Bug Report: New install of Symantec Encryption Desktop on Mac OS X does not overwrite machine.uuid with appropriate value if old value already exists

Article:TECH202298  |  Created: 2013-01-31  |  Updated: 2013-01-31  |  Article URL http://www.symantec.com/docs/TECH202298
Article Type
Technical Solution


When Symantec Encryption Desktop is installed on Mac OS X if there is an existing machine.uuid file located at /Users/[userprofile]/Shared/PGP a new machine.uuid will not be created.  If this is the same machine, this is not an issue, but if the file was put on a new machine (via the back up of a user profile), then it causes duplicate machine UUID values on Symantec Encryption Management Server (SEMS).

Not removing this machine.uuid file prior to installing, if this was restored from an old machine, could cause integrity issues with Whole Disk Recovery Tokens and may not work for the two devices that are now associated to this machine.uuid value on SEMS.



The file machine.uuid from /Users/[userprofile]/Shared/PGP is not overwritten during a new install if the file already exists.  The old value is used, even if it's not valid, in the case of a new machine.



Symantec Corporation is committed to product quality and satisfied customers.  This issue is currently being considered by Symantec Corporation to be addressed in a forthcoming version or Maintenance Pack of the product.  Please be sure to refer back to this document periodically as any changes to the status of the issue will be reflected here.




To prevent this from occurring:

Delete the machine.uuid file from /Users/[userprofile]/Shared/PGP before installing Symantec Encryption Desktop and is a necessary step to ensure unique Whole Disk Recovery Tokens for applicable devices.


To fix this on a machine that has already been encrypted and the duplicate machine UUID value was already sent to SEMS, follow these steps:

1. Decrypt the drives associated to the machine.uuid value for all systems affected.
2. Uninstall Symantec Encryption Desktop for all systems affected.
3. Delete the machine.uuid file from /Users/[userprofile]/Shared/PGP from all systems affected.
4. On SEMS, the devices associated with this machine.uuid value must be removed to prevent confusion and any further integrity issues with the Whole Disk Recovery tokens.
5. Reinstall Symantec Encryption Desktop and encrypt the drive.


Supplemental Materials


Article URL http://www.symantec.com/docs/TECH202298

Terms of use for this information are found in Legal Notices