There are two method to enroll the Symantec Encryption Desktop: by Email, or by AD.
In this article, we will provide the graphic step-by-step guide for AD enrollment.
1. We need to enable Directory Synchronization firstly.
From 'Consumers' tab, select 'Directory Synchronization', then click 'Enable' button:
Image may be NSFW.
Clik here to view.
2. After enable the Directory Synchronization, click 'Add LDAP Directory' button:
Image may be NSFW.
Clik here to view.
3. Fill in the necessary information to connect to the directory:
Image may be NSFW.
Clik here to view.
4. Click 'Test Connection' button to ensure the connection to the directory:
Image may be NSFW.
Clik here to view.
5. Click the 'Settings' button of the Directory Synchronization, select to enable the option 'Enroll clients using directory authentication':
Image may be NSFW.
Clik here to view.
6. Open to edit the policy, then click 'Edit' button of the 'General' section:
Image may be NSFW.
Clik here to view.
7. On the 'General' tab, select to enable the option 'Enable Silent Enrollment':
Image may be NSFW.
Clik here to view.
8. Create a new group, and select to use the policy that created on step7:
Image may be NSFW.
Clik here to view.
9. During the download of the Symantec Encryption Desktop Client, select the 'Preset Policy Group' as the group that created on step8:
Image may be NSFW.
Clik here to view.
10. After the installation of the client on the desktop and the reboot, select 'Always Allow for This Site' on the Symantec Alert:
Image may be NSFW.
Clik here to view.
11. Fill in the credentials of the AD user:
Image may be NSFW.
Clik here to view.
12. The client will enroll with the server:
Image may be NSFW.
Clik here to view.
By using AD enrollment, we can skill the Email configuration on the Symantec Encryption Server. This will simplify the deployment process.