When attempting to login using an account in the WDE-ADMIN group for multiple domains, the WDE-ADMIN account cannot perform any pgpwde command line commands.
This can occur when the WDE-ADMIN group of multiple domains is not a member of a Universal Group. The WDE-ADMIN group must be Universal Group to login to multiple domains in a forest. For more information on Active Directory Groups and their scope, click
here for a Microsoft TechNet article.
Creating an WDE-ADMIN group account allows you to:
Log in remotely to perform PGP WDE maintenance tasks (using the pgpwde command line).
Use SMS or other tools to perform PGP WDE maintenance.
Use pgpwde to perform Active Directory authentication to ensure only authorized administrators can access users' systems. (Note that the system must be connected to the network and Active Directory must be running.)
Imported Document ID: TECH149346
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.