File Share Encryption

 View Only

  • 1.  PGP WDE for Mac 10.2 MP3 OSX 10.7.2

    Posted Dec 21, 2011 06:38 PM

    Hi,

    We have just done fresh PGP client installs on several newly imaged Macs. The users can authenticate to the universal server OK. We are not getting a boot gaurd screen but a pgpscreen that asks for user ID and passphrase. It will not accept a the users user ID or passphrase. I have been going to a different screen and entring a recovery token. Have others experienced this? What is causing this?

    Thanks,

    NW



  • 2.  RE: PGP WDE for Mac 10.2 MP3 OSX 10.7.2

    Posted Dec 22, 2011 10:40 AM

     

    Is this at boot time or when OS loads?

    Have you cloned systems?

    When user encrypts the disk, they are asked to use OS passphrase or custom passphrase, so they should know which password to use.

    Just to make sure pgp is refreshed, please do an Upgrade policy.



  • 3.  RE: PGP WDE for Mac 10.2 MP3 OSX 10.7.2

    Posted Jan 23, 2012 12:18 PM

    I've just upgraded my laptop (10.7.2) and our Universal Server (3.2 MP3).  I tried authenticating to laptop at the pre-boot screen using my short account name and password like I have always done, but I got an authentication error.   It wasn't until I used my full account name (first and last) that I was able to authenticate. 

    I am going to investigate the various options in my Consumer Policy to see if it has any effect on my authentication name.  For reference, It is currently set to the following:

     

    WDE BootGuard Customization

    These settings will be applied to custom PGP Desktop clients generated on the Download PGP Clients screen.
     


  • 4.  RE: PGP WDE for Mac 10.2 MP3 OSX 10.7.2

    Posted Jan 24, 2012 01:33 PM

    Hi,

    This is a known issue. PGP Desktop 10.2 and PGP Universal Server 3.2 now use Detailed bootguard authentication on the mac. There is a problem where the username field requires your display name on the mac rather than your short name (usually maps to CN or SAMAccountName in LDAP).

    As an example, let's say you have a user called Joe Schmidt and his username that he logs in to the mac with AD on is jschmidt. But his display name in Active Directory is Joe Schmidt.

    After installing PGP Desktop 10.2 and encrypting the disk. You will be prompted with the new bootguard screen asking for a username and a password. For the username, you will need to put in:

    Joe Schmidt

    Not Jschmidt. I realize that this is a major inconvenience and they are working to resolve this problem in a future update. But please be aware of this change in the meantime.

    As a workaround, you can always use simple bootguard authentication (legacy) which will change the behavior of bootguard to work the same as it has in previous versions where it only asks for the users passphrase.