Alternate Default Prefs File Feature

Products

Desktop Email Encryption Drive Encryption Encryption Management Server Endpoint Encryption File Share Encryption Gateway Email Encryption PGP Command Line PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK

Issue/Introduction

This article describes the new Offline Policy: Local Policy feature in versions of PGP Desktop 10.5 and above.

Resolution

Purpose of Feature

With the addition of the new Offline Policy: Local Policy feature in PGP Desktop, you can pre-configure custom local policies instead of using those which are hard-coded into the PGP Desktop executable.

Description of Feature

PGP Desktop now incorporates the contents of a new configuration file, PGPdefault.xml, if present, into its default preference set. Note that default preferences are only used in two situations: if the normal preferences file PGPprefs.xml is non-existent or if PGPprefs.xml is corrupt. Thus, in normal operation (when PGPprefs.xml is non-corrupt) the only impact of this feature is upon first run of PGP Desktop for a particular user.

The basic operation is this:
1) On each run of client code an internal set of preferences is created using the compiled-in defaults.

2) If the PGPdefault.xml file is found, it is merged into the preferences from step 1. Any individual prefs found in PGPdefault.xml will overwrite those in the above internal set. If PGPdefaults.xml is not found, the preferences from step 1 are used directly.

3) The preference set resulting from the above two steps is used as the default set for the PGPprefs.xml file. This means that if PGPprefs.xml is missing or corrupt, the preference set from steps 1 and 2 will be used and used as the new PGPprefs.xml file. If PGPprefs.xml is valid, the preference set from steps 1 and 2 is discarded. Note that for an installation which already has a valid PGPprefs.xml file, adding a PGPdefault.xml file will not change the operation of PGP in any way.

Alternate Default Prefs File Name and Location

PGP Desktop looks for a file named PGPdefault.xml in the CSIDL_COMMON_APPDATA folder for PGP Desktop. On old Windows versions this maps to

C:\Documents and Settings\All Users\Application Data\PGP Corporation\PGP\PGPdefault.xml

On MS Windows 10 and 11 this maps to

C:\ProgramData\PGP Corporation\PGP\PGPdefault.xml

Alternate Default Prefs File Format

The PGPdefault.xml file should be formatted as a valid PGP prefs file. That is, it should be in the same format as the PGPprefs.xml file. The file can contain as many or as few actual preferences as desired. For the intended purpose of replacing the default local email policies, the file should look like this:

<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//PGP Corporation//DTD PLIST 1.0//EN" "http://www.pgp.com/DTDs/PGPPropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>userMessagingPolicies</key> <array> <dict> <key>uIdentifier</key> <integer>-1</integer> ... ... </dict> <dict> <key>uIdentifier</key> <integer>-2</integer> ... ... </dict> </array> </dict> </plist>

Additional Notes:

1) The Alternate Default Prefs File will be used in the same way in both managed and un-managed installations of PGP Desktop.
2) While the intended purpose of this feature is to allow pre-configuration of local email policies, the code treats all prefs in the PGPdefault.xml file as valid. Thus this feature can be used to change the default value of any preference found in the PGPprefs.xml file.