PGP Encryption Desktop (Symantec Encryption Desktop) includes a registry value called MACHINEGUID. This is a unique value generated by the client to identify the Device ID with the PGP Encryption Management Server (Symantec Encryption Management Server).
This value needs to be a unique identifier for each computer and if the value is either missing or malformed, invalid data can then be sent to the PGP Encryption Server.
Examples of this invalid data include the following:
00000002-0000-0000-3001-000000000000
00000002-0000-0000-3001-00000009e305
00000002-0000-0000-3001-00000011df04
00000002-0000-0000-3001-000000194f05
or
00000003-0000-0000-3001-000000000000
00000003-0000-0000-3001-00000001f209
00000003-0000-0000-3001-000000028505
00000003-0000-0000-3001-00000003d405
TIP: A normal MACHINEGUID value, or Machine ID\Device ID value does not start with "00000003" or "00000002", and looks similar to the following example:
{54CC7DE3-1432-4947-B88C-366ED5B3D931}
An example of this invalid data can be seen in the following screenshot where there are multiple Blank hostname Computers listed:
Although the screenshot does not display the "00000003" value, upon clicking a blank hostname, this value can then be seen.
"The administrative server is not available for storing the Whole Disk
Recovery Token. Disk encryption cannot continue."
"Error sending logging configuration data to the server: corrupt data (-11976)"
This issue can occur when the MACHINEGUID value is either missing or malformed. In other words, if the entry is missing, then the issue can be caused. In one scenario, text, other than the proper MACHINEGUID value was entered, and also causes the issue and can create this Bogus UUID machine data.
PGP Encryption Desktop 10.3.0 MP3 and above correct this issue. As one of the symptoms of this issue is the invalid MACHINEGUID values, database cleanup will be needed. Once the client is updated to Symantec Encryption Desktop 10.3.2, delete the invalid machines from the server, and then stop and restart the PGPtray services, then update policy. Confirm the invalid data is no longer sent to the server.
For further guidance, please reach out to Symantec Encryption Support.