I'm trying to enroll Active Directory users in to Universal Server and it's not going as well as I had hoped. So first off there are two ways to enroll, if I understand correctly.
1. Email
A user gets PGP Satellite installed, tries to send an email and gets automagically enrolled on the PGP server. Under this method an encryption key should be automatically generated for the user, emails encrypted and sent off. Awesome. I was for a while able to enroll a test user to the PGP server, though a key was never generated and messages never sent. Now I cannot even enroll the person. The user does not show up and the log just says that it's waiting on a pending message. I went in to the server and approved all pending items for all users and nothing changed.
2. Active Directory
The way I understand this is supposed to work is that users in Active Directory are somehow enrolled at some point to the PGP server. That's all I know about it. Following the instructions for Active Directory enrollment provides me with no users on the PGP server, though I can view sample data. I don't know if there's some point at which the PGP server will go through Active Directory and start pulling users over to the PGP server or what. The admin guide covers setting up AD enrollment, but says nothing about how or when users are carried across.
So with what I currently know listed, let me explain what I'm trying to do. What I'd like to see is all of my ~150 or so users automatically created on the PGP server and keys generated. Is this unrealistic? Am I doomed to visit each user's desk?