I saw this with Windows 7 64-bit. As Windows was detecting devices and installing the drivers, it is seeing either unsigned drivers, or more likely, Windows XP drivers.
If you have a directory full of driver files, make sure you aren't including anything that isn't Windows 7.
When you do a manual install, the setup program is smart enough to find the right files, but during the Windows detection process during a Windows install, it looks through all the directories in the driver path and it gets upset if it sees things it doesn't like.
Unfortunately even some of the drivers that you download from HP or Dell are unsigned drivers. When you let windows do it's detection by itself in the Audit phases (like with LANDesk HII) it will never accept these unsigned drivers. Removing those drivers, an alternative HII solution or some scripting on your own part using DPINST tooling to install drivers in a later phase can help you get rid of these errors.
we turn driver signing off using a two-part script when sysprep runs. This places the machine in a TEST MODE and allows any driver install to proceed without the prompting. I suppose that you could take the machine out of this mode afterward but we've not bothered to do so. Apart from a TEST MODE stamp in the lower right corner of the desktop, you don't notice any evidence that it is non-standard.
here is the affected snip from our unattend file:
<component name="Microsoft-Windows-Deployment" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Path>c:\windows\System32\reg.exe IMPORT C:\Administration\ASDWin7ImageBranding.reg </Path>
<Description>System Registry is being branded with custom image information</Description>
<Path>c:\windows\System32\bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS </Path>
<Description>Turn off Driver Signing - Step 1 of 2</Description>
<Path>c:\windows\System32\bcdedit.exe -set TESTSIGNING ON </Path>
<Description>Turn off Driver Signing - Step 2 of 2</Description>
<Path>c:\windows\System32\sysprep\sysprep.exe /oobe /generalize /reboot </Path>
<Description>Sysprep for OOBE and generalize</Description>
It is worth adding that we deploy drivers in a .BAT script using .EXEs provided by HP & others. The driver install .BAT script gets launched right before the desktop loads following sysprep and we use a WAIT action to prevent further action until all of the drivers are installed.
Tried turning off driver signing in both Sysprep and on the image prior to capturing and tested but it still had the unsigned driver prompts. We're using HII and yes as Gary said it is only happening with 64-bit Win 7.
Not too sure how you can solve this with LANDesk OS Deployment since (from reading above) it looks like it goes in audit mode.
We use Windows Deployment Services and one way to get around this on 64 bit platforms is to inject your drivers offline using Windows System Image Manager.
have you looked into HPs System Software Manager (SSM.exe). You can run one executable to manage all your .EXE drivers (for HP) anyways that you download using the HP's Softpaq Download Manager. You just dump all your softpaqs that you download from the HP Softpaq Download Manger into a folder and and run the SSM too against the folder and it will go through and determine your hardware, unpack the right softpaq, and install it silently one by one.
I once looked into HP's SSM. I had trouble with getting it to work properly when I was testing it and promptly sidelined it. I am one of those "if it ain't broke don't fix it" kind of people when it comes to complex systems. Many times I have uncovered the unintended consequences of a patch or new driver in that I think I'm solving one problem but then realize it costs one or more new problems. Since I am stretched too thin as it is I pretty much stick with the same drivers as soon as testing shows me that I have a working system-I really don't care how old a drvier becomes in service unless it proves to be the source of a problem.
@BJ the OP...
I capture my Windows 7 x32 & x64 images in audit mode and deploy them with the ImageForWindows software that comes with LDMS 9. I use provisioning to manage the deployment of the image along all of the associated actions relating to the task. I use LDMS 9 SP3 for 'some' HII driver installations. Since SP3 took away my ability to specify which drivers go to which machines I pretty much stripped out all drivers save the wired NIC and HDC drivers. The lines of code I supplied above apply to a flat UNATTEND.XML file which works with either x32 or x64 Win7 image files. Those lines of code do in fact turn off driver signing after the image is put down on the target computer. After sysprep has run, applied its own microsoft drivers and those provided by Landesk HII, and pulled the machine out of audit mode, I then reapply my own list of device drivers and over-write many of the generic MS drivers that Sysprep put down. Because I am putting most of my device drivers down after driver signing is off, I don't see the message box that you put up in your first post.
I hope this helps.
Have a look at this thread: http://social.technet.microsoft.com/Forums/en/w7itproinstall/thread/6058c3fd-8c4f-41e0-aa3f-eea731dba896
You need to work with BCDEDIT to by-pass driver signature check during unattended installation.
You need to do as Philipp says when using LANDesk HII. If you use another HII method scripted around dpinst tooling, you can add a parameter to install unsigned drivers too.