I have EEPC 5.2.5 installed on Windows XP and Windows 7 machines. We could not get the SSO to work on Windows 7 machines without checking the box to "Require logon to Endpoint Encryption". We have now selected that option on all machines, but just noticed that now we have no way of overriding the user if the machine is locked or the password does not work to allow the user back onto their machine.
We have had several issues with the password not synching properly after selecting this option, which could be due to the machine not synching the password previously. We have made several attempts at doing a recovery, but it keeps going back to the login screen. A user recovery seems to fix the issue, but it automatically prompts the user to change their password, which then leads to having to change their AD password or resetting the token and clearing SSO and synching before they reboot.
Can anyone tell me the preferred method of resolving this issue?