I am doing a demo of Endpoint Encryption 6 with patch 1 and for the life of me could never get SSO to work. It turns out that HIPS has a high severity signature that blocks any changes to the Gina and was preventing the changes needed for SSO to work. The specific signature is 959. I have since put in an exception rule and now SSO is working again. Hopefully this will save some time for anyone else that comes across this issue.