Prevent Symantec Encryption Management Server from harvesting certificates from Active Directory and associating with users