No, I did open a case with Gold Support but they were unable to assist. I believe the problem started when the ePO admin switched from pushing updates from ePO to SMS, but I am not positive that was the start of the problem. I also opened a case with Microsoft, because of the use of SMS, and they were able to help some.
I first found that defaulting the local security policy fixed it. Then I found that defaulting them, and re-adding our documented policies fixed it as well which led me to believe it was a rogue, undocumented policy. So I compared policies on fixed and broken machines and noticed the Bypass Traverse Checking. Ive verified that simply adding Everyone to that policy works.