When attempting to re-encrypt a PGP NetShare folder that was encrypted to an Active Directory group, the error "One or more user keys is unknown, is revoked, is expired, or is disabled" is displayed. This occurs even though all of the keys in the access list display as current and valid.
This can occur when the Active Directory group name is using a pre-Windows 2000 group name and a Windows 2003 group name that do not match. The group is only searchable by the Windows 2003 Active Directory naming schema, but displays in PGP NetShare using the pre-Windows 2000 naming schema.
Therefore, when attempting to re-encrypt the folder, PGP NetShare is not able to lookup the group because of the difference in group names.
To resolve this issue, rename the Group name (pre-Windows 2000) to match the Windows 2003 Group name so that PGP NetShare can successfully find the group. Then re-encrypt the PGP NetShare folder.
Imported Document ID: TECH149963
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.