Install MEE (without the include DB)
Log into machine using my creds / run sync / encrpyted drive
User goes to log on (has previously had a MEE account synced with AD. User is only able to login with his old AD password.
Next day user is unable to logon using old password, MEE is now accepting his current AD password.
Today user goes to login and none of his passwords are accepted. Logged onto machine for user and MEE would onyl accept my passwod used ~6 months ago.
check the client log - it will tell you which way the token is flowing. Most likely the user is provisioned on multiple machines, and they are sending token updates to EEM for distribution.
SBXFER files are only created if you use offline install mode - they are not needed for online mode. No, there's no way to create it again. You only need it once (during install to copy the keys back to EEM) - if you are doing online installs you don't need it at all.
It sounds like you're online though - so using offline mode is totally unnecessary - just get EEPC to send stuff directly over the network to EEM. Offiline install mode is really for people who have zero connectivity.