HOW TO: Re-enroll Symantec Encryption Desktop for Windows Clients

book

Article ID: 180181

calendar_today

Updated On:

Products

Drive Encryption Encryption Management Server

Issue/Introduction

 

Resolution

This article describes how to re-enroll Symantec Encryption Desktop (previously PGP Desktop) for Windows clients.

For information on how to re-enroll Symantec Encryption Desktop for Mac clients, please see the following document:

http://www.symantec.com/docs/TECH178358

Enrollment is the binding of a computer with Symantec Encryption Desktop client software to a Symantec Encryption Management Server (SEMS - formerly known as PGP Universal Server).  After a client is bound to the server, it receives feature policy information from the Symantec Encryption Management Server.

It is occasionally necessary to re-enroll a Symantec Encryption Desktop Client computer. Re-enrolling a client often assists in troubleshooting when enrollment fails with an error or when users are placed in the incorrect policy. There are a few different methods to attempt this, each with their own limitations and risks. Please make sure you understand the consequences of doing each step before you attempt it.

 

Note: If you are enrolling SED 10.3.2 clients, TLS 1.0 is required to be enabled or enrollment will not succeed.  SED 10.4 and above clients use TLS 1.2.

Some of the reasons for re-enrolling a client:

  • Enrollment fails
  • Enrollment succeeds but there are Symantec Encryption Desktop errors
  • Symantec Encryption Desktop settings during enrollment are incorrect
  • Symantec Drive Encryption (formerly known as PGP Whole Disk Encryption) did not start because of policy or attribute misconfiguration
  • If you are having a problem enrolling a client or if PGP Desktop is not acting as expected

 

To re-enroll a Symantec Encryption Desktop client:

  1. Click the Symantec Encryption Desktop Tray icon in your system tray and select Exit PGP Services.
  2. Navigate to %APPDATA%\PGP Corporation\PGP\ and delete the PGPPrefs.xml and PGPPolicy.xml files.

    This deletes the preferences file and allows you to start with new settings.
     
  3. Restart the services by clicking Start > All Programs > Startup > PGPtray

 

The Symantec Enrollment Assistant will start up and begin the re-enrollment process.

 

Powered by Wolken Software