In some rare cases, when using the Detailed Authentication for Symantec Drive Encryption (formerly known as PGP Whole Disk Encryption), the system could revert the domain field to "This Computer" instead of displaying the correct domain to which the system is part of.
When this occurs, a user could entering the correct passphrase, but still failing authentication as all fields must be correct. If using the lockout feature, a user could get locked out of the system, requiring a Whole Disk Recovery Token to boot the system, even if all correct fields are then selected.
This issue has been addressed in Symantec Drive Encryption 10.3.0 and above. Once on this new version, if the domain value is remembered, per policy, the appropriate domain will be listed.
NOTE: If another user has logged in to a local account on this same machine and rebooted, "This Computer" will be expected to be displayed. The last domain option successfully used will be used the next reboot if the policy to remember domain is enabled on the Symantec Encryption Management Server. This behavior continues to occur and is by design with all versions of Symantec Drive Encryption.
Imported Document ID: TECH205103
Subscribing will provide email updates when this Article is updated. Login is required.