This article includes a document describing how to use PGP Universal Server with Directory Synchronization with Nested Groups.

 

LDAP Directory Synchronization on PGP Universal Server is currently not supported using Nested groups. To use Nested groups with Directory Synchronization, each subgroup must be manually added to the policy on the server.

To add the Nested Groups manually do the following:

1.  Log in to the Universal Server
2.  Go to Consumers
3.  Click on Add Group
4.  Click the Membership Tab
5.  Check the "Match Consumers Via Directory Synchronization" box
6.  Under "All LDAP Directories" select "If any of the following Apply"
7.  Then add the Attributes and Values
8.  Click the + sign on the right to add another subgroup.
9.  When you are done click on Save to save the settings.
10. Go back to the General Tab and add a Group Name and you can select the Policy you want to assign to the Group.
11. Click on Save.


A feature request has been logged to track this request.  Please see the following article and subscribe to it for further updates:

http://www.symantec.com/docs/TECH191026