Video Screencast Help

Moving users from WDE group to PGP Desktop group

Created: 24 Jun 2011 | 1 comment

We're trying to move some of our clients (v10) from the WDE group to the PGP Desktop group on the Universal Server (v2.12) to enable them to use dekstop functionality, but haven't been able to get through it successfully (we restarted PGP services on the clients and rebooted the PCs too). The client/server seems to regard this change as a new user enrollment and tries to recreate their key and block e-mails.  Is there any other setting that needs to be changed while doing the move?

Comments 1 CommentJump to latest comment

JRMQ's picture

We don't change user accesses within the Universal Server itself, but from an external directory that is linked to the Universal Server.  That being said, you can try the following steps, which work for us on v. 2.9 / 9.9 with the majority of our users in GKM mode. 

Caveat:  PGP is not in our mailstream. 

Caveat 2: If you are removing these users from WDE completely, I might tend to decrypt the device first before changing the policy or performing the steps below.

On each desktop where the client is installed:

1.  Stop PGPTray.exe.

2.  Delete Pgpprefs.xml from the user's APPDATA\PGP Corporation\ PGP folder.

3.  Launch PGPDesktop from Start.  Respond 'yes' to any prompt regarding 'starting services'.

4.  The user will be prompted to re-enroll, but his or her old key should be identified and left viable on the server. 

5.  After enrollment, the new policy should take effect but the old keys should remain.

Good Luck!