When attempting to enroll with the PGP Universal Server using LDAP Directory Synchronization, you receive the following error:
Your credentials were not accepted. Please try again.
Enrollment is the binding of a computer with PGP client software installed to a PGP Universal Server. After a client is bound it receives feature policy information from the PGP Universal Server.
LDAP directory enrollment allows you to enroll clients using directory authentication. LDAP enrollment requires certain attributes in the directory to bind the client to the PGP Universal Server.
This issue can occur when a user account has logon restrictions in Active Directory and their logon is limited to (a) specific computer(s). Therefore, when the user attempts to enroll the LDAP Directory Synchronization fails due to the PGP Universal Server being unable to authenticate the users credentials with Active Directory.
Ensure that you add the LDAP server(s) configured under “Consumers > Directory Synchronization” menu on Symantec Encryption Management Server to the “log on to” list for the user account in Active Directory under the user account properties.