Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

Unlock External PGP WDE Disk

Created: 05 Nov 2013 • Updated: 06 Nov 2013 | 3 comments
This issue has been solved. See solution.

I have a hard drive with WDE enabled. I removed the drive and hooked it up externally to another machine running the PGP Desktop software. As soon as I connect it, I get a message to unlock the disk. However, none of my passphrases work that were configured for that disk. I cannot seem to get this disk unlocked.

Operating Systems:

Comments 3 CommentsJump to latest comment

_Adam_'s picture

 

1) Did you try to use a WDRT on bootguard to unlock the drive ?

Using Whole Disk Recovery Tokens
http://www.symantec.com/docs/TECH149068

 

2) I am right thinking that the drive which you hooked up in externally to another machine is not a "removable external drive" - ? if this could be a case an "encrypted removable external drive" would not work on other machine as the session key is always saved locally on PGPWDE01 on local machine. Otherwords your drive would not be visible on the other machine (which from the post I guess it is not the case)

While having the drive hooked up externally can you run the following commands please and post the feedback:

Windows x64

C:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --enum

Windows x32

C:\Program Files\PGP Corporation\PGP Desktop>pgpwde --enum

with

C:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --status
C:\Program Files (x86)\PGP Corporation\PGP Desktop>pgpwde --list-users

 

It can be that the disk is locked if the policy was setup to locked out the disk after X failure attempts on bootguard.

Try also the below command:

C:\Program Files (x86)\PGP Corporation\PGP Desktop\pgpwde.exe --unlock --disk 1 --wdrt "WDRT HERE" or --ap "admin passphrase here"

 

 

 

if/when you consider your issue is resolved, please click "Mark As Solution" on a response

 

SOLUTION
spitty's picture

We are not using PGP Universal Server, so not sure if I can do the token method.

I was able to get it to work using the -ap switch you suggested. Once I did this, the drive showed up in WIndows Explorer as an unformatted disk. Then, I went into PGP DEsktop, and I was able to see the user list on the drive and change the passphrase for the admin account on the drive. Once I did this, I was able to unlock the disk though PGP Desktop and gain access to the filesystem.

Thanks for your help!

_Adam_'s picture

Thank you spitty, so if the issue is resolved - please "Mark as solution" as this will help others with the same issue as yours.

if/when you consider your issue is resolved, please click "Mark As Solution" on a response