Device driver balloon popup at every user logon

Already at 2 of my customers I had the issue that every time a user logs on, they see a balloon popup that the Broadcom Bluetooth driver is installed successfully. Okay, thanks for the information, but WHY every time at log on.
In both scenario’s SCCM was used for OS deployment and in both scenario’s the drivers were installed successfully and the Bluetooth device was working.
But again, why notify the user every time at log on?

driverinstallationballoon

I noticed that this behavior only happens with normal users and not with user with local admin permissions, so apparently “something” happens, something a normal user is not able to do.

So what really happens:
When the driver is installed and the device is recognized, a registry keys is created under: “HKLM\SYSTEM\CurrentControlSet\Enum\USB”, based on Vendor ID (VID) & Product ID (PID). Under this registry key, sub-keys are created based on the device which is installed.
One of these sub-keys is the key: ConfigFlags.

A ControlFlags section identifies devices for which Windows should take certain unique actions during installation.
(source: http://msdn.microsoft.com/en-us/library/windows/hardware/ff546342.aspx)


When the driver is installed the key by default has the value 20000 (HEX).
The Hex value 20000 means InteractiveInstall.

Forces the specified list of devices to be installed in a user’s context. Each line can specify one or more hardware IDs or compatible IDs, and there can be one or more lines.
(source: http://msdn.microsoft.com/en-us/library/windows/hardware/ff546342.aspx)


A bit odd to install the device in user’s context when a normal user doesn’t have the permissions to update the reg-key, as it is under Local Machine.

There are several ways to “solve” this:

–       Give user Local Admin permissions
Well… actually this is not a solution… So no!

–       Give user modify permissions on “HKLM\SYSTEM\CurrentControlSet\Enum\USB” and sub-keys
Possible, but it means that users can make changes to the registry on a level you don’t want, so no!

–       Create a script which sets the ConfigFlags key to “0”, run this script during OS Deployment
I think the way to go. The driver is installed and nothing will happen in user’s context.

At my first customer where I noticed this issue, I wrote a VBScript which reads out the correct key under a pre-defined VID&PID Key. Because that solution is less modular, my Colleague Mike Bijl wrote a PowerShell script which we implemented at a different customer.

This PowerShell script checks all Key’s under “HKLM\SYSTEM\CurrentControlSet\Enum\USB” where Class=”Bluetooth”. In this way it’s more easy to use with different types of VID’s & PID’s.

The PowerShell Script:

$regitems = Get-ChildItem 'HKLM:SYSTEMCurrentControlSetEnumUSB' -recurse -ErrorAction SilentlyContinue | ForEach-Object {Get-ItemProperty -path $_.PSPath -Name Class -ErrorAction SilentlyContinue}|Where {$_.Class -eq "Bluetooth"}
If ($regitems)
{
	ForEach ($regitem in $regitems)
	{
		Set-ItemProperty -Path ($regitem).PSPath -Name ConfigFlags -Value 0 -Type DWORD
	}
}

Please remind that this script has to run under SYSTEM account, other users have no permissions by default. This makes it great to use in a OS Deployment scenario, like SCCM. If you use it with a OS Deployment scenario, please make sure the bluetooth device is enabled! If not enabled, the device will not be installed and the PowerShell script cannot modify the registry key!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.