This article details how to control access to pgpwde.exe on my Windows Operating Systems in an enterprise environment.
The pgpwde.exe executable file is located in the C:\Program Files\PGP Corporation\PGP Desktop folder (or where %ProgramFiles% is mapped to). This utility is typically used by administrators to troubleshoot PGP Whole Disk Encryption issues without going through the PGP Desktop GUI.
It is sometimes desirable to restrict access to this file to administrators only. There are Windows utilities that grant or restrict file access to particular users. You can also download useful scripts to help you restrict access to files and folders to users or groups.
ACLs (Access Control Lists) are stored for each file and directory in a Windows filesystem. Windows XP has a built in utility called CACLS that you can use to restrict access to a particular file.Click here for Microsoft documentation on CACLS.exe.
There are other utlities as well that can change file permissions. Xcacls.vbs is a script downloadable from Microsoft that will allow you to change group permissions on a file. Please see the Microsoft documentation for more information and informative examples of use.
An example of xcacls.vbs: cscript.exe xcacls.vbs "C:\Program Files\PGP Corporation\PGP Desktop\pgpwde.exe" /r "machinea\group1" /r "domain\testuser1"
This command revokes the permissions to C:\Program Files\PGP Corporation\PGP Desktop\pgpwde.exe for MachineA\Group1 and for Domain\TestUser1.
Imported Document ID: TECH149049
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.