Managed PGP Desktop 10.0.x Clients Fail to Open or Complete User Enrollment with 3.3.0 Symantec Encryption Management Server (previously PGP Universal Server)
|Article:TECH202543|||||Created: 2013-02-06|||||Updated: 2013-05-17|||||Article URL http://www.symantec.com/docs/TECH202543|
Symantec Encryption Management Server (previously PGP Universal Server) (SEMS) 3.3.0 has a modified license hash which is not accepted by 10.0.x and older PGP Desktop clients. If one of these PGP Desktop clients attempts to communicate with a version 3.3.0 Symantec Encryption Management Server (previously PGP Universal Server), the client goes into an unlicensed mode after the first policy update. If PGP tray is exited at this point, then PGP Desktop fails to start and displays errors about the missing license. If you attempt to clear the PGP Desktop preferences manually and try to re-enroll, the enrollment process halts before completion and the PGP tray process exits.
PGP Desktop version prior to version 10.1.0
Symantec Encryption Management Server (previously PGP Universal Server) 3.3.0 or 3.3.0 MP1
A hotfix (Symantec Encryption Server 3.3.0 MP1 Hotfix 1) is available to address this issue. Customers with older (10.0.x and before) clients are strongly advised to update to this hotfix before allowing any older clients to communicate to a Symantec Encryption Management Server (previously PGP Universal Server) version 3.3.0.
This hotfix is available by contacting Symantec Technical Support and requesting the hotfix.
Once the hotfix has been successfully applied to the SEMS, it is necessary to set the license to default and restart services for this fix to take effect. To do so, follow these steps:
1. Navigate to Consumers, Consumer Policy, and click on the Default Policy (and any other Consumer Policies that may be in use).
2. Click on the "Client Licensing..." button.
3. Click the "Use Default" button if it is available.
4. Next, Go to System, General, and click the button "Restart Services...".
Once the services have been restarted, the clients should then be able to download the correct license details.
NOTE: Although this hotfix addresses the issue mentioned, if a 10.0.x or older client has exited PGPtray while in this affected state, a re-enrollment of the client will be necessary as the client will cache the policy in this state and cannot "uncache" without a re-enrollment.
If a client has come into this affected state, but the PGPtray has remained running, a manual policy update will download the correct license details from the SEMS 3.3.0 MP1 HF1 (Build 9153) server.
Article URL http://www.symantec.com/docs/TECH202543