File Share Encryption

We are using PGP WDE with PGP Universal Server 3.2MP3 and created our policies so that user-initiated processes, such as user-initiated encryption or decryption, are not allowed. BUT, as soon as the automatic encryption starts after the first enrollment, the end-user can pause the encryption process. We are using SCKM, but also tried the SKM, where the keys are stored only in the Universal Server.

What should be our approach to prevent users to pause the automatic encryption process?

this is a known bug (in PGP Desktop GUI) and its still being worked by our Developement team.

Incident Number: 2586361

Hi All,

My name is Jitendra from india and we are using PGP Universal server 3.2 in our company in India. We have created a policy and download the client installer and implemented on Laptop. Now the problem is that while encrypting the drive it stopped itself on 96%. now we are not able to access the drive anymore. we have also tried with PGP recovery but still drive is not decrypted and not accessebale. we have already looged a case (Case ID-416-266-699), but we dii not recieved any responce/solution from symantec.

I am requesting to you guys please help us to resolve this issue as we have very very critical data on the drive.

Thanks,

Jitendra Kumar

+919910164884

try c:\program files\pgp corporation\pgp desktop

pgpwde --resume --disk 0 -p PASSWORD

Hi Julian_M,

Actualy we have run WDE recovery through the recovery ISO image and the result is that C:\ Partition decrypted successfully but D:\ still not decrypted and also not acceessible anymore. So how can i recover the the Second partition i.e. D:\.

Is this cammand can help after doing all the above activity.

I suggest trying to authenticate and decrypt drive using command line

http://www.symantec.com/business/support/index?page=answerlink&url=http%3A%2F%2Fwww.symantec.com%2Fbusiness%2Fsupport%2Findex%3Fpage%3Dcontent%26id%3DDOC3604%26actp%3Dsearch%26viewlocale%3Den_US&answerid=16777216&searchid=1328197478367

I have already tried but it displaying an error while running any command as below.

"C:\Program Files (x86)\PGP Corporation\PGPDesktop>pgpwde --help
Operation [Unknown] failed:
Error code -12450: administrative preferences file not found

and when i am trying to open the partition it showing me below error.

"D:\ Disk is not accessible

The volume does not contain a recognize file system, please make sure that all require file system driver are loaded and that the Volume is not currpted.

please help me....?????

"D:\ Disk is not accessible since drive is encrypted so is not readeable by windows , needs to be decrypted. or authorized by PGP so you can read.

Error code -12450: administrative preferences file not found

%appdata%\PGP Corporation\PGP folder does not exists. Policy and preferences are stored there.

You will have to enroll PGP Desktop client again.

I have enroll the system again and running the below command but still no success...

C:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --disk 0 --partition 4
--force --decrypt --passphrase ********
Operation start decrypt disk failed:
Error code -11973: resources unavailable

C:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --disk 0 --partition 0
--force --decrypt --passphrase *******

Operation start decrypt disk failed:
Error code -11973: resources unavailable

I run Diskpart on the system and below is the partition status.

Microsoft DiskPart version 6.1.7600
Copyright (C) 1999-2008 Microsoft Corporation.
On computer:

DISKPART> list disk

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          298 GB  1024 KB

DISKPART> select disk 0

Disk 0 is now the selected disk.

DISKPART> list partition

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery          1500 MB  1024 KB
  Partition 2    Primary            150 GB  1501 MB
  Partition 0    Extended           136 GB   152 GB
  Partition 4    Logical            136 GB   152 GB
  Partition 3    Primary              9 GB   288 GB

DISKPART>

Please help ...?

In spite of the fact that your question is totally irrelevant to my issue, I would like to help you.

What does pgpwde --enum says?

check what filesystem are those partitions.

if encrypted, it should be raw data.

run --enum has Oben suggested

Hi All,

Please see we have run tyhe Enum command and status command , please check and help me to recover the data.

OK. Now try

pgpwde --decrypt --disk 0 --all --passphrase PASSWORD

where PASSWORD is the passphrase of the authenticated user.

hi All i need help from you guys,

i deleted my one Machine from WDE Computer, from PGP universal Server console, how can i recover it. please help me its very urgent...

1. In universal: delete disk device associated to that computer.
2. Some tips to identify: The user who had permissions over the WDE computer you deleted, also has permissions over this disk.
3. Close PGP application, services and kill processes if necesary.
4.  
5. Delete %appdata%\PGP Corporation folder
6. Start PGP
7. Enroll the user to server again

That´s it :)

can you provide update?  did this work ,? if so, please mark as solution

Hi Julian,

Do you know when will the patch for the bug related to pausing the encryption be out? We could not see it in MP4.

Thanks,

Oben

MP5 is reported to be released later this month.  Will this fix be included in this version?  We continually struggle with users pausing the encryption process and causing security/compliance issues.  I was unaware they should not be allowed by the policy until I read this thread.

Jonathan and Oben,

To confirm, this problem occurs when you have decryption disallowed on internal disks in your consumer policy? (see screenshot attached).

Yes, this is already the expected behavior on mac some customers have reported this as a "bug" since they cannot choose to decrypt or pause encryption once decryption is disallowed. But if that is not consistent on windows then we should probably have this feature evauluated and tested again.

Hi Ben,

Yes, this is the case in our end. We have also disabled the user-initiated encryption and user management.

We have tested the case on Windows machines. Even the user management, user-initiated encryption AND decryption are not checked, non-wde-admin users can pause the encryption. We do not want that! :)