Video Screencast Help

How to definition expires key group ad

Created: 23 Nov 2012 | 4 comments

Hi people,

Is possible definition expires key group AD?

The policy options in one year was placed, but the key is create with date never expires.

Comments 4 CommentsJump to latest comment

Brian_Ch's picture

The better question would be why do you want the group key to expire? This key works with AD security groups to authorize users that access netshare folders. If you don't want someone to get access to the folder anymore you should just remove them from the group that is bound to the key. Since the key works in SKM mode it is managed by the Universal Server. I would not try to set an expiration on this type of key.

Ronaldo.Santos's picture

I undestand this information, but my customer wants renew group keys. The product PGP Universal Server renew keys only the users.


bnilsson's picture

The group key is not part of the policy you set for the group, only for the "object" populated within it. The settings for a group key is specified elsewhere (I do not hold the exact answer to "where"). But, since the default setup for a Group key is as described from Brian_ch SKM mode, and as per your screenshot not expiring - perhaps the way you are trying to set this up is not the best way for the customer if the sole criteria is that the key is supposed to expire.

Brian_ch also explained the basic approach to how a Group key is supposed to be used, there's no alignment to that explanation and how you wish to use it.