WDE-ADMIN Account Cannot Log in to Multiple Domains
Article ID: 153430
Updated On:
Products
Symantec Products
Issue/Introduction
When attempting to login using an account in the WDE-ADMIN group for multiple domains, the WDE-ADMIN account cannot perform any pgpwde command line commands.
Resolution
This can occur when the WDE-ADMIN group of multiple domains is not a member of a Universal Group. The WDE-ADMIN group must be Universal Group to login to multiple domains in a forest. For more information on Active Directory Groups and their scope, click here for a Microsoft TechNet article.
Creating an WDE-ADMIN group account allows you to:
- Log in remotely to perform PGP WDE maintenance tasks (using the pgpwde command line).
- Use SMS or other tools to perform PGP WDE maintenance.
- Use pgpwde to perform Active Directory authentication to ensure only authorized administrators can access users' systems. (Note that the system must be connected to the network and Active Directory must be running.)
Feedback
Yes
No
Powered by
