Environment
ZENworks Configuration Management 2017 Update 4
ZENworks Endpoint Security Management 2017 Update 4
ZENworks Endpoint Security Management 2017 Update 4
Situation
On unpatched Windows 7 SP1, installing ZENworks agent setup.exe for ZESM causes device to enter repair mode on restart.
ERROR in event logs:
Service Control Manager:
The ZESFSMF service failed to start due to the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source
Install:
Novell ZESM Core Installer: Error installation and returning: 577 Exited with return code of: 577
Resolution
Ensure that the devices have reasonably current Windows patches. In this case, Microsoft KB3033929 or any superseding patch containing that fix (Microsoft KB4474419 for example) is required for the SHA256 signed drivers. But it's always best to keep Windows devices patched and up to date.
Cause
SHA256 driver signing requires Windows to read these later driver signatures.