File Share Encryption

Hello,

last weekend my pgp encrypted SSD system drive crashed with a bluescreen.

Afterwards I was no longer able to boot into windows.

I have a different laptop now and am trying to decrypt the crashed drive to retrieve my data.

I can see the drive in the encryption desktop software and it is displayed as encrypted.

If I try to decrypt it however, after entering the correct passphrase I get the 12198 error.

We are using Symantec Encryption Desktop 10.3.0 MP1, the same version the drive was initially encrypted with.

The drive itself seems not to be defective, S.M.A.R.T. displays the disk's health status as fine.

Is there anything else I can try to retrieve the data?

Cheers

Thomas

Hi Thomas,

Are you using a managed Symantec Encryption Desktop? I.e. connected to a Symantec Encryption Management Server?
If so, probably you don't have permissions to decrypt the drive or the policy was stored in the disk. You need to check the Consumer Policy configuration for Disk Encryption.

HTH,
dcats

Check the policy on the server under Consumers, Consumer policy, select your policy if custom or go to default. Click on Desktop and go to the Drive Encryption tab. 

If the User configuration doesn't allow the decryption of drives then the WDE Admin can decrypt the drive if this was enabled. 

A WDRT Recovery Token will work because these are enabled by default unless the box was un-checked.

If the WDE Admin was enabled then slave the drive to another computer with PGP and use the Passphrase for the WDE Admin to start decryption.

Also, if you have an ADK key then this will work for decryption also while slaving the drive to another machine with PGP.  It must be the ADK key that is used in your environment.

Thanks,

Anthony