It is due to the key mode currently in use. Are the clients using any other encryption functionality other than Whole Disk Encryption? If not, you could delete the keys before the enrollment/migration process. I would recommend using SKM mode only, or the users will still be asked to create a password for the new keys, which is going to be the same type of hassle.
This is a sample script of how one might perform this whole process in a batch file. All testing or implementation of this type of script is to be done at your own risk. Scripting is outside of the scope of support for Symantec Technical Support personnel. PGPStamp64.reg and PGPStamp32.reg refers to a regedit file for the PGPStamp change (64-bit and 32-bit):
--------------------------------------------------------------------------------------------------------------------------------
@echo off
TASKKILL /F /IM PGPtray.exe
del "%appdata%\PGP Corporation\PGP\*.xml"
del "documents\PGP\*.pkr"
del "documents\PGP\*.skr"
if exist "c:\program files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe" start "" "\\Server\Share\PGPStamp64.reg"
if exist "c:\program files\PGP Corporation\PGP Desktop\PGPtray.exe" start "" "\\Server\Share\PGPStamp32.reg"
if exist "c:\program files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe" start "" "c:\program files (x86)\PGP Corporation\PGP Desktop\PGPtray.exe"
if exist "c:\program files\PGP Corporation\PGP Desktop\PGPtray.exe" start "" "c:\program files\PGP Corporation\PGP Desktop\PGPtray.exe"
--------------------------------------------------------------------------------------------------------------------------------
Below is a sample of the registry edit file PGPStamp.reg I mentioned for 32-bit:
--------------------------------------------------------------------------------------------------------------------------------
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\PGP Corporation\PGP]
"PGPSTAMP"="ovid=myserver.mydomain.com&mail=*&admin=1"
--------------------------------------------------------------------------------------------------------------------------------
Below is the same for 64-bit:
--------------------------------------------------------------------------------------------------------------------------------
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PGP Corporation\PGP]
"PGPSTAMP"="ovid=myserver.mydomain.com&mail=*&admin=1"