Hello. Our company is a developer of hardware. We have recently had some device driver code updated for which the WHQL tests have been applied and we have passed and received the HLKX files. We have purchased the EV Code signing certificate (Sectigo) and signed all files that needed to be signed. Wasted most of today in attempting to login into the Microsoft portal to submit the signed files. Apparently the WINQUAL account we have used years ago has been deprecated? We created a new Microsoft account but now need to share our DNA with outside parties to be vetted onto the Microsoft portal to submit the files? So far, unable to find an email to ask for help @ Microsoft. Hope someone can shed a few pointers to get us going. Thanks in advance.
You need a partner center account. This is all pretty well documented:
Thanks Peter. We have been submitting signed drivers through the Microsoft portal for years but something has changed. In a feeble attempt to create yet a fresh account to submit the drivers, appears we need to go through the vetting process again. Will attempt to contact Microsoft tomorrow to get some answers. At this time, believe that we are in a waiting cycle for Microsoft to validate our (new) account. TBD.
FWIW, there have been many, many, complaints here over the past six months or so from people who’ve had trouble getting signed-up for the portal.
Also, the portal is buggy and is known to randomly hang on submissions.
I have no inside information on this, but I get the sneaking suspicion that Attestation Signing is not long for this world.
I really hope that is not true. My drivers have such a small user base it's really hard for me to justify the overhead of WHQL testing.
No current plans to change anything. imo requiring extensive testing for a non-mass market driver is a disproportionate amount of overhead.
Documented very badly. I don't know how to get the Entra ID and there's no explanations. I found "Microsoft Entra ID Free - Sign in with your Microsoft account" button, clicked it, it said I needed a Microsoft account, clicked that, it asked for my email, password, and birthdate - didn't even ask company name. Then it said "Selected user account does not exist in tenant "Microsoft Services" and cannot access the application ... in that tenant. The account needs to be added as an external user in the tenant first". WTF. Can't go any further than this. I would expect that I would need to enter a company name, address, provide EV certificate. What I've done looks wrong to me. But I have absolutely no idea where to start. I found lots of texts on how to use Entra ID, but nothing about how to get it.
May I ask the people who already signed up to help me with initial link where I could start from scratch? May be someone have seen a step-by-step instructions somewhere.
THAT's the best new I've heard so far this year.
Thank you, again, Mr @Zac_Lockard.
Hmmm... Entra ID:
Microsoft Entra ID (formerly Azure Active Directory) | Microsoft Security
Most companies get their Entra ID credentials when they sign up for Microsoft 365 (previously know as Office 365). Entra ID then either hosts or replicates your domain in Azure.
The docs claim that "if you don't have an existing Entra ID account, you can create one for free"... I have no idea about how or if that works.
You wrote:
I would expect that I would need to enter a company name, address
That's the Entra ID part.
and also you wrote:
provide EV certificate
That comes later, as described in the docs... once you have your partner account, you login to the dashboard and follow a procedure to sign a file with your EV Cert and upload that signed file.
I hope that helps,
I have read all that, but we don't use 365, so we don't have any Entra ID.
That's what I'm trying to do. Did anyone have any success with that?
It is almost impossible not to have an entra id these days. Even home basic users do - whether they know it or not
And there is no way to run an effective on prem AD without adconnect either
I'd say that's the opposite. It is almost impossible to have it. I have tried for half a day, opened a few Microsoft accounts, used different computers, differemt browsers, but apparently none of the accounts I have created is good for creating an Entra ID, all of them report the same:
"Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application '74658136-14ec-4630-ad9b-26e160ff0fc6' in that tenant. The account needs to be added as an external user in the tenant first. Please use a different account."
And there's no way to create an account which would be linked a business not to a person.
Writing drivers is much easier than that.
Your experience is much different than mine. Of course I have transitioned a large on prem AD into hybrid and dealt with a small number of home basic users along the way. Trying to make sure that dev staff who need this kind of access keep it
And then we needed to provision resources for those who need them.
Actually, I went through the process, and Entra ID wasn't needed (or was created silently for me). However, Microsoft blocked the request for some reason, the request for Hardware was blocked, same as with IgnoreException user 
Well this made me curious. I have been running an effective on prem AD for, oh I don't know, at least twenty years, and I don't use adconnect. I don't even know why I would want to. However the fact that it has been renamed 'entraConnect' makes me think perhaps I might have to in order to sort out my Hardware Portal clusterfck that has been ongoing for about more than a year.
Anyway on prem AD works just fine, zero entraConnect needed as far as I can tell.
We noticed a change when we applied to renew our EV signing certificate. We had to answer way more questions to receive it to the point of of our VP of Engineering getting annoyed and wanting to look at obtaining the certificate from a different company. Then when we contacted a different company we found out that we would still have to jump over these new hurdles.
The whole thing smelled of audits however who could be against any company wanting to tighten up their practices to increase their product security?
I remember logging into the portal and seeing that I no longer had access to hardware. We are one company in a group, run by a parent, and I eventually got the guy who runs the parent company Azure account to give me my Entra ID with onmicrosoft login. He also added another developer. No extra vetting required.
It seems as if Microsoft wants to tighten up access to its portal (nothing wrong with that) however this has come at the cost of frustrating genuine developers with issues like release deadlines, customer satisfaction and the ability to run their businesses.
It seems that some individuals are getting help from Microsoft (and this is Microsoft's issue to fix either in terms of bugs or giving customers information) while others are struggling to get answers from Microsoft to get their drivers signed. Some clarification would be start.
If we have to jump over new hurdles then fine. We need clarification of what those new hurdles are though.
Even more fun it only applies to the "public" version of Microsoft 365. If you are on a Microsoft 365 Government plan you have to maintain an entirely separate domain in Azure to use the hardware dashboard and sign drivers.
Does anyone else have problems signing up for the Hardware program? We've been trying to but regardless of the account we used, we keep getting the error "Global admin credentials required - To enroll your organization in this program, you must be a global admin. The account you used to sign in to Partner Center is not a global admin account."
Hi. Yes, living in the same nightmare and it will be 2 weeks today that we have been following their latest vetting process. Our company has been developing hardware and respectively device drivers for well over 20 years. The old method of login appears to be purged.
You will have to create a business account and enroll in the Hardware Program where you can upload your code signing certificate (we used Sectigo EV code signing certificate); you have to sign the Microsoft supplied .bin file to authenticate the certificate is in your possession). Even after all of the above, they need to vet you are employed at the same company and that is where we are currently at for our company (I am the co-founder). These new steps are just nasty business. We recently uploaded the register details (12 months or younger) for our domain name with my name listed on the AWS server. One hurdle after another. Ironically, Microsoft buys our hardware. Brutal. Hope that we are able to submit the drivers for cross signing by Christmas.
To assist you, please note the following support staff @ Microsoft which we were lucky enough to find after countless hours of this ordeal. Hope the employees do not mind.
Jason,
Office Hours 10AM-7PM US CST.
v-jagre@microsoft.com
Lorenzo
Your Partners at Microsoft
Office Hours 9AM-6PM US CT
v-lnarvaez@microsoft.com
One more suggestion is to create a fresh ticket by following this thread which actually does work and the above 2 staff members replied to our request:
https: / / learn . microsoft . com/en-us/answers/questions/2155143/how-to-restore-access-to-microsoft-partner-center?page=0&orderby=Helpful#answers
- remove the space
** Very grateful for this thread and appears that we are not alone in this nightmare.
I've gone that route and came in contact with the exact same agent, only to get a response that "Please be advised, this account has been suspended due to non-compliance with the hardware program" (even though we have never successfully registered for the hardware program. FWIW, our "Microsoft AI Cloud Partner Program" status says "This program registration has been deactivated for your account"; I wonder if this is affecting our registration). I created a new support request, but we've been stuck for 2 months trying various procedures with their support staff without success. Now that Microsoft has upgraded their hardware portal, I'm not sure whether it's going to work out or if we're going to have to start from scratch.