and I understand
>> that you may want to make people aware of it before they upgrade, but
to
>> say you are going to basically look at dumping their product line over
>> this is an extreme over-reaction. I've had lots of REAL issues with
>> their Netware versions that have now and then made that thought cross
my
>> mind, but this really doesn't rate on that level.
>>
>> You do make a very valid point however about the domain wide group
>> policy. That however is up to the administrator if he wants to do that
>> or not. I've considered it because when you push down an printer via
>> NDPS to an XP box, you always get the driver signing warning even though
>> the driver is properly signed. NDPS strips it off.
>>
>> Getting back to the point now that I drifted, I really think you place
>> way to much emphasis on driver signing. It's not all it's cracked up
to
>be.
>>
>> Patrick
>>
>>
>
>