When using Symantec Encrypting Desktop (formerly PGP Encryption Desktop) in managed environment with policy which specify WDE Administrator passphrase and deny user management, encryption and decryption on internal and external disk, you unable to add new WDE user to non primary hard drive with pgpwde utility.

Error code -12198: Not permitted by your Administrator

Symantec Corporation is committed to product quality and satisfied customers. This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product.  Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.

The following is a known temporary workaround for the issue until the version/maintenance pack is released:

This issue can be temporarily resolved by one of the following:

• Use user enrolled with policy which allows WDE user management so WDE Administrator passphrase is no longer required
• Encrypt the disk 1 using GUI prior execution of operations with WDE Admin passphrase with pgpwde command line