BUG REPORT: SED failing to add user to second hard drive when using WDE Administrator passphrase

book

Article ID: 158533

calendar_today

Updated On:

Products

Encryption Management Server

Issue/Introduction

When using Symantec Encrypting Desktop (formerly PGP Encryption Desktop) in managed environment with policy which specify WDE Administrator passphrase and deny user management, encryption and decryption on internal and external disk, you unable to add new WDE user to non primary hard drive with pgpwde utility.

Error code -12198: Not permitted by your Administrator

Resolution

Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product.  Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.

The following is a known temporary workaround for the issue until the version/maintenance pack is released:

This issue can be temporarily resolved by one of the following:

  • Use user enrolled with policy which allows WDE user management so WDE Administrator passphrase is no longer required
  • Encrypt the disk 1 using GUI prior execution of operations with WDE Admin passphrase with pgpwde command line