Problems enrolling a PGP Desktop client on 3.2 PGP Universal Server with preset policy group defined

Article:TECH174556  |  Created: 2011-11-16  |  Updated: 2012-04-13  |  Article URL http://www.symantec.com/docs/TECH174556
Article Type
Technical Solution


Issue



Upon upgrading your PGP Universal Server or downloading a PGP desktop client with the Preset Policy group setting defined. You may notice some of the following symptoms for clients when trying to enroll:

- PGP Desktop and PGP Tray will launch but there is no prompt for Enrollment

- PGP Desktop will open but only a few functions will be there

- Right-clicking on the PGP Tray icon and trying to Update Policy fails

- Uninstalling and reinstalling the product fails to resolve the problem

- Deleting everything under the %appdata%\PGP Corporation\PGP folder and forcing re-enrollment also doesn't resolve the problem


Error



You may see an error 11980 (unknown error) on the PGP Universal Server client logs

When enabling debugging mode on the PGP Desktop 10.2 MP2 client you may see something about the SOAPS connection failed


Environment



PGP Desktop 10.2 MP2

PGP Universal Server 3.2 MP2

Windows XP/Windows 7


Cause



It appears that something in the consumer policy could be getting corrupted on the server preventing clients from being able to enroll

This problem has been found to occur when using the "customize" option when downloading the client MSI installer and selecting a preset policy group for your client downloads on the PGP Universal Server


Solution



Workaround

Changes to be made to PGP Universal Server:

1) Login to the PGP Universal Server

2) Go to Consumers --> Consumer Policy

3) Click on the Policy that your users affected are enrolling under (typically the Default policy unless you have a custom one set)

4) Take screenshots or jot down the policy settings under each of the options here

WARNING: Step 5 includes a change to the PGP Universal Server which will revert all your client policy settings back to default. To do not click this button until you have made a note of all the policy settings that are configured under each section (General, Keys, PGP Desktop, PGP Universal Web Messenger).

5) Click on Restore To Factory Defaults

6) Go Consumers  --> Groups

7) Click on Download Client

8) Select your Platform and Language

9) Select the Customize option (if needed)

10) Make sure that you select Auto-detect Policy Group (we don't recommend forcing a preset policy group if you are using Directory Sync and LDAP enrollment)

Changes to be made on PGP Desktop client

Scenario 1:

If this is a fresh installation, the PGP Desktop client that was recently exported from the PGP Universal Server should install and allow you to enroll (after following the above steps for PGP Universal Server)

Scenario 2:

If this is an existing installation that won't enroll (or a re-installation of the client) you will need to:

 - exit PGP Tray

- delete the prefs.xml and policy.xml files from %appdata%\PGP Corporation\PGP folder

- delete the randomseed file from %allusersprofile%\PGP Corporation\PGP

- re-launch the PGP tray client




Article URL http://www.symantec.com/docs/TECH174556


Terms of use for this information are found in Legal Notices