The problem will be if they don't remember the passphrase they set for the key. If they do remember, changing the key mode to SKM only will prompt them to enter the passphrase, then switch the key mode.
If they don't know the passphrase, you will need to delete the GKM keys from the client and the server, then re-enroll the users. You also need to make sure the client doesn't check in during this process, or the keys might get uploaded to the server again.
I usually use a batch script to delete the keyrings and re-enroll the user. An example of a script to do this is:
@echo off
TASKKILL /F /IM PGPtray.exe
del "%appdata%\PGP Corporation\PGP\*.xml"
del "documents\PGP\*.pkr"
del "documents\PGP\*.skr"
if exist "c:\program files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe" start "" "c:\program files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe"
if exist "c:\program files\PGP Corporation\PGP Desktop\PGPtray.exe" start "" "c:\program files\PGP Corporation\PGP Desktop\PGPtray.exe"
Should work on 32- or 64-bit systems, provided the keyrings are in the default locations. Basically, delete the key from the server for that user, then run this script on that user's system.