Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

PGP Encryption Desktop - Multiple users unable to login

Created: 10 Dec 2013 | 5 comments

Im running PGP encryption desktop 10.3 with PGP Universal Server Version 3.3

 

The issue I'm having is with multiple users on a single workstation. If both user A and user B go through enrollment successfully. If User A is logged in and shuts down the workstation and User B boots the workstation - the PGP boot screen will not accept User B's passphrase to boot windows. Only User A can use his passphrase to boot the system or use the administrator passphrase. Has anyone seen this issue before?

 

Thanks.

Operating Systems:

Comments 5 CommentsJump to latest comment

KS Choi's picture

Hello, open Symantec Encryption Desktop and add new Passphrase User for user B.

Thanks and regards,

Alex_CST's picture

You need to change the options of the policy to allow to change username in preboot.  This is done inside the Consumer Policy for WDE

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

KS Choi's picture

Hello Alex, excuse me. Where is the option?

Thanks and regards,

Anthony_Betow's picture

Make sure that both users are on the access list for the PGP disk.  Whoever is on this list the user can use there passphrase that was created to get past bootguard. 

To change the username detail, this is done under the Drive encryption section for Detailed Authenication which this will require the Username and password plus Domain but can be saved under policy.

This is about 3/4 down the page in the Drive encryption section of policy.

Simple Authenication is easier because it will only require your password and this will be verifed against the users on the access list for the PGP disk.

If User B is not on the list then the user will not get past Bootguard. 

 

jdrawert's picture

You shouldnt have to enter in a username though if you are enrolled on a machine correct? If each user is authorized on the machine the PGP bootguard should accept any registered passphrase for a user that has been enrolled on that particular machine?