Users cannot enroll and periodic regrouping fails if the Active Directory server used by Encryption Management Server is unavailable