Video Screencast Help

how to upgrade individual computer(s) with PGP desktop 10.0.1 WDE to be controlled by a newly installed PGP universal server 3.2.

Created: 13 Dec 2012 | 6 comments

Hello, I need immediate help on how to upgrade individual computer(s) with windows version PGP desktop 10.0.1 WDE to be controlled by a newly installed PGP universal server 3.2.  

My office has about 20 individual computers with windows 7 pro and PGP desktop 10.0.1, all WDE, and now we would like to deploy a PGP universal server 3.2. in the office and have centralized control of the whole office’s PGP policies etc.  Do we need to first decrypt all of the 20 computers’ HDDs, reinstall PGP desktop on each computer, and re-encrypt all HDDs with the PGP universal server 3.2.?  Or there is a better method to deploy the PGP universal server 3.2 with less trouble?

Please advise the best method.  Many thanks. 

Comments 6 CommentsJump to latest comment

Brian_Ch's picture

Here is a KB article on how to change a stand-alone client to a managed client. Let me know if you have an issues with following these steps. You should not have to decrypt all the machines.

Brian_Ch's picture

I would recommend upgrading the Desktop client once it is managed by the server. You can do this by checking the auto-update feature in the Consumer Policy or push the MSI installer collected from the Universal Server through Client managment software.

panbox's picture

How about if we need to reinstall these 20 computers' windows OS?  Do we need to decrpt the PGP WDE first and re-encrypt HDDs after reinstalled the new windows OS please?  Also, we need to move these PGP desktop for Windows client to a new PGP Universal Server.  Please advise.  Many thanks. 

Brian_Ch's picture

Yes you need to decrypt and then install the OS and then re-encrypt. Never attempt a Windows OS installation on a PGP Encrypted drive. It will break the boot-loader. Then Encrypt the drive after the installation of the OS.

Mehmood's picture

What Brian advised is absolutely right, the steps in the article are easy to follow.

In this scenario the machines were encrypted proior to becoming managed clients.

If you have ADK in your server, the Disks/Files that were encrypted prior to becoming managed clients cannot be decrypted with ADK. You'll have to decrypt the disks & encrypt again once they are managed clients.