How to Retrieve a Whole Disk Recovery Token from the Symantec Encryption Management Server


Article ID: 156178


Updated On:


Drive Encryption Encryption Management Server


If an Encryption Desktop or PGP Desktop user forgets their passphrase and does not have Local Self Recovery (LSR) enabled, they will need to obtain a Whole Disk Recovery Token (WDRT) from a server administrator.

If the WDRT cannot be found in the server's administrative interface, it is possible to work with Symantec Support to explore other options.




To search for the WDRT in the SEMS User Interface, do the following:

  1. On the client computer, with the PGP BootGuard screen displayed, ask the user to go to the Advanced screen.
    1. Press the TAB key.
    2. Press the cursor down key to select Advanced.
    3. Press the Enter key.
  2. The Advanced screen shows the boot partition selected by default.  There are 2 fields displayed:
    1. Computer
    2. Computer ID
  3. Have the user write down the Computer ID as well as the UUID value for the disk in question when contacting support for a possible cross-reference when looking the user up in the UI to confirm the proper machine or device is being used.

    NOTE: If the Symantec Encryption Management Server Administrative Interface is not displaying the recovery token for some reason, please contact Symantec Support for further assistance.