Video Screencast Help

Deploy PGP Desktop and enroll completely silent

Created: 20 Jul 2011 | 6 comments
Lucas Botelho's picture
I´m wondering if it is possible to deploy the pgp desktop completely silent to the user even the enrollment that prompt to the user the login and password screen to enroll with directory authentication.
I have already set the enable silent enrollment checkbox but the instalation precess isn´t invisible to the user. There is any way to create a transform file (.mst) to pre set the enrollment configurations?

Comments 6 CommentsJump to latest comment

Andreas Zengel's picture


please have a look at the knowledge base.

You can install PGP Desktop with
msiexec /i C:\pgpdesktop.msi  PGP_INSTALL_DISABLESSOENROLL=0

Lucas Botelho's picture


I tried this command but when i disable the enrollment the encryption doesn´t start automaticaly. The problem is tha i want to enroll i just don´t want to show any screen, because when i restart the machine and after enter with my credentials on windows log on a enroll screen appears asking for the login and password. There is some way to enroll automaticaly when I enter with my login and password on the windows log on?

jwardell's picture

requires enrollment using LDAP. The option for this can be found in the Directory Sync Settings box (theres a checkbox "Enroll clients using directory auth". The enable silent enrollment tick box (next to the FIPs checkbox) in the settings also needs checking. This will create Windows single sign on users. The users will have a keypair that has their windows password as the passphrase. The MSI switch still needs applying to make sure it is completely silent.

DTek's picture

I'm wondering if this worked as I'd like to deploy in the same exact manner.  Additionally, the URL posted is no longer valid?   Many thanks!

Tom Mc's picture

Try this URL

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

DTek's picture

That works perfect!   If I may confirm, this will not generate the login prompt for the staff to submit their NT logins once they have restarted their workstation (post installation); to be able to enroll into the universal server?  It will automatically enroll them without their interaction?    Thanks again!