Wasn't sure which forum to post this in since it applies to OSD TS and Software Distribution... I’ve been working this issue and hit a wall in finding a resolution. Here’s the background: · Workstation has PGP Desktop client version 10.0.0.2 · Can successfully run command line in OSD Task Sequence (also as a program in Software Distribution) “cmd /c "%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p %PGP%” o This sends a bypass to the pre-boot authentication aka “Bootguard” Here’s the issue: 1. Updated PGP Desktop client version to 10.1.1 manually to test 2. OSD Task Sequence fails when trying to run “cmd /c "%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p %PGP%” a. SMSTS log: Expand a string: smsswd.exe /run: cmd /c ""%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p %PGP%" TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) Expand a string: TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) Start executing the command line: smsswd.exe /run: cmd /c ""%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p %PGP%" TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) !--------------------------------------------------------------------------------------------! TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) Expand a string: WinPEandFullOS TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) Executing command line: smsswd.exe /run: cmd /c ""%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p %PGP%" TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) =======================[ smsswd.exe ] ======================= InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) PackageID = '' InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) BaseVar = '', ContinueOnError='' InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) SwdAction = '0001' InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Working dir 'not set' InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Executing command line: Run command line InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Process completed with exit code 64 InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Warning: PGPwde is running in restricted environment. InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Some features are disabled InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Operation add bypass failed: InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Error code -11975: feature not available InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Command line returned 64 InstallSoftware 4/26/2011 3:17:54 PM 4684 (0x124C) Process completed with exit code 64 TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) !--------------------------------------------------------------------------------------------! TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) Failed to run the action: Add First PGP Bypass. The specified network name is no longer available. (Error: 00000040; Source: Windows) TSManager 4/26/2011 3:17:54 PM 2176 (0x0880) 3. I am able to manually run the same command successfully “cmd /c "%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p %PGP%” (substituting a user's actual passphrase for %PGP%) in a command prompt on the desktop with the updated client Anybody seen this before? The error says The specified network name is no longer available. (Error: 00000040) however I can run the exact same command manually on the desktop. TIA!Andrew

Hello -Are you running the program with administrator rights? did you try to take the package out of TS and try to install it through normal package deplyment? checkout, it it working with normal package deployment?Anoop C Nair - This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, What if you skip the "cmd /c" part of the command line, it is not necessary. I would try "%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde.exe" --add-bypass -p %PGP% instead. Hope it works. Regards, Jörgen -- visit my System center blog at http://ccmexec.com --

Thanks for the feedback... The OSD TS runs with elevated rights but I also tried running the cmd line as a package deployment (as administrator) but get the same exit code. Here is the snippet from the execmgr log: Creating an optional execution request for package C010025E program Add Bypass execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Executing program cmd /c ""%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p UsersPassphrase" in Admin context execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Execution Request for package C010025E program Add Bypass state change from NotExist to NotifyExecution execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Execution Manager timer has been fired. execmgr 4/26/2011 3:45:52 PM 3844 (0x0F04) GetFileVersionInfoSize failed for file \cmd, error 2 execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Executing program as a script execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Successfully prepared command line "C:\WINDOWS\system32\cmd.exe" /c ""C:\Program Files (x86)\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p UsersPassphrase" execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Command line = "C:\WINDOWS\system32\cmd.exe" /c ""C:\Program Files (x86)\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p UsersPassPhrase", Working Directory = C:\WINDOWS\system32\ execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Created Process for the passed command line execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Raising event: [SMS_CodePage(437), SMS_LocaleID(1033)] instance of SoftDistProgramStartedEvent { AdvertisementId = "C012030F"; ClientID = "GUID:9AF61AD5-F324-4DF0-8637-89014BCFFC5E"; CommandLine = "\"C:\\WINDOWS\\system32\\cmd.exe\" /c \"\"C:\\Program Files (x86)\\PGP Corporation\\PGP Desktop\\pgpwde\" --add-bypass -p UsersPassphrase\""; DateTime = "20110426224552.260000+000"; MachineName = "LABTEST33"; PackageName = "C010025E"; ProcessID = 2272; ProgramName = "Add Bypass"; SiteCode = "P01"; ThreadID = 4844; UserContext = "NT AUTHORITY\\SYSTEM"; WorkingDirectory = "C:\\WINDOWS\\system32\\"; }; execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Raised Program Started Event for Ad:C012030F, Package:C010025E, Program: Add Bypass execmgr 4/26/2011 3:45:52 PM 4844 (0x12EC) Program exit code 64 execmgr 4/26/2011 3:45:52 PM 1796 (0x0704) Looking for MIF file to get program status execmgr 4/26/2011 3:45:52 PM 1796 (0x0704) Script for Package:C010025E, Program: Add Bypass failed with exit code 64 execmgr 4/26/2011 3:45:52 PM 1796 (0x0704) Raising event: [SMS_CodePage(437), SMS_LocaleID(1033)] instance of SoftDistProgramErrorEvent { AdvertisementId = "C012030F"; ClientID = "GUID:9AF61AD5-F324-4DF0-8637-89014BCFFC5E"; DateTime = "20110426224552.744000+000"; ExitCode = "64"; MachineName = "LABTEST33"; PackageName = "C010025E"; ProcessID = 2272; ProgramName = "Add Bypass"; SiteCode = "P01"; ThreadID = 1796; UserContext = "NT AUTHORITY\\SYSTEM"; }; execmgr 4/26/2011 3:45:52 PM 1796 (0x0704) Raised Program Error Event for Ad:C012030F, Package:C010025E, Program: Add Bypass execmgr 4/26/2011 3:45:52 PM 1796 (0x0704) Execution is complete for program Add Bypass. The exit code is 64, the execution status is FailureRetry execmgr 4/26/2011 3:45:52 PM 1796 (0x0704) *************************** I also tried taking out the cmd /c prefix but got the same exit code. Here's the ExecMgr log snippet: Creating an optional execution request for package C010025E program Add Bypass 3 execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Executing program "%PROGRAMFILES%\PGP Corporation\PGP Desktop\pgpwde" --add-bypass -p UserPassphrase in Admin context execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Execution Manager timer has been fired. execmgr 4/26/2011 4:37:03 PM 4908 (0x132C) Execution Request for package C010025E program Add Bypass 3 state change from NotExist to NotifyExecution execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) GetFileVersionInfoSize failed for file \C:\Program Files (x86)\PGP Corporation\PGP Desktop\pgpwde, error 2 execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Executing program as a script execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Successfully prepared command line "C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPwde.exe" --add-bypass -p UserPassPhrase execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Command line = "C:\Program Files (x86)\PGP Corporation\PGP Desktop\PGPwde.exe" --add-bypass -p UserPassphrase, Working Directory = C:\WINDOWS\system32\ execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Created Process for the passed command line execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Raising event: [SMS_CodePage(437), SMS_LocaleID(1033)] instance of SoftDistProgramStartedEvent { AdvertisementId = "C0120311"; ClientID = "GUID:9AF61AD5-F324-4DF0-8637-89014BCFFC5E"; CommandLine = "\"C:\\Program Files (x86)\\PGP Corporation\\PGP Desktop\\PGPwde.exe\" --add-bypass -p UserPassphrase"; DateTime = "20110426233703.474000+000"; MachineName = "LABTEST33"; PackageName = "C010025E"; ProcessID = 2208; ProgramName = "Add Bypass 3"; SiteCode = "P01"; ThreadID = 2564; UserContext = "NT AUTHORITY\\SYSTEM"; WorkingDirectory = "C:\\WINDOWS\\system32\\"; }; execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Raised Program Started Event for Ad:C0120311, Package:C010025E, Program: Add Bypass 3 execmgr 4/26/2011 4:37:03 PM 2564 (0x0A04) Program exit code 64 execmgr 4/26/2011 4:37:03 PM 1672 (0x0688) Looking for MIF file to get program status execmgr 4/26/2011 4:37:03 PM 1672 (0x0688) Script for Package:C010025E, Program: Add Bypass 3 failed with exit code 64 execmgr 4/26/2011 4:37:03 PM 1672 (0x0688) Andrew

It turns out Symantec/PGP changed how the pgpwde.exe utility handles commands from users that have not logged into the PC before. In v10.0.0.12, it didn’t matter if the account used to run the bypass command has logged on to the machine or not, it would still run the command. In v10.1.1, the user account used to run the bypass had to log on to the pc previously in order to run the PGPWDE remotely or with different credentials. Since SCCM is using the LocalSystem account to run this command, it failed on v10.1.1 but went through fine in v10.0.0.12. We are working with PGP support now to see if this was a fix or bug from the previous version. I wanted to note that SCCM is behaving as expected though.Andrew

Hi Aqle Have you heard anything from PGP support about this? I am trying to implement PGP WDE 10.1.2 in my task sequence and I am seeing similar behavior - I cannot use any of the pgpwde command line commands unless PGPtray.exe is first executed in the user context. Even if I launch PGPtray.exe as the system account I still recieve the error "PGPwde is running in restricted environment" and non of the user-creation or encrypt commands execute succesfully. However if I launch PGPtray as a user (and then kill the process), all of the PGPwde commands execute succesfully and I can encrypt the drive - this is not a viable solution for a ZTI OS deployment! Cheers Sam

Hi Aqle Have you heard anything from PGP support about this? I am trying to implement PGP WDE 10.1.2 in my task sequence and I am seeing similar behavior - I cannot use any of the pgpwde command line commands unless PGPtray.exe is first executed in the user context. Even if I launch PGPtray.exe as the system account I still recieve the error "PGPwde is running in restricted environment" and non of the user-creation or encrypt commands execute succesfully. However if I launch PGPtray as a user (and then kill the process), all of the PGPwde commands execute succesfully and I can encrypt the drive - this is not a viable solution for a ZTI OS deployment! Cheers Sam Edit: Got the encryption side working OK, however using the same command that you are "PGPWde.exe --add-bypass -p <passphrase>" in WinPE produces the same "PGPwde is running in restricted environment" error. I tried to integrate PGPtray into WinPE but it was providing difficult. It's pretty dissapointing that they provide support for WinPE but it doesn't actually work.