The Last Use date in the internal user record is updated when a user whose machine is running Encryption Desktop drive encryption synchronizes with Encryption Management Server:
- The Encryption Desktop log contains entries like this:
14:42:51 PGP Info Beginning synchronization with configuration server keys.example.com
14:42:52 PGP Info Completed synchronization with configuration server keys.example.com
- The Encryption Management Server Client log contains an entry like this:
CLIENT-00000: authenticated internal Encryption Desktop 10.4.2.503 user user1 from [10.0.0.100] Thu 13 Jun, 2019 at 14:42:51 +01:00
- The Last Use date in the internal user record appears like this:
Last Use: 13/06/2019
The Last Use date in the internal user record is also updated if the user:
- Sends an email message which is processed by Encryption Management Server operating as an email encryption gateway. In this scenario, the user does not have Encryption Desktop installed. Note that the email message does not need to be encrypted and/or signed by Encryption Management Server for the Last Use date to be updated.
- Does a key search with Encryption Desktop on Encryption Management Server. Such key searches occur frequently when messages are encrypted or decrypted with Encryption Desktop.
The Last Use date in the internal user record is not updated:
- If the user is listed as a drive encryption user in Encryption Desktop but is not logged into Windows. This will be the case if a machine has multiple user accounts registered for drive encryption. The Last Use date is updated only for the user who is logged into Windows with PGP Tray running.
- If Encryption Management Server processes an Inbound email message addressed to the user. Only Outbound messages cause the Last Use date to be updated.
Therefore, if the user record of a user who has left the organization some time ago has a recent Last Use date, it means that either:
- Another user has logged on to Windows as them and PGP Tray has started.
- Encryption Management Server has processed an outbound email message sent from their email address.