Identifying and removing a defective driver / Windows can’t verify the publisher of this driver software

When receiving the error Windows can’t verify the publisher of this driver software:

Open C:\windows\inf\setupapi.dev.log

Search for the word FAILURE. You will find a section like this:

>> [Setup Import Driver Package – C:\Program Files\Dell\DellDataVault\Drivers\DellePSASysWin10\dddriver64Dcsa.inf]
>>> Section start 2019/04/30 07:46:02.002
cmd: C:\Windows\System32\MsiExec.exe -Embedding 7E4BACD9B4CD6B3FB70D782C28D28191 E Global\MSI0000
inf: Provider: Dell Technologies
inf: Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
inf: Driver Version: 02/27/2019,16.22.7.657
inf: Catalog File: dddriver64Dcsa.cat
pol: {Driver package policy check} 07:46:02.104
pol: {Driver package policy check – exit(0x00000000)} 07:46:02.104
sto: {Stage Driver Package: C:\Program Files\Dell\DellDataVault\Drivers\DellePSASysWin10\dddriver64Dcsa.inf} 07:46:02.119
inf: {Query Configurability: C:\Program Files\Dell\DellDataVault\Drivers\DellePSASysWin10\dddriver64Dcsa.inf} 07:46:02.119
inf: Driver package ‘dddriver64Dcsa.inf’ is configurable.
inf: {Query Configurability: exit(0x00000000)} 07:46:02.119
flq: Copying ‘C:\Program Files\Dell\DellDataVault\Drivers\DellePSASysWin10\dddriver64Dcsa.cat’ to ‘C:\Windows\System32\DriverStore\Temp\{8bbc32d0-21d9-6842-83b7-48cbdf75cbcf}\dddriver64Dcsa.cat’.
flq: Copying ‘C:\Program Files\Dell\DellDataVault\Drivers\DellePSASysWin10\dddriver64Dcsa.inf’ to ‘C:\Windows\System32\DriverStore\Temp\{8bbc32d0-21d9-6842-83b7-48cbdf75cbcf}\dddriver64Dcsa.inf’.
flq: Copying ‘C:\Program Files\Dell\DellDataVault\Drivers\DellePSASysWin10\dddriver64Dcsa.sys’ to ‘C:\Windows\System32\DriverStore\Temp\{8bbc32d0-21d9-6842-83b7-48cbdf75cbcf}\dddriver64Dcsa.sys’.
sto: {DRIVERSTORE IMPORT VALIDATE} 07:46:02.150
sig: {_VERIFY_FILE_SIGNATURE} 07:46:02.182
sig: Key = dddriver64Dcsa.inf
sig: FilePath = C:\Windows\System32\DriverStore\Temp\{8bbc32d0-21d9-6842-83b7-48cbdf75cbcf}\dddriver64Dcsa.inf
sig: Catalog = C:\Windows\System32\DriverStore\Temp\{8bbc32d0-21d9-6842-83b7-48cbdf75cbcf}\dddriver64Dcsa.cat
sig: Success: File is signed in catalog.
sig: {_VERIFY_FILE_SIGNATURE exit(0x00000000)} 07:46:02.202
!!! sig: Failed to verify file ‘dddriver64Dcsa.sys’ against catalog ‘dddriver64Dcsa.cat’. Error = 0xE000024B
!!! sig: Catalog did not contain file hash. File is likely corrupt or a victim of tampering.
!!! sig: Driver package appears to be tampered. Filename = dddriver64Dcsa.inf, Error = 0xE000024B
!!! sig: Driver package appears to be tampered, and user does not want to install it.
!!! sig: Driver package failed signature validation. Error = 0xE000024B
sto: {DRIVERSTORE IMPORT VALIDATE: exit(0xe000024b)} 07:50:44.184
!!! sig: Driver package failed signature verification. Error = 0xE000024B
!!! sto: Failed to import driver package into Driver Store. Error = 0xE000024B
sto: {Stage Driver Package: exit(0xe000024b)} 07:50:44.189
<<< Section end 2019/04/30 07:50:44.193
<<< [Exit status: FAILURE(0xe000024b)]

https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/pnputil-command-syntax

Run pnputil /enum-drivers to list third party drivers, so you can find the filename in the driver store:

Published Name: oem9.inf
Original Name: dddriver64dcsa.inf
Provider Name: Dell Technologies
Class Name: System devices
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Driver Version: 10/05/2018 2.0.1.0
Signer Name: Microsoft Windows Hardware Compatibility Publisher

In this case, run pnputil /delete-driver oem9.inf /uninstall and this is the result:

Microsoft PnP Utility

Driver package uninstalled.
Driver package deleted successfully.

 

Advertisements

PowerShell get proxy addresses of users created in the last 30 days

$ProxyUsers = Get-ADUser -Filter * -Properties GivenName, Surname, ProxyAddresses, Created, UserPrincipalName | select GivenName, Surname, ProxyAddresses, Created, UserPrincipalName | where Created -gt (Get-Date).AddDays(-30) | where UserPrincipalName -Like “*.com”

For all I know, the where clauses can be combined and put into the Get-ADUser filter, but I couldn’t be bothered.

Can’t log into Outlook after DirSync updated password

I set up a new user’s machine with a temporary password and logged into the Windows 10 Work or School account (in addition to AD). When the user changed her password, DirSync synced it to Azure AD, but Outlook would not accept the password when setting up the Outlook profile for the first time (password dialog kept coming up and not letting us proceed).

I checked the Event Log under Applications and Services Log > Microsoft > AAD > Operational. Check for errors with even ID 1098, similar to this:

Error: 0xCAA20003 Authorization grant failed for this assertion.
Code: invalid_grant
Description: AADSTS50173: The provided grant has expired due to it being revoked. The user might have changed or reset their password. The grant was issued on ‘2019-04-12T22:05:16.5783198Z’ and the TokensValidFrom date for this user is ‘2019-04-15T13:47:47.0000000Z’.

I had set her machine up on Friday evening 4/12. What was happening? Outlook must have been sending the Work or School account with the old/temporary password, not the new password the user was entering.

Don’t disable the device like it says below. Re-add the account first (instructions at the bottom of this page) and see if that works.

I went to Manage work or school account page in Windows 10 Settings, clicked on the account, then clicked Manage:

2019-04-15 10_37_34-Settings

On the web page that opens, I clicked Disable device and then Yes on the next pop up that appears.

2019-04-15 10_39_16-Access Panel Profile

Then on the same Manage work or school account settings screen, I had her re-add the account with her new password (since there is no Delete/Remove button). The “hold on while we apply the policy” screen was still spinning when I left, but she was finally able to log into Outlook with her new password.

Moral of the story – don’t add the work or school account unless you really need it.

Create a free website or blog at WordPress.com.

Up ↑