search cancel

Prevent Org Keys from being deleted from Symantec Encryption Desktop in managed environments and enforce validity

book

Article ID: 216117

calendar_today

Updated On:

Products

Encryption Desktop Corporate Powered by PGP Technology Encryption Desktop Powered by PGP Technology Encryption Desktop Professional Powered by PGP Technology Encryption Desktop Storage Powered by PGP Technology Encryption Management Server Encryption Management Server Powered by PGP Technology

Issue/Introduction

Symantec Encryption Management Server has the ability to manage individual keys and the top-level key is the Organization Key.

It is possible to delete this key, and during the next policy synchronization interval, the key will reappear, but will not be signed. 

Resolution

Signing happens only during enrollment.  Re-enrolling the user will resign, but it's just as easy to right-click the key and sign.

A product improvement request has been submitted to prevent the deletion of the org key or if it is, resync in a validated state automatically.

Check back in future releases of the software or this article for updates to this request.  If you would like to follow up with us directly, please log a support case and and provide this KB ID we will be happy to assist.

Additional Information

EPG-22867