To decrypt encrypted volumes, all volume-based encrypted volumes must have a drive
letter assigned to them.
In SafeGuard Management Center, edit the current policy of the type
Device Protection that is assigned to the computers
you want to decrypt. Select the targets and set User may decrypt
volume to Yes. Assign the policy to the
Create a decryption policy of the type Device
Protection, select the targets that are to be decrypted and set the
Media encryption mode to No
In Users and Computers, create a group for the computers
you want to decrypt: Right-click the domain node where you want to create the
group. Then select New > Create new group.
Select the domain node of this group and assign the decryption policy to it by
dragging the policy from the Available Policies list into
the Policies tab. Activate the policy by dragging the
group from the Available Groups list into the
Activation area. On the
Policies tab of the domain node, check that
Priority is set to 1 and that No
Override is activated. In the Activation
area of the domain node, make sure that only members of the group are affected
by this policy.
In the Users and Computers navigation area, select the
group, right-click on the Members tab shown in the action
area and click Add to add the computers you want to
decrypt to the group.
On the endpoint that is to be decrypted, synchronize with the SafeGuard
Enterprise Server to make sure that the policy update has been received and is
Open Windows Explorer. Right-click the volume that should be decrypted and
click Encryption > Decryption.
Make sure that the decryption is completed successfully.
can be shut down and restarted during encryption/decryption. If decryption
is followed by an uninstallation, we recommend that the endpoint is not
suspended or hibernated during decryption.