If your LDAP directory is not configured for LDAP referrals, but Enable LDAP Referrals is enabled in Directory Synchronization of the PGP Universal Server, existing internal users may be removed from their group policy, or enrollment with the server may fail with the following error:
The configuration server rejected your credentials.
PGP Universal Server 2.5.x and above now has support for LDAP Referrals. LDAP Referrals provide the ability to query other LDAP servers for users. If the LDAP server (e.g. Microsoft Active Directory) does not support LDAP referrals, or is not being used, enrollment will fail. Users who are already enrolled on the PGP Universal Server will either be put into the Default policy or disabled if Exclude non-matching users by default is selected.
Disable LDAP Referrals on the PGP Universal Server:
NOTE: In PGP Universal Server 3.2, the Enable LDAP Referrals option can be located in Consumers > Directory Synchronization> Settings (a button at the very bottom of the page).