The Directory Synchronization feature of Symantec Encryption Management Server (previously PGP Universal Server) lets you synchronize your server with an LDAP directory (such as Microsoft Active Directory) so that internal users can be created from the users in LDAP directory.
Directory Synchronization allows you to assign different user polices to specific internal user groups. When using Directory Synchronization, internal users for Symantec Encryption Management Server (SEMS) can come only from the directory you specify when you enable Directory Synchronization. If users are in the LDAP directory, they will be added to the system as internal users. If users are not in that directory, their disks, messaging, or files will not be managed by server.
When using SEMS with Microsoft Active Directory on Windows Server 2000 and 2003, a User Principal Name (userPrincipalName) can be entered as the Bind DN for Directory Synchronization. The User Principal Name follows the style of an email address e.g., firstname.lastname@example.org.
To use a User Principal Name for Directory Synchronization:
Log into the SEMS Admin interface.
Click Consumers > Directory Synchronization.
Type a User Principal Name and passphrase for a user.
Click Save to apply the settings.
Imported Document ID: TECH149581
Subscribing will provide email updates when this Article is updated. Login is required.