Device Manager, Hardware Wizards, and Resulting Internet Communication in Windows Server 2008
Applies To: Windows Server 2008
In This Section
Benefits and Purposes of Device Manager and Hardware Wizards
Overview: Using Device Manager in a Managed Environment
How Hardware Wizards Communicate with Sites on the Internet
Controlling Hardware Wizards to Limit the Flow of Information to and from the Internet
Procedures for Controlling Communication Between Hardware Wizards and the Windows Update Web Site
Additional References
Section Summary
This section provides information about:
The benefits of Device Manager and hardware wizards.
How hardware wizards communicate with sites on the Internet.
Device Manager provides an interface for viewing the configuration of hardware devices, and the wizards help with installing and configuring the correct driver for a device. This subsection describes how the wizards communicate with the Internet and provides background about Device Manager.
How to control hardware wizards to limit the flow of information to and from the Internet.
Note
Hardware wizards are not the only means through which a device driver might be downloaded from the Internet. On a computer running Windows Server 2008, if automatic updating is enabled, device drivers that are specific to the devices on that computer could be downloaded from the Windows Update Web site. For information about Windows Update and procedures related to turning off automatic updating, see Windows Update and Resulting Internet Communication in Windows Server 2008 in this white paper.
This information about Device Manager and hardware wizards is also related to Plug and Play (PnP), which is described briefly in Plug and Play in Windows Server 2008 in this white paper.
Benefits and Purposes of Device Manager and Hardware Wizards
Hardware wizards supplement Device Manager functionality.
Device Manager
Device Manager is one of a group of technologies that support the installation of hardware devices and the device driver software that enables them to communicate with Windows. Features in Windows Server 2008 give administrators the ability to control the devices that can be installed on the computers they manage.
Note
By default, only administrators or users with administrative credentials can install or update device drivers. However, this default can be changed by modifying Group Policy settings.
Hardware Wizards
Hardware wizards simplify the process of obtaining the correct device driver for a particular device. Hardware wizards can be especially important if a new device is attached to the computer and no device driver is available locally. If the Found New Hardware Wizard is allowed to search the Windows Update Web site and the device driver is available there, the device driver can quickly be downloaded and the device can then be used. Otherwise, the device driver must be installed by hand, or the computer user must wait until automatic updating (if it is enabled) completes its next scheduled update. At that time, if the device driver is available on the Windows Update Web site, it will be downloaded and installed through automatic updating.
Overview: Using Device Manager in a Managed Environment
Administrators can access Device Manager through Control Panel\System and Maintenance\System. Users can access Device Manager in the same way to view information about the hardware installed on their computers, but they must have administrative credentials to add or update device drivers.
Administrators (or users with administrative credentials) will typically use Device Manager to check the status of hardware and to update device drivers. Administrators who have a thorough understanding of computer hardware might also use Device Manager's diagnostic features to resolve device conflicts and change resource settings.
Device Manager can work in conjunction with hardware wizards and the Windows Update Web site to deliver updated drivers for installed hardware. If an administrator attaches a new device and Windows Server 2008 does not find an appropriate device driver on the computer, the Found New Hardware Wizard searches the Windows Update Web site (if an Internet connection is available) for the device driver.
If the administrator requests to upgrade a device driver, the response is slightly different: by default, a prompt appears, asking whether the search for a device driver should include the Internet or should only include the local computer.
As an administrator, you can control whether Device Manager or hardware wizards search the Internet for device drivers. You can do this through Control Panel or Group Policy. Another option is to use Windows Server Update Services (WSUS) to cause device driver searches to go to a server in your network instead of going to the Windows Update Web site. A third option is to turn off all access to Windows Update by using Group Policy. For more information about these options, see Controlling Hardware Wizards to Limit the Flow of Information to and from the Internet and Procedures for Controlling Communication Between Hardware Wizards and the Windows Update Web Site, later in this section.
It is also possible to use a registry key to specify the search path for hardware wizards to use. For more information, see Additional References, later in this section.
How Hardware Wizards Communicate with Sites on the Internet
Hardware wizards search for device drivers in slightly different ways, depending on the type of device for which a driver is needed. Devices include:
An existing device for which a new device driver is available. To update a device driver, a person logged on to Windows Server 2008 as an administrator opens Device Manager, selects a hardware device, and on the Action menu, clicks Update Driver Software. Alternatively, the person can open Device Manager, right-click a hardware device, and click Update Driver Software. This activates the Update Driver Software Wizard. If Windows Update device driver searching has not been disabled, by default, the Update Driver Software Wizard prompts the person to find out whether the search for a device driver should include the Internet or should only include the local computer.
A new PnP device for which the driver is not included in Windows Server 2008. To install a new PnP device, a person logged on to Windows Server 2008 as an administrator first attaches the device. In some instances, Windows Server 2008 finds the appropriate driver locally and installs it without input from the user. In other instances, Windows Server 2008 cannot find an appropriate driver locally, and the Found New Hardware Wizard starts. By default, the Found New Hardware Wizard searches the Windows Update Web site for an updated device driver (but this can be controlled through Control Panel or Group Policy).
A device that is not PnP. When a person logged on to Windows Server 2008 as an administrator attaches a device that is not PnP, he or she can use the Classic View of Control Panel and double-click Add Hardware to start the Add Hardware Wizard. This wizard does not connect to the Internet for device drivers.
In the cases where a hardware wizard communicates with the Windows Update Web site, the communication is like other communication with Windows Update. Therefore, some items in the following list refer to Windows Update and Resulting Internet Communication in Windows Server 2008 in this white paper.
Hardware wizards communicate with sites on the Internet as follows:
Specific information sent or received: See the section Windows Update and Resulting Internet Communication in Windows Server 2008 in this white paper.
Default settings: By default, hardware wizards are capable of searching the Windows Update Web site for a device driver. For a description of the defaults for prompting, see "User notification," later in this list.
Triggers: A person logged on as an administrator starts the Update Driver Software Wizard or adds a new PnP device for which Windows Server 2008 cannot find an appropriate driver locally.
Important
Hardware wizards are not the only means through which a device driver might be downloaded from the Internet. On a computer running Windows Server 2008, if a new device for which there is no driver is attached, and automatic updating later occurs and discovers that a device driver is available on the Windows Update Web site, the driver will then be downloaded. For procedures related to turning off automatic updating, see Windows Update and Resulting Internet Communication in Windows Server 2008 in this white paper.
User notification: By default, if the Found New Hardware Wizard does not locate a device driver locally for a device that has just been attached, it does not notify the user before searching the Windows Update Web site for a device driver. By default, when the Update Driver Software Wizard is started, it asks whether the search for a device driver should include the Internet or should only include the local computer.
You can control whether these wizards prompt in this way. For details, see Procedures for Controlling Communication Between Hardware Wizards and the Windows Update Web Site, later in this section.
Logging: Errors that result from problems installing hardware devices without drivers are logged to the event log.
Encryption, access, privacy, transmission protocol, and port: See the section Windows Update and Resulting Internet Communication in Windows Server 2008 in this white paper. The privacy statement for Windows Update is on the Microsoft Web site at:
Ability to disable: You cannot disable Device Manager, but you can use Control Panel or Group Policy to prevent hardware wizards from searching for drivers on the Windows Update Web site. Alternatively, you can turn off all access to Windows Update.
Controlling Hardware Wizards to Limit the Flow of Information to and from the Internet
To prevent hardware wizards from searching the Windows Update Web site for device drivers, you can use either Control Panel or Group Policy.
Another option for preventing hardware wizards from communicating with the Internet is to use Windows Server Update Services (WSUS) to cause device driver searches to go to a server in your network instead of going to the Windows Update Web site. For more information, see the Microsoft Web site at:
A third option is to turn off all access to Windows Update by using Group Policy. If you turn off all access to Windows Update, a person logged on will still be able to use Device Manager to view information about their hardware devices. In addition, administrators still have the option to manually download driver updates from an Internet site or from an intranet server that you maintain on your network.
It is also possible to use a registry key to specify the search path for hardware wizards to use. For more information about this option, see the listings in Additional References, later in this section.
Procedures for Controlling Communication Between Hardware Wizards and the Windows Update Web Site
This section includes procedures for:
Controlling Windows Update device driver searching and prompts by using Control Panel.
Specifying driver search locations for PnP devices by using Group Policy.
When you install new hardware, Windows Server 2008 can search four locations for drivers in the following order: the hard drive, the floppy drive, the CD drive, and Windows Update. However, you can configure the driver search locations to remove selected locations.
Turning off Windows Update device driver searching by using Group Policy.
For the procedures to turn off all access to the Windows Update Web site or configure automatic updating, see the section Windows Update and Resulting Internet Communication in Windows Server 2008 in this white paper.
Important
Hardware wizards are not the only means through which a device driver might be downloaded from the Internet. On a computer running Windows Server 2008, if automatic updating is enabled, device drivers that are specific to the devices on that computer could be downloaded from the Windows Update Web site. For procedures related to turning off automatic updating, see Windows Update and Resulting Internet Communication in Windows Server 2008 in this white paper.
To Control Windows Update Device Driver Searching and Prompts by Using Control Panel
Click Start, and then either click Control Panel, or point to Settings and then click Control Panel.
Double-click System.
Click Advanced system settings and then click the Hardware tab.
Click Windows Update Driver Settings.
Choose an option:
Check for drivers automatically
Ask me each time I connect a new device before checking for drivers
Never check for drivers when I connect a device
To Specify Driver Search Locations for PnP Devices by Using Group Policy
As needed, see Appendix B: Resources for Learning About Group Policy for Windows Server 2008, and then edit an appropriate Group Policy object (GPO).
Expand User Configuration, expand Policies (if present), expand Administrative Templates, expand System, and then click Driver Installation.
In the details pane, double-click Configure driver search locations, and then click Enabled.
Select or clear check boxes to prevent or allow searching of floppy disk drives, CD-ROM drives, or Windows Update.
Important
Group Policy contains a setting in Computer Configuration under Policies (if present), in Administrative Templates\System\Driver Installation, called Allow non-administrators to install drivers for these device classes. When this setting is enabled and a non-administrator uses a hardware wizard, the wizard does not search the Windows Update Web site or Windows Server Update Services (WSUS) for drivers. If you want to use this setting to allow non-administrators to install device drivers that are not included in Windows Server 2008, make the drivers available through some means other than WSUS, for example, by placing them in a shared folder and notifying users of the folder location.
To Turn Off Windows Update Device Driver Searching by Using Group Policy
As needed, see Appendix B: Resources for Learning About Group Policy for Windows Server 2008, and then edit an appropriate GPO.
Expand Computer Configuration, expand Policies (if present), expand Administrative Templates, expand System, expand Internet Communication Management, and then click Internet Communication settings.
In the details pane, double-click Turn off Windows Update device driver searching, and then click Enabled.
Important
You can also restrict Internet access for hardware wizards and a number of other features by applying the Restrict Internet communication policy setting, which is located in Computer Configuration under Policies (if present), in Administrative Templates\System\Internet Communication Management. For more information about this Group Policy and the policies that it controls, see Appendix C: Group Policy Settings Listed Under the Internet Communication Management Category in Windows Server 2008.
Additional References
For a description of PnP, see the following section in this white paper:
An extensive list of topics related to device management and installation is available. Included is a step-by-step guide to controlling device installation and usage with Group Policy and a step-by-step guide to device driver signing and staging. The list of topics is on the TechNet Web site at:
For a description of Windows Update, see the following section in this white paper:
Windows Update and Resulting Internet Communication in Windows Server 2008
For a collection of resources for system designers, driver developers, and test engineers, see the Microsoft Web site at:
For information about a registry setting called DevicePath through which you can set the search path for device drivers, see the MSDN Web site at:
For information about how Setup locates and selects a function driver for a PnP device, see the MSDN Web site at: