After upgrading a whole disk encrypted PGP Desktop standalone computer to a PGP Universal Server managed environment, when you enroll the client, the Single Sign-On feature fails to log into Windows.

 

PGP WDE Single Sign-On utilizes one of the methods Microsoft Windows provides for customizing the Windows login experience. PGP WDE uses your configured authentication information to dynamically create specific registry entries when you attempt to log in.

This issue occurs when a standalone PGP Desktop client is PGP Whole Disk Encrypted to a passphrase user account and then upgraded to a managed environment which includes the Single Sign-On (SSO) feature as part of its policy. When the passphrase user and Single Sign-On user have the same account name the SSO feature will fail.

 

Workaround

Before upgrading the PGP Desktop client to a PGP Universal Server managed environment, add another passphrase user to the disk and then delete the user account for the user who will enroll with the PGP Universal Server.