When restricting Microsoft Active Directory (AD) domain users to specific computers using the Logon Restriction setting per user account, PGP Desktop clients are unable to enroll/authenticate.
The PGP Desktop client will fail with, "Your credentials were not accepted. Please try again."
The PGP Universal Server will show, "CLIENT-XXXXX: ldap operation result 49, Invalid credentials"
The error is misleading, since it's not a bad password problem for the user account.
Since the LDAP query is being issued from PGP Universal Server and not the from the client's (permitted) computer, the AD LDAP server rejects the connection.
Switch to Email Enrollment or use a secondary LDAP server specifically for PGP client authentication.
Did this article resolve your issue?
Did this article save you the trouble of contacting technical support?
How can we make this article more helpful?
Email Address (Optional)
Login to Subscribe
Please login to set up your subscription.
Create and manage cases, manage licensing and renewals, submit threats, and enroll with Symantec Rewards.
Customer and Technical Support phone numbers and hours of operation.
User-to-user forums, blogs, videos, and other community resources on Symantec Connect.
Set default language
Do you wish to save this as your future site?