File Share Encryption

We have some laptops that get PGP Desktop 10.x clients installed for WDE and will report they are fully encrypted from the PGPWDE --status command, yet they do not appear in our PGP Universal Servers.

Can anyone suggest a method of troubleshooting this or propsose a theory of why this would happen, when it appears to enroll with the server on the client side?

You can check in their AppData\Roaming\PGP Corporation\PGP\PGPpolicy.xml and prefs.xml to see if they're trying to look to your Universal Server.  Open them in a text editor and ctrl+f for "server" and see if you can find the FQDN of your universal server

You haven't mentioned what version of PGP Universal Server you are running. Can you please provide us that information?

It is PGP Universal 3.2.1.  The clients have the prefs.xml and the FQDN of the correct server.  PGPWDE command line status reports the drive as encrypted, but no signn of it in the server.

I would check the desktop client logs to see if it reports communication with the PGP Universal Server is happening.

The PGP Desktop log shows the communication with the server.  However, these laptops are not found with searching from Consumers-->Devices.  Is there a server command line query?

Two things you could try:

Option A:

1) Stop PGPTray process by right clicking on the PGP Tray icon and selecting "Exit PGP Services"

2) Open up My Computer on the computer that is not showing up on the server and delete the PGPprefs.xml and PGPPolicy.xml files from the %appdata\PGP Corporation directory.

3) Re-launch the PGPtray.exe from Start --> All Programs --> Startup

4) Fill in the users LDAP credentials for enrollment again

5) Right-Click on the PGP Tray icon in the system tray. Then left click on "Update Policy" once the client is done enrolling.

6) Check to see if that device updated on the PGP Universal Server and is now showing up.

7) If not, check the client logs under Reporting --> Logs on the PGP Universal Server and select ERROR from the drop-down instead of INFO. See if there are any errors being reported there for that client (it will list them client communications ID# by IP address and username there)

Option B:

Obtain SSH access to the PGP Universal Server and run the following query:

psql oviddb ovidr -x -c "select * from client_machine where hostname = 'FQDN_OF_COMPUTER_NAME_HERE';"

example:

computer name of pc is: test.example.com

query:

psql oviddb ovidr -x -c "select * from client_machine where hostname = 'test.example.com';"

If this returns a result, then there is information still stored in the database for that machine. It's just not showing up in the UI for some reason (UI resource issue, or possibly null data in the record somewhere)

Maybe that helps? At least for initial discovery to see what the problem is.

Thanks Ben, but option B does not return any rows for the computer names in question.  I will ask the local desktop support to try Option A.  Although we have alread had them re-install the PGP client without any change.

Can you share any other database command line options?