So, after some trial and error, we were able to make this work. First, we upgraded from EEPC 6.1 patch 1, to EEPC 6.2. This caused us some trouble, since we had McAfee Host Data Loss Prevention 9.0 installed on the EPO server. We ended up removing DLP completely, then upgrading the EPO server to 4.6 patch 2. After that, we were able to install EEPC 6.2, and log in to encryption using our CACs. So, the only remaining issue is single sign on. For some reason, with our setup, this is no longer working, even though the option is selected in the policy. Does anyone know how to get SSO working with smartcard (CAC) login?
When we log in to encryption with the CAC, we must enter the user name, insert the CAC, then type in the PIN. The machine then boots to Windows. At the Windows logon screen, we must enter the PIN, and our username again (we have the user name hint option enabled via group policy). Then, the machine logs in to Windows, and all is well. However, this must be repeated every single time. Any ideas on how to fix this would be most appreciated.