When using the Single Sign-On feature of PGP Whole Disk Encryption, the Windows domain password expiration notice does not display according to the policy setting applied in Active Directory. This article applies to PGP Desktop running on Windows 2000, XP, Server 2003, Windows Vista, and Windows 7.
This issue occurs when a Windows XP client computer in an Active Directory domain does not wait for all network services to initialize during the logon process. This setting is applied by default on Windows XP systems. Existing Windows XP users log on using cached credentials to decrease logon time.
This setting is controlled by the Group Policy logon setting Always wait for the network at computer startup and logon.
This issue can be resolved by editing the group policy system logon setting for the Active Directory domain to wait for the network at logon.
To edit the Group Policy setting:
- Open a Group Policy console for the domain.
- Browse to the Computer Configuration>Administrative Templates>System>Logon folder.
- In the details pane, double-click Always wait for the network at computer startup and logon.
- Click the Enabled radio button.
- Click OK to apply the policy.
For more information on the Group Policy, see the following Microsoft Support site articles.
How To Use the Group Policy Editor to Manage Local Computer Policy in Windows XP