I set up 2 partitions on my hard drive, Boot and Data. I encrypted the data partition first. I was surprised when I booted the machine and was asked for the passphrase. Later I encryped the boot drive and set a new passphrase for it. Now both partitions have the same passphrase and I can't change one without the change affecting both partitions. Is ther a way to correct this?
Separate Passwords for encrypted partitions
Data recovery after blue screen with PGP
I have Dell laptop that is running Windows XP that was encrypted with PGP WDE 10.1.2 (Build 50). During startup yesterday, I put my password in, and just as soon as it got to the Windows XP loading screen, I had a instant flash of blue screen and then a reboot.
The blue screen error is a page fault in nonpaged area I found when I used the stop reboot on blue screen option.
The hard drive was removed from said laptop, and connected to another PGP WDE laptop with a external HD dock. PGP came up and asked me for my password, and as soon as I entered it I get the same blue screen and reboot.
After coming back up, I checked the drive health from disk management before entering my PGP password and Windows said the drive was good, and showed me the correct status.
After looking online I found the article at http://www.symantec.com/business/support/index?pag... and used a boot disk to run this procedure. The procedure seemed to work perfectly, however now when I connect the drive back to another PGP WDE machine I do not get a PGP password prompt. I get nothing at all. When I check the disk health, It shows 100% free and asks me to format, so I know my MBR is now wiped clean. I think my MBR is now gone, but did not get repaired.
Any suggestions on where I can go next to try to recover my data? Any help or assistance is appreciated.
Whole Disk Encryption Enrolment Problem
Hi there,
I am having an issue with the Whole Disk Encryption Enrollment procedure. I can see from the following article (http://www.symantec.com/business/support/index?pag...) that when a user has enrolled with the Universal Server that they are supposed to be automatically added to the User Access List of the disk so that they can authenticate with the Pre-Boot screen using their credendials (part of a domain).
However, unofrtunately when I enroll with any user, they are not automatically added to the User Access List and I cannot seem to find the solution to this problem.
I am using Symantec Encryption Server v3.3.0 and PGP Desktop v10.3.0 on dual boot systems. PGP Desktop installs on Mac OSx ok, installs on Windows 7 ok and also encrypts the disk perfectly. However users are not being added to the Access List when they enroll with the machine. I have Silent Enrollment enabled and Directory Synchronization is enabled.
Can you give any guidance to this issue?
Regards,
AC
Unwanted Decryption
Hello. So here is the scenario. We installed PGP and using an Admin account we create the frst user and encrypt the drive. After we have another user log in it asks for their credentials to add them to the list. This all goes well. However after that user is then added PGP begins to decrypt the drive? This is where the problem is. I would like to know the reason why it is doing this and or IF there is anyway to prevent it from decrypting the drive? One thing I thought would be the issue is when we went to add a new user we selected the use windows credentials instead of create new user. Currently the practice has been to just let the drive decrypt the re-encrypt the drive after. This is more time consuming than I would like. I am currently waiting for another computer to finish imaging and I am going to try that different way of creating a new user. Any info you can send my way would be appreciated. Thank You.
Allow Users to Get Their Own WDRT
We use PGP Universal server with LDAP. Is there a way that users can log in and get only their WDRT if they are locked out of their machine? Obviously this would have to work of AD some way. I'm just wondering if this has been done, or maybe I'm missing something simple here?
Thanks!
PGP Bypass for USMT task sequence
So here is my dilema. We are in the middle of migrating from XP Pro SP3 32bit to Windows 7E x64 and our laptops which are all encrypted with either 9.9.1.287, 10.0.0.2732, 10.1.2.50, 10.2.0.1950, or 10.2.1.4940. We have the local administrator account as a SSO (but it has not Enrolled yet) and I can run the following command locally and the bypass works just fine: "C:\program files (x86)\PGP Corporation\PGP Desktop\pgpwde.exe" --add-bypass --disk 0 --admin-passphrase %password% --aa The problem I have is when I try to run this as part of a task sequence via SCCM 2007, I am getting getting an error of "Executing command line: Run command line Operation [Unknown] failed: Error code-12450: administrative preferences file not found" I've tried all sorts of different ways to do this including putting a .bat file on the root of the drive having SCCM execute that as local administrator, but no change. Has anyone been able to successfully bypass the logon screen successfully with this product? Very frustrating as you would think it would be a simple thing to do...any suggestions?
Thanks,
JL
A question about data recovery
It is possible to software like Recuva among others ... Recover Data from a disk that was formatted but that were not properly decrypted before?
Toshiba L850 encrypt wont start
I bought a new laptop Toshiba l850 which have a SATA HDD and PGP wde 10.2 cant encrypt even from the command line. When i click Start encrypt he dont pass the 0% and stays paused. Already formated drive and the same problem. Disable UEFI BIOS to CSM BIOS, same problemas. Change SATA model from AHCI to compatible and problems again. Note: if i restart at 0% bootguard appears and i can use my passphrase to continue. Can anybody help me with resolutions or troubleshooting sugestions. Thank you.
PGP crushing my machine
Hello All,
We decided to start with deployment of PGP Desktop on few machines.
My machine was one of the first machine of the Prod deployment of PGP.
We are using PGP 10.1.2 MP2 version, and we are using the capability of BIOS encryption only (Currently not using other features of PGP).
From some unknown reason, my machine got cruhsed 2 times since the encryption.
I've looked on the event viewer, and at same time of the shut down i see this log below.
Did anyone see this problem on his env?
I'm afraid that one day i will lost all my data because of this issue?
In the meanwhile i'm lucky and my machine just bootted and came back to regular status.
Thanks a lot
Faulting application name: lsass.exe, version: 6.1.7600.16915, time stamp: 0x4ec48578
Faulting module name: PGPsdk.dll, version: 4.2.1.4869, time stamp: 0x500b24c9
Exception code: 0xc0000409
Fault offset: 0x00000000000e9072
Faulting process id: 0x294
Faulting application start time: 0x01ce1447dd62237d
Faulting application path: C:\WINDOWS\system32\lsass.exe
Faulting module path: C:\WINDOWS\system32\PGPsdk.dll
Report Id: 65867be5-83d6-11e2-ab92-002713b5cc79
WDE & SSD - Best Practices? Do's & Don'ts?
I'm about out of space on the 750GB 7200 rpm drive in my Elitebook 8440w, so I decided to bite the bullet and ordered a 2nd drive caddy plus an Intel 520 480GB SDD. My plan is make the SSD the primary boot drive with Windows on it, and use the 750GB drive as storage only in the drive caddy. I'm currently running WDE 10.3.0 MP1 under Windows 7 x64 Enterprise Edition. 10.3.0 MP1 is standalone and not connected to Universal Server.
I'm just wondering if anyone has any best practices or do's & don'ts to share when using this type of a configuration.
Thanks
dcc
Recupero di un disco criptato
A causa di problemi al mio sistema operativo windows 7 sono stato costretto a reinstallarlo completamente.
Ciò mi ha costretto a reinstallare anche il mio PGP Desktop 10.0.2
Ho quindi cercato e recuperato il mio disco criptato. ma una volta caricato non riesco a installarlo.
Il disco risulta infatti associato ad un "Unknown User" la cui Key ID è sconosciuta.
Come faccio a recuperarlo ?
Grazie per l'aiuto
Unmanaged WDE to Managed WDE (without decryption)
Fixing the WDE bootloader after running bootrec /fixmbr
Hi,
I have a WDE 10.3 Windows 7 install with a 10GB unencrypted partition containing Ubuntu. While installing Ubuntu I did not set the advanced option leading to the Bootguard MBR being destroyed. In an attempt to begin fixing the issue, and booting back into my encrypted windows install I ran bootrec /fixmbr from a windows repair DVD.
I have acquired a WDE Recovery Disk but this seems to permanently hang on "PGP Recovery Disk is searching the disk for PGPWDE installation, please wait...".
My questions are:
1. Does this search usually take a very long time (this is on a 150GB SSD and has been running for hours)?
2. Is there anyway to restore the MBR with the WDE bootloader, bootguard?
3. Is there anyway to do this without removing the hard drive from my laptop (this is tricky)?
Many thanks in advance,
Sam
PGP Whole disk 9.10 - Can't mount encrypted disk
Hi,
I having been using this product for 3 years to encrypt certain data files. Today for some reason it it does not recognise that the virtual disk exists and will not give me the mount option from PGP desktop.
It seems it wants to create encrypted disk as if nothing had been previousely set up.
If I go through a create new virtual encrypted disk will it give me access to the existing files.
Can anyone help?
thanks.
stalled out decrypting at 5%
I decided to decrypt my drive over the weekend so that I could replace it with a larger capacity drive today. Had this message from pgpwde.exe --status
Operation start decrypt disk failed: Error code -11984: item not found.
I couldn't issue resume command or stop. I would continue getting the same error code.
I remembered that originally I had a secondary drive in the computer before encrypting with PGPWDE that I removed about three weeks ago. I put back that original 128 GB SSD that was in the computer when I originally encrypted, after that I could issue a resume and proceed with the last 5% - even though that disk was never encrypted.
That is messed up right?? What if that disk was dead... what would I do?
So my question is, how do I prevent this in the future? What data did that secondary drive have on it that PGPWDE needed? Again, this secondary drive was never encrypted originally.
Please help explain this and how to prevent it, Thanks
PGP Portable *very* slow under Windows 7
We're using PGP Portable 10.2 managed with Universal Server 3.2MP3.
Whereas usage under XP was fine (~30MBs), attempting to use Portable under Windows 7 is
excruciatingly slow (<3MBs).
I have applied what fixes I can google for WebDAV issues:
- IE automatically detect settings off
- Registry fixes (FileSizeLimitInBytes, FileAttributesLimitInBytes)
with no success.
Has anyone seen, and hopefully, found a fix for this?
PGP Encrypted Disk Unable to Boot
Hi,
I have a Notebook (HP ProBook 6460p) in the company that is PGP WDE'd which refuse to even go into BootGuard proper. When attempting to boot, it shows that is is trying to load BootGuard, but a second later it shows a black screen (not the usual grey bootguard screen) with the following error: "Some required files are missing or corrupted. You may be able to continue through the Advanced menu or recovery tool. Press any key to return...".
The problem at this point is that the screen freezes here, no response of any kind was exhibited when I 'Press any key to return'. Just hangs there...
So I tried to slave it to another WDE'd notebook. The bootguard could not detect any other drive other than Disk 0 (the 'master' disk).
Regardless, I booted into Win 7 and managed to get the OS to detect the slave drive. As expected, the slave drive shows up, but asks to be reformatted (did not reformat).
Then I tried the PGP command line --enum, Disk 0 enumed fine, Disk 1 only showed 2 drives online (those were the HP tools and recovery partitions) instead of the expected 4 drives.
PGP did not seem to recognize that Disk 1 was WDE'd...
So now, I am trying to get this disk decrypted so my client can get back her data. But I am at a loss of how to carry on at this point.
Please advise, anyone?
PGP WDE new user is enrolled but not added to WDE & cannot log in on bootguard.
When a new user logs in using LAN PW, the user is enrolled but not added to WDE & cannot log in on bootguard.
The new user appears in the Authorized Users list in the Universal Sever but not in the WDE users list locally.
Is possible that when a new user logs in, the user can get added to WDE list on the machine automatically?
Can a new user be added to WDE on a machine from Universal server.
As of now a new user needs to be added manually by an exixting WDE user or WDE admin.
password lost after trying to change it
Hi there,
3 days ago i was forced to change my user-password on my windows XP (with SP3) machine, which has PGP WDE 9.10.0 (Build 605) installed.
I tried to use a password, which i already used on another machine (without pgp installed) successfully.
This password contains the "@" sign. PGP did not accept this character as a part of the password.
So i left the "PGP change password screen" and started to search in internet if this was a common problem on the second machine.
A couple of seconds later, the pgp encrpyted machine continued to startup windows - but i did not press any key.
I was a little bit surprised, but since i did not find any solution about my problem, i started to work on that machine.
After i finished my work i did a shut down.
Today i tried to start my machine again, but i fail to logon at the grey PGP WDE logon screen.
Neither the old one nor the new one password works.
What can i do to access my data again ?
Please assist. Thanks in advance for your help.
PGP WDE 10.2.1 Silent Install via GPO
We currently install PGP WDE via AD Group Policy. This works fine until I come to manually installing a newer version for testing before applying it to the GPO.
My understanding of Group Policy (not WDE Group Policy) is that a software install can be deployed and is applied just the once unless otherwise told to do so. This allows administrators to uninstall, update etc without the version in the GPO to be reapplied. However, this is what happens every time with PGP WDE - I want to test 10.2.1 MP5, but every time I install it and restart the older version gets pushed back on to it.
Had anyone come across this? It doesn't happen for any other application, just WDE. I understand this would be more of a AD Group Policy issue, but any feedback would be appreciated.
Thanks