File Share Encryption

 View Only

  • 1.  PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 10, 2011 12:28 PM

    Hi All,

    FYI (domain names are just an example, not the actual domain names)

    So before I began with the issue, I'm going to give you the layout of what I have right now.

    1) contoso.com domain(10.139.22.2) + ldap service account (for authentication)

    - All the users inside that domain work fine, they can authenticate and everything.

    2) macro.com domain (10.148.10.25) + ldap service account (For authentication)

    - Added it to the PGP Universal Server

    - Connection to LDAP - Success

    - But the problem is when a user from macro.com domain tries to authenticate, he is unable to. And if I use an account from contoso.com on there computer it works fine and the HD start encrypting.

    ** I checked the Base DN and the right ldap path** like I said when I click on test connection it's fine - it says success.

    Errors - 

    CLIENT-00103: client request <AuthenticateInternalPassphrase> returning fault -11286 (authorization failed for this operation) Wed Nov 9, 2011 at 11:48:59 AM -05:00
     CLIENT-00103: failed authentication for internal PGP Desktop 10.1.2.9 user macro\user from [10.148.10.25] Wed Nov 9, 2011 at 11:48:59 AM -05:00
    CLIENT-00103: ldap operation result: -7, Bad search filter

    Any reason why is this happening ?

    Thanks.



  • 2.  RE: PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 10, 2011 05:03 PM

    Check if your license has enought seats, in the system tab.

    Base DN might be wrong. Set this to the root of the domain.

    Match users to specific universal policy.



  • 3.  RE: PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 11, 2011 09:22 AM

     

    Hi Julian,

    Thanks for the reply. the issue was in Base DN, and actually it needed to be pionted to the child domain in the other server. Now it's working.



  • 4.  RE: PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 11, 2011 09:34 AM

    Nice!

    Regards



  • 5.  RE: PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 11, 2011 12:15 PM
      |   view attached

    Hey Julian,

    Sorry but I tried another user from that domain and it didnt work :(.

    You mentioned something about groups, what was it ?

    And what do I put in the boxes ... see attached pic



  • 6.  RE: PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 11, 2011 12:20 PM

    Select "if any of the followin applies" , attribute mail and value *@yourdomain.whatever

    you can match to any LDAP attribute. I suggest seeking some information about this, or talk to your Domain administrator



  • 7.  RE: PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 11, 2011 01:31 PM

    Not working, users from the other domain cant authenticate.

    Same issue as before.

    Thanks



  • 8.  RE: PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 11, 2011 02:28 PM

    Please, don´t hesitate to create a new case to symantec support, since it´s  very difficult to troubleshoot by forum.

    You can take a look at our Knoledge Base as well, you will find interesting articles about this topic.

    http://www.symantec.com/business/support/index?page=home



  • 9.  RE: PGP WDE 10.1.2.9 - Unable to authenticate to a domain (PGP Enrollment)

    Posted Nov 16, 2011 12:40 PM

    Hi Julian, I don't know but I added a secondary Base DN name and it works. Im going to try multiple user to confirm and see.

     

    Thanks.