Can't add a user to an encrypted NetShare folder. Key is not found even though the key is present on the Universal Server
This issue occurs if the user is in a policy that has Symantec File Share (formerly known as PGP NetShare) disabled, and if the Netshare flag is missing on the key.
The same issue can occur with the ADK. If you add an ADK to the Universal Server and the ADK does not have the File Share (formerly known as NetShare) key usage flags for PGP NetShare then you will not be able to encrypt the files. See the following KB article: http://www.symantec.com/docs/TECH195276
In a PGP Universal Server managed environment the key usage flags are added during the enrollment, depending on what features are enabled in the Consumer Policy.
As an example let's say you have now decided to use Symantec File Share, but the subkey does not have the Symantec File Share Flag. In this case you will first have to enable the Symantec File Share feature in the consumer policy. Please refer to the following KB article on how to enable Symantec File Share in the Consumer Policy. http://www.symantec.com/docs/HOWTO60713
Please note that the key usage flag will not be automatically added to the key. You will need to perform an action that requires a passphrase entry. For example, encrypt and decrypt a file to/with your own key or change the passphrase. Once this has been done the key usage flag will be added to the key. After the keyflag is added the key has to be synchronized to the server in order to allow other users to use Symantec File Share with this key. This is done automatically during the next policy update or when you manually select "Update Policy" from the PGP Tray icon context menu.
Note: If you are in a PGP Universal Server managed environment and your key mode is SKM, you cannot make changes to the key usage flags
Imported Document ID: TECH163894
Subscribing will provide email updates when this Article is updated. Login is required.