When attempting to re-encrypt a PGP NetShare folder that was encrypted to an Active Directory group, the error "One or more user keys is unknown, is revoked, is expired, or is disabled" is displayed. This occurs even though all of the keys in the access list display as current and valid.
This can occur when the Active Directory group name is using a pre-Windows 2000 group name and a Windows 2003 group name that do not match. The group is only searchable by the Windows 2003 Active Directory naming schema, but displays in PGP NetShare using the pre-Windows 2000 naming schema.
Therefore, when attempting to re-encrypt the folder, PGP NetShare is not able to lookup the group because of the difference in group names.
To resolve this issue, rename the Group name (pre-Windows 2000) to match the Windows 2003 Group name so that PGP NetShare can successfully find the group. Then re-encrypt the PGP NetShare folder.
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.