How to re-enroll Encryption Desktop for Windows Clients


Article ID: 180181


Updated On:


Drive Encryption Desktop Email Encryption File Share Encryption Encryption Management Server


Enrollment is the process of registering the client with Encryption Management Server. After a client is registered with the server, it receives policy updates from the server, updates logs to the server and can lookup PGP keys on the server.

If Encryption Desktop is not working correctly, sometimes the easiest solution is to re-enroll the client to Encryption Management Server. For example, if you right click on the PGP Tray applet from the notification area of the Windows taskbar, choose Update Policy and get an error, even though you are connected to the internal network, it may help to re-enroll the client.

This article covers Windows clients. For Mac clients please see article 155714.


Symantec Encryption Desktop 10.5 and above.


To re-enroll the Encryption Desktop client:

  1. Close Outlook if it is running.
  2. Right click the PGP Tray applet in the Windows taskbar notification area select Exit PGP Services. This will stop PGP Tray. If the Exit PGP Services option is missing, it means that the Encryption Management Server administrator has disabled it in policy. As an alternative you can open Task Manager and end task on any process beginning with PGP.
  3. Right click on the Windows start button, choose Run and enter %appdata% which will take you to the C:\Users\username\AppData\Roaming folder.
  4. Rename the PGP Corporation folder. For example, rename it PGP Corporation 1.
  5. Open Symantec Encryption Desktop. This will automatically start PGP Tray. Alternatively, open the folder "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp" and open  the shortcut called PGPtray.exe.
  6. The enrollment assistant will begin. You will be prompted for your Windows username and password.
  7. When prompted, you would normally select the option that you have existing keys and accept the default location of the keyring. However, if you have lost your key passphrase you can choose to create a new key.
  8. If re-enrolling does not solve your problem, you can roll back. Simply repeat steps 1 to 3 but at step 4, delete the newly created PGP Corporation folder and rename the old folder back to its original name. Then finish with step 5.