Hello,
Here is the layout of the steps.
1. Create your security group in Active Directory
2. Create your shared folder and add the security group with at least modify permissions with the clients.
3. SEMS server must have Directory Synchronization setup to query your Active directory. Make sure your users are enrolled with the server. (Assuming Policy and server settings are all setup)
4. On the Server Go to Keys, Managed Keys, and scroll to the bottom of the page. Generate AD group key tab should be there.
5. Once you click on it an Ldap window opens and you can scroll through your Active Directory to find the security group that you created. Check the box and follow the prompts. Once the key is made the group is automatically created under Consumers, Groups. The next step is to apply the policy to the group which most people just use the Default.
6. On the Desktop side, There needs to be an Admin for the Fileshare. Who this person maybe, PGP Desktop would need to be opened and go to the File share Tab. Browse to the Folder for the File share and add it. Next the Admin would click Add User and put his\her key pair (this includes both keys and only the admin does this) Click Apply. After the Key is Applied then Add User again and there is an option at the top to search the server for the Group Key. Put in the Group name in the search and the key should come up, highlight and Add. Click OK and then Click Apply. Everyone in the group will have access to the fileshare and the Admin controls the Access.
7. If you wanted to add another user to the file share then all you have to do is add them to the security group in AD and enroll with the PGP server and PGP will create a Public key for the user and be added to the group key with the Group. (The Private key for the Group is always stored on the server.)
Thanks
Anthony