How to add group key to endpoint?

I have figured this out and am in the process of testing security.  Just wanted to share in case someone else needs to do it.  I was able to create a key for the AD security group, then use that key to create encryption settings and file encryption policies, which I combined as a group.  Then I applied the group to both the parent OU of the AD group and the Root in SGN.  I'm not sure why, but the policy wouldn't apply until I added it to Root.  So far it's working as expected, but, like I said, we're still testing the security rights for the groups.

Terri

Hi Terri,

Thank you for sharing the workaround. As you are going through the testing process, please feel free to get in touch with us in case you need any assistance. 

I don't think policy assignment and inheritance it working like I need it to.  I've got another ticket open because manually created groups aren't working like I need them to, either.  

Not getting a response from support.  :( 

Hi Terri,

Please share the ticket number via private message. I will look into it and expedite the service. 

The support rep has finally replied.  Thanks, though.

Hi Terri, 

Thank you for the update. In case you need any assistance in the future, please feel free to get in touch with us.

He didn't call as scheduled.  My ticket number is 7379800.  Can you have someone call me today? I'm in the Central US time zone.  The time on this post is 5 hours ahead, even though I've set my location in my profile. Thanks.

Hi Terri, 

Sorry for the inconvenience, I will look into the ticket and arrange a call back at the earliest. Is there a preferred time that you want me to schedule a callback?

He just emailed me and said he had a support call go longer than expected. We're scheduling a time for later today. Thank you for your quick response.

Hi Terri,

You are welcome, please feel free to get in touch if you need any further assistance.

I have a question about the keys that appear on the folders in Windows Explorer or File Explorer in Windows 10.  In previous testing, I would see a green, yellow, or red key depending on the state of the encryption policy.  Now, I'm not seeing any keys on the folder with my current configuration.  

And I'm not seeing keys inside the folder.

But it says that the file is encrypted. About 30 minutes ago, I could right-click the file>Show encryption state, and it would give me the box that showed the key that was used to encrypt the file and the algorithm.  Now it gives me this box, which is different.

Are the encryption policies being applied correctly?  

I have a question about the keys that appear on the folders in Windows Explorer or File Explorer in Windows 10.  In previous testing, I would see a green, yellow, or red key depending on the state of the encryption policy.  Now, I'm not seeing any keys on the folder with my current configuration.  

And I'm not seeing keys inside the folder.

But it says that the file is encrypted. About 30 minutes ago, I could right-click the file>Show encryption state, and it would give me the box that showed the key that was used to encrypt the file and the algorithm.  Now it gives me this box, which is different.

Are the encryption policies being applied correctly?  

Hi Terri,

I am afraid you would have to open a support ticket to investigate this issue. Currently, I do not have an idea why the icons are not shown. Please allow me to check on this and update you further.

Hi Terri,

My name's Toby from the Global Escalations Team, I hope you're well.

I suspect what's happened is that the maximum number of overlay icons are already being used, check out the following KB and this will explain the issue and show you how to resolve it:

community.sophos.com/.../108784