what about creating a department account in order to login through EEPC and deactivate SSO in order to use just the microsoft credential manager (and login with AD account credentials)
(provided you are using microsoft windows OS)
Eh, we REALLY wanted to do that to keep it simple. Though if the hardware was lost/stolen it'd be pretty easy to social engineer the username/password. We wanted to stick with unique usernames/passwords to be able to resonably demonstrate the the device is secure in the event of loss or theft.
to check the free space, create a custom report in EPO using the "pre-boot storage free space (in bytes)" or "pre-boot storage size (in MB)" values.
New Query -> Managed Systems -> Next -> Table (I had to use table, nothing else would work) -> The colums are located under Endpoint Encryption -Systems section.