What is the expected behavior when enrolling to a PGP Universal Server and "Automatically encrypt Boot Disk at installation" is configured?
When PGP Whole Disk Encryption is used to automatically encrypt a drive, the username of the the currently logged-on user profile will be used for the WDE Username and the passphrase that will be used to authenticate at PGP BootGuard, will be that of the passphrase entered during enrollment.
For example, consider the following scenario: A user is logged on to the Linux or Mac OSX profile as JohnDoe, and the password used for enrollment is "passwordJohn" when the system is rebooted, one of two behaviors will be observed.
If Detailed Authentication is being used, the username of "JohnDoe" must be entered, and the passphrase of "passwordJohn" would be entered to authenticate PGP BootGuard Successfully.
If the Simple Authentication is used, then the passphrase of "passwordJohn" would be entered at PGP BootGuard to boot up the system.
PGP Whole Disk Encryption for Linux and Mac OSX does not support Single Sign-On and therefore this behavior is not critical. As long as the username and passphrase is used, the the system will then boot to the login screen.
Because Single Sign-On is only supported for the Windows operating system, no passphrase synchronizations will occur upon changing the user's password to the Linux or Mac user account. In order to synchronize the Linux or Mac password, this must be done manually.
PGP BootGuard—PGP Whole Disk Encryption’s pre-boot environment.