Quantcast
Channel: Symantec Connect - Security - Discussions
Viewing all 299 articles
Browse latest View live

Separate Passwords for encrypted partitions

0
0
I need a solution

I set up 2 partitions on my hard drive, Boot and Data.  I encrypted the data partition first.  I was surprised when I booted the machine and was asked for the passphrase.  Later I encryped the boot drive and set a new passphrase for it.  Now both partitions have the same passphrase and I can't change one without the change affecting both partitions.  Is ther a way to correct this?


Data recovery after blue screen with PGP

0
0
I need a solution

I have Dell laptop that is running Windows XP that was encrypted with PGP WDE 10.1.2 (Build 50). During startup yesterday, I put my password in, and just as soon as it got to the Windows XP loading screen, I had a instant flash of blue screen and then a reboot.

The blue screen error is a page fault in nonpaged area I found when I used the stop reboot on blue screen option.

The hard drive was removed from said laptop, and connected to another PGP WDE laptop with a external HD dock. PGP came up and asked me for my password, and as soon as I entered it I get the same blue screen and reboot.

After coming back up, I checked the drive health from disk management before entering my PGP password and Windows said the drive was good, and showed me the correct status.

After looking online I found the article at http://www.symantec.com/business/support/index?pag... and used a boot disk to run this procedure. The procedure seemed to work perfectly, however now when I connect the drive back to another PGP WDE machine I do not get a PGP password prompt. I get nothing at all. When I check the disk health, It shows 100% free and asks me to format, so I know my MBR is now wiped clean. I think my MBR is now gone, but did not get repaired.

Any suggestions on where I can go next to try to recover my data? Any help or assistance is appreciated.

Whole Disk Encryption Enrolment Problem

0
0
I need a solution

Hi there,

 

I am having an issue with the Whole Disk Encryption Enrollment procedure. I can see from the following article (http://www.symantec.com/business/support/index?pag...) that when a user has enrolled with the Universal Server that they are supposed to be automatically added to the User Access List of the disk so that they can authenticate with the Pre-Boot screen using their credendials (part of a domain).

 

However, unofrtunately when I enroll with any user, they are not automatically added to the User Access List and I cannot seem to find the solution to this problem.

 

I am using Symantec Encryption Server v3.3.0 and PGP Desktop v10.3.0 on dual boot systems. PGP Desktop installs on Mac OSx ok, installs on Windows 7 ok and also encrypts the disk perfectly. However users are not being added to the Access List when they enroll with the machine. I have Silent Enrollment enabled and Directory Synchronization is enabled.

Can you give any guidance to this issue?

Regards,

AC

Unwanted Decryption

0
0
I need a solution

Hello. So here is the scenario. We installed PGP and using an Admin account we create the frst user and encrypt the drive. After we have another user log in it asks for their credentials to add them to the list. This all goes well. However after that user is then added PGP begins to decrypt the drive? This is where the problem is. I would like to know the reason why it is doing this and or IF there is anyway to prevent it from decrypting the drive? One thing I thought would be the issue is when we went to add a new user we selected the use windows credentials instead of create new user. Currently the practice has been to just let the drive decrypt the re-encrypt the drive after. This is more time consuming than I would like. I am currently waiting for another computer to finish imaging and I am going to try that different way of creating a new user. Any info you can send my way would be appreciated. Thank You.

Allow Users to Get Their Own WDRT

0
0
I need a solution

We use PGP Universal server with LDAP. Is there a way that users can log in and get only their WDRT if they are locked out of their machine? Obviously this would have to work of AD some way. I'm just wondering if this has been done, or maybe I'm missing something simple here?

 

Thanks!

 

PGP Bypass for USMT task sequence

0
0
I need a solution

So here is my dilema.  We are in the middle of migrating from XP Pro SP3 32bit to Windows 7E x64 and our laptops which are all encrypted with either  9.9.1.287, 10.0.0.2732, 10.1.2.50, 10.2.0.1950, or 10.2.1.4940.  We have the local administrator account as a SSO (but it has not Enrolled yet) and I can run the following command locally and the bypass works just fine:  "C:\program files (x86)\PGP Corporation\PGP Desktop\pgpwde.exe" --add-bypass --disk 0 --admin-passphrase %password% --aa   The problem I have is when I try to run this as part of a task sequence via SCCM 2007, I am getting getting an error of "Executing command line: Run command line Operation [Unknown] failed: Error code-12450: administrative preferences file not found"  I've tried all sorts of different ways to do this including putting a .bat file on the root of the drive having SCCM execute that as local administrator, but no change.  Has anyone been able to successfully bypass the logon screen successfully  with this product?  Very frustrating as you would think it would be a simple thing to do...any suggestions?

Thanks,

JL

A question about data recovery

0
0
I do not need a solution (just sharing information)

It is possible to software like Recuva among others ... Recover Data from a disk that was formatted but that were not properly decrypted before?

Toshiba L850 encrypt wont start

0
0
I need a solution

I bought a new laptop Toshiba l850 which have a SATA HDD and PGP wde 10.2 cant encrypt even from the command line. When i click Start encrypt he dont pass the 0% and stays paused. Already formated drive and the same problem. Disable UEFI BIOS to CSM BIOS, same problemas. Change SATA model from AHCI to compatible and problems again. Note: if i restart at 0% bootguard appears and i can use my passphrase to continue. Can anybody help me with resolutions or troubleshooting sugestions. Thank you.

8433121
1362157663

PGP crushing my machine

0
0
I need a solution

Hello All,

We decided to start with deployment of PGP Desktop on few machines.

My machine was one of the first machine of the Prod deployment of PGP.

We are using PGP 10.1.2 MP2 version, and we are using the capability of BIOS encryption only (Currently not using other features of PGP).

From some unknown reason, my machine got cruhsed 2 times since the encryption.

I've looked on the event viewer, and at same time of the shut down i see this log below.

Did anyone see this problem on his env?
I'm afraid that one day i will lost all my data because of this issue?
In the meanwhile i'm lucky and my machine just bootted and came back to regular status.

Thanks a lot

Faulting application name: lsass.exe, version: 6.1.7600.16915, time stamp: 0x4ec48578

Faulting module name: PGPsdk.dll, version: 4.2.1.4869, time stamp: 0x500b24c9

Exception code: 0xc0000409

Fault offset: 0x00000000000e9072

Faulting process id: 0x294

Faulting application start time: 0x01ce1447dd62237d

Faulting application path: C:\WINDOWS\system32\lsass.exe

Faulting module path: C:\WINDOWS\system32\PGPsdk.dll

Report Id: 65867be5-83d6-11e2-ab92-002713b5cc79

WDE & SSD - Best Practices? Do's & Don'ts?

0
0
I do not need a solution (just sharing information)

I'm about out of space on the 750GB 7200 rpm drive in my Elitebook 8440w, so I decided to bite the bullet and ordered a 2nd drive caddy plus an Intel 520 480GB SDD.  My plan is make the SSD the primary boot drive with Windows on it, and use the 750GB drive as storage only in the drive caddy.  I'm currently running WDE 10.3.0 MP1 under Windows 7 x64 Enterprise Edition.  10.3.0 MP1 is standalone and not connected to Universal Server.

 

I'm just wondering if anyone has any best practices or do's & don'ts to share when using this type of a configuration.

 

Thanks

 

dcc

Recupero di un disco criptato

0
0
I need a solution

A causa di problemi al mio sistema operativo windows 7 sono stato costretto a reinstallarlo completamente.

Ciò mi ha costretto a reinstallare anche il mio PGP Desktop 10.0.2

Ho quindi cercato e recuperato il mio disco criptato. ma una volta caricato non riesco a installarlo.

Il disco risulta infatti associato ad un "Unknown User" la cui Key ID è sconosciuta.

Come faccio a recuperarlo ?

Grazie per l'aiuto

Unmanaged WDE to Managed WDE (without decryption)

0
0
I need a solution

 

Hi all. 
 
I'd appreciate any ideas on the following scenario.
 
I'm dealing with some unmanaged encrypted disks, however now we're moving to a managed environment. The thing is that it'd be really good (in terms of time) to find a way to make managed encrypted disks those unmanaged encrypted disks without decryption.
 
I've done some tests and deployed the policies created in the Encryption server into the unmanaged disks, we didn't decrypt the disks (to save a lot of time). The policy establishes deployment of SKM + ADK + disk admin passphrase + SSO integration. The unmanaged disks have their own admin and user. Therefore, after installing the agent generated from the EncServer (without uninstalling the previous one) we can see in the Encryption Desktop all of these users "old" and "new". BUT the problem is that I cannot delete manually the old users, we cannot add manually new users and the worst we cannot decrypt the disk with any user, old or new.
 
I'm thinking as well that the policy from the Encryption server says to encrypt the Windows partition meanwhile the unmanaged deployment said to encrypt the whole disk, this might cause some "conflicts".
 
Any thoughts?
 
Any help would be very appreciated.
 
Cheers.

Fixing the WDE bootloader after running bootrec /fixmbr

0
0
I need a solution

Hi,

 

I have a WDE 10.3 Windows 7 install with a 10GB unencrypted partition containing Ubuntu. While installing Ubuntu I did not set the advanced option leading to the Bootguard MBR being destroyed. In an attempt to begin fixing the issue, and booting back into my encrypted windows install I ran bootrec /fixmbr from a windows repair DVD.

I have acquired a WDE Recovery Disk but this seems to permanently hang on "PGP Recovery Disk is searching the disk for PGPWDE installation, please wait...".

My questions are:

1. Does this search usually take a very long time (this is on a 150GB SSD and has been running for hours)?

2. Is there anyway to restore the MBR with the WDE bootloader, bootguard?

3. Is there anyway to do this without removing the hard drive from my laptop (this is tricky)?

Many thanks in advance,

 

Sam

PGP Whole disk 9.10 - Can't mount encrypted disk

0
0
I need a solution

Hi,

 

I having been using this product for 3 years to encrypt certain data files. Today for some reason it it does not recognise that the virtual disk exists and will not give me the mount option from PGP desktop.

It seems it wants to create encrypted disk as if nothing had been previousely set up.

If I go through a create new virtual encrypted disk will it give me access to the existing files.

Can anyone help?

thanks.

stalled out decrypting at 5%

0
0
I need a solution

I decided to decrypt my drive over the weekend so that I could replace it with a larger capacity drive today.  Had this message from pgpwde.exe --status
Operation start decrypt disk failed: Error code -11984: item not found.

I couldn't issue resume command or stop. I would continue getting the same error code.

I remembered that originally I had a secondary drive in the computer before encrypting with PGPWDE that I removed about three weeks ago. I put back that original 128 GB SSD that was in the computer when I originally encrypted, after that I could issue a resume and proceed with the last 5% - even though that disk was never encrypted.

That is messed up right?? What if that disk was dead... what would I do?

So my question is, how do I prevent this in the future? What data did that secondary drive have on it that PGPWDE needed? Again, this secondary drive was never encrypted originally.

 

Please help explain this and how to prevent it, Thanks

 


PGP Portable *very* slow under Windows 7

0
0
I need a solution

We're using PGP Portable 10.2 managed with Universal Server 3.2MP3.

Whereas usage under XP was fine (~30MBs), attempting to use Portable under Windows 7 is
excruciatingly slow (<3MBs).

I have applied what fixes I can google for WebDAV issues:

  • IE automatically detect settings off
  • Registry fixes (FileSizeLimitInBytes, FileAttributesLimitInBytes)

with no success.

Has anyone seen, and hopefully, found a fix for this?

PGP Encrypted Disk Unable to Boot

0
0
I need a solution

Hi,

I have a Notebook (HP ProBook 6460p) in the company that is PGP WDE'd which refuse to even go into BootGuard proper. When attempting to boot, it shows that is is trying to load BootGuard, but a second later it shows a black screen (not the usual grey bootguard screen) with the following error: "Some required files are missing or corrupted. You may be able to continue through the Advanced menu or recovery tool. Press any key to return...".

The problem at this point is that the screen freezes here, no response of any kind was exhibited when I 'Press any key to return'. Just hangs there...

So I tried to slave it to another WDE'd notebook. The bootguard could not detect any other drive other than Disk 0 (the 'master' disk).

Regardless, I booted into Win 7 and managed to get the OS to detect the slave drive. As expected, the slave drive shows up, but asks to be reformatted (did not reformat).

Then I tried the PGP command line --enum, Disk 0 enumed fine, Disk 1 only showed 2 drives online (those were the HP tools and recovery partitions) instead of the expected 4 drives.

PGP did not seem to recognize that Disk 1 was WDE'd...

So now, I am trying to get this disk decrypted so my client can get back her data. But I am at a loss of how to carry on at this point.

Please advise, anyone?

PGP WDE new user is enrolled but not added to WDE & cannot log in on bootguard.

0
0
I need a solution

When a new user logs in using LAN PW, the user is enrolled but not added to WDE & cannot log in on bootguard.

The new user appears in the Authorized Users list in the Universal Sever but not in the WDE users list locally.

Is possible that when a new user logs in, the user can get added to WDE list on the machine automatically?

Can a new user be added to WDE on a machine from Universal server.

As of now a new user needs to be added manually by an exixting WDE user or WDE admin.

password lost after trying to change it

0
0
I need a solution

Hi there,

3 days ago i was forced to change my user-password on my windows XP (with SP3) machine, which has PGP WDE 9.10.0 (Build 605) installed.
I tried to use a password, which i already used on another machine (without pgp installed) successfully.
This password contains the "@" sign. PGP did not accept this character as a part of the password.

So i left the "PGP change password screen" and started to search in internet if this was a common problem on the second machine.
A couple of seconds later, the pgp encrpyted machine continued to startup windows - but i did not press any key.

I was a little bit surprised, but since i did not find any solution about my problem, i started to work on that machine.
After i finished my work i did a shut down.
Today i tried to start my machine again, but i fail to logon at the grey PGP WDE logon screen.
Neither the old one nor the new one password works.
What can i do to access my data again ?

Please assist. Thanks in advance for your help.

PGP WDE 10.2.1 Silent Install via GPO

0
0
I need a solution

We currently install PGP WDE via AD Group Policy. This works fine until I come to manually installing a newer version for testing before applying it to the GPO.

My understanding of Group Policy (not WDE Group Policy) is that a software install can be deployed and is applied just the once unless otherwise told to do so. This allows administrators to uninstall, update etc without the version in the GPO to be reapplied. However, this is what happens every time with PGP WDE - I want to test 10.2.1 MP5, but every time I install it and restart the older version gets pushed back on to it.

Had anyone come across this? It doesn't happen for any other application, just WDE. I understand this would be more of a AD Group Policy issue, but any feedback would be appreciated.

Thanks

Viewing all 299 articles
Browse latest View live




Latest Images