File Share Encryption

 View Only

  • 1.  After Upgrading Symantec PGP External Disk Requires Prompt

    Posted Apr 04, 2014 01:11 PM

    After installing Symantec PGP I encrypted both my internal and external hard drives using the same key.  When I start Windows and enter the key, Windows started and I had no problem accessing either my internal or external drive.  However, after upgrading Symantec PGP to a release 10.3.0 I noticed that once Windows was initialized it prompted me for the key for my external hard drive.  I typed in the same key I did at startup, and I immediately had access.

    I just changed my Windows password, and now my PGP password for my internal disk has changed, however my password/passphase for my external disk remaind my old password.  In addition I can't even change the passphrase since it tells me I must change it through Windows, which I did already and it didn't take.

    So two questions:  (1) How do I avoid needing to type in the password a second time for the external hard drive and (2) how do I get the passwords back in sync?



  • 2.  RE: After Upgrading Symantec PGP External Disk Requires Prompt

    Broadcom Employee
    Posted Apr 07, 2014 09:31 AM

    Hi GoneFishing,

    Please open a command prompt (CMD).
    Go to the installation folder of the product (probably "c:\Program Files (x86)\PGP Corporation\PGP Desktop") and type:
    pgpwde --enum

    (considering the external disk is listed as #1):
    pgpwde -d 1 --list-users


    Check the users for this disk.
    Probably the user for this disk is of type "key", if so, it means that you encrypted the user to the key in your keyring.


    Rgs,
    dcats



  • 3.  RE: After Upgrading Symantec PGP External Disk Requires Prompt

    Posted Apr 07, 2014 10:47 AM

    Thanks dcats, here is the output of the commands.  Some information was changed for privacy reasons:

    c:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --enum
Total number of installed fixed/removable storage
device (excluding floppy and CDROM): 2
Managed disks:
  Disk Group 11111111-2222-3333-4444-555555555555:
    Disk 0 has 1 online volumes:
      volume C:\ is on partition 1 with offset 2048
  Disk Group 66666666-7777-8888-9999-aaaaaaaaaaaa:
    Disk 1 has 1 online volumes:
      volume E:\ Segate Disk is on partition 1 with offset 2048
Request sent to Enumerate disks was successful
c:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde -d 1 --list-users
Total of 1 user:
  User  1: Name: myname Type: Symmetric domain: MYCOMPUTERNAME A: S
System Record Information:
      Disk UUID: 66666666-7777-8888-9999-aaaaaaaaaaaa
     Group UUID: 66666666-7777-8888-9999-aaaaaaaaaaaa
Attribute Information:
  S = SSO, O = Offloaded, L = Locked out, A = Anti Theft, M = Managed Admin
  LSR = Local Self Recovery Available
Request sent to List users on disk was successful

c:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde -d 0 --list-users
Total of 1 user:
  User  1: Name: myname Type: Symmetric A: S
System Record Information:
      Disk UUID: 11111111-2222-3333-4444-555555555555
     Group UUID: 11111111-2222-3333-4444-555555555555
Attribute Information:
  S = SSO, O = Offloaded, L = Locked out, A = Anti Theft, M = Managed Admin
  LSR = Local Self Recovery Available
Request sent to List users on disk was successful

c:\Program Files (x86)\PGP Corporation\PGP Desktop>

     



  • 4.  RE: After Upgrading Symantec PGP External Disk Requires Prompt

    Broadcom Employee
    Posted Apr 07, 2014 05:14 PM
    Hi GoneFishing, If I read it correctly, these disks have different users. I'm not sure why this happens, but your external disk is encrypted to a local account - the domain is your localhost (machine name) - while the internal disk is encrypted to the "real" domain. Is this right? Rgs, dcats


  • 5.  RE: After Upgrading Symantec PGP External Disk Requires Prompt

    Posted Apr 07, 2014 06:11 PM

    dcats,

    If I open Symantec Encryption Desktop, associated with my C drive I have a user of, well let's say: gfishing

    The user associated with my E drive however is COMPUTERNAME\gfishing

    If I try to change either the passphrase associated with either disk I get the message:
    Please use Windows to change the passphrase of an SSO user.

    Of course I changed the passphrase using Windows, however it only changed the one for the internal (C drive).

    Now if I hover over the user name associated with the C drive I see:

    Single Sign On User
    Domain:

    Nothing after Domanin, just blanks.

    If I hover over the user name associated with the E drive I see:

    Single Sign On User
    Domain: COMPUTERNAME\gfishing

    So I believe you are correct.

    Hope this helps.

    Thanks!



  • 6.  RE: After Upgrading Symantec PGP External Disk Requires Prompt

    Broadcom Employee
    Posted Apr 08, 2014 11:46 AM

    Hi GoneFishing,

    Is this machine part of a domain or standalone?
    The best option would be to decrypt both disks (first external and after internal) and encrypt them again.

    The steps below shouldn't have impact in the system, but I haven't tested thus I need to advise you to backup your data first.

    Are you able to add another user to the external disk via the GUI (while logged in with the user)? If so, try to add the user without domain (the one with blank domain).

    Probably you will be able to change the passphrase after logging out (without restart the machine) and logging again to the machine (not the domain), with something like: COMPUTERNAME\gfishing then with CTRL+ALT+DEL you should be able to change the passphrase.

     


    Rgs,
    dcats