ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Error using PGP Netshare Commandline --verify

book

Article ID: 161113

calendar_today

Updated On:

Products

Encryption Management Server

Issue/Introduction

 When using PGP Netshare Commandline --verify you may encounter an error. 

Error: A file or folder is not encrypted

Cause

PGPnetshare.exe --verify command is designed to verify whether all files inside a specific encrypted folder are encrypted to the proper key and access list. This process first checks for the PGPFS.INI file inside the folder you have specified. If PGPnetshare.exe can't find the PGPFS.INI file inside the specified path. Then the command will generate the following error "Error: A file or folder is not encrypted". If this error is encountered, check that the root directory the --verify command is being performed on, was actually encrypted. 

When the root folder is encrypted, then it has a reference to the User Access List i.e., PGPkeys the share was encrypted to. For example, a root folder may be encrypted to Alice, Bob, and Chuck, however a subfolder below it may have ended up having a different list of users, such as Eric, Doug, and Frank. Symantec File Share will do a compare of the two, and if they are different, it will report accordingly and attempt to correct the situation, such that the encrypted root folder, and the encrypted subfolder, all have the same User Access List, or set of Keys. 

If the root folder is "not encrypted", there is no reference to which it can compare other subfolders or files to, and thus the command will finish with an error stating "Error: A file or folder is not encrypted at all".

 

Resolution

 Using PGP Netshare Commandline you can first run PGPnetshare.exe --list. This command will list all the folders that are protected by Symantec File Share Encryption. Then run the --verify command using the path of the listed folders that are protected by the Symantec File Share Encryption.

 

Note: Symantec File Share Encryption has an advanced option that lets you protect individual files that are not in a Symantec File Share Protected Folder. This option is disabled by default. If you want to run the --verify command using this option. Then you need to specify each of the files that are individually protected in the path for the --verify command. 

 

 


Applies To

Windows OS

PGP Netshare Commandline 

Symantec File Share Encryption