? (fill out web form submit a Footprints task using the "Quick Request" template xx)Ĭ) Give the user a copy of the SAS Pre-Encryption Infosheet (see below) 3. ? In the comments field, please have the user indicate that the account is for use with PGP.ī) ? If the user already has an AD account, request PGP group membership by doing xx Before you Start Encrypting Someone's MachineĪ) If the user does not yet have an Active Directory account, please have them request an account using the survey. These accounts will be named yourOU-PGP (e.g. Please note in the comments field that this is for use in PGP enrollment and note the OU(s) in which this account is intended to be used. If your LSP group does not yet have a shared Active Directory account for PGP, request one now using this form: In order to encrypt a machine you will be taken through a PGP "enrollment" process which requires creating or using a pre-existing PGP key associated with an AD account.įor a non-domain member machine it is best that you use a shared AD account for your LSP Group for this enrollment process (This account will only be used for enrolling PGP machines). Have the user test logging in at the grey PGP boot screen.** If they had enrolled in PGP in the past, they will be prompted for their passphrase instead of being asked to enroll.After encrypting, test logging in at the grey PGP boot screen as the lspadmin.You need your group's AD PGP account login info.Ensure that the user's local windows account password is sufficiently strong.Check the laptop's screensaver lock policy.Make sure the filesystem is ok by running "chkdsk /f" on all local drives (E.g.add the local user account & lspadmin to the local file and print sharing group.If they don't know their passphrase, talk to DCS about Security Question recovery or "resetting" the user's PGP info on the PGP server.ģ. If they have, ask them if they know/wrote-down the PGP passphrase that they created. ** Find out if the user has done PGP enrollment in the past.Give the user a copy of the SAS Pre-Encryption Infosheet.Request PGP group membership for the user's AD account.Check that the user has an AD account - have them fill out the form if they need one.Before you Start Encrypting Someone's Machine: Request a shared AD account for your LSP Group for PGP enrollment purposesĢ.(document revised 12-24-2013) Summary of PGP process: We will provide additional details for domain-member machines. Note: As of these directions assume you are working with a non-domain member machine.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |