You may want to look at the Out Of Band - Unlock PBA feature available with AMT and EEPC v7.0.
For more information see the https://kc.mcafee.com/corporate/index?page=content&id=PD24140 page 95.
I'm looking for something that would allow an end user to restart their desktop PC from a RDP connection without IT assistance.
The Out of Band looks like something for IT use only. So, the end user would have to call the help desk and be out of luck if they needed to reboot the desktop or if an application crashed and forced an unexprect reboot while working at home outside of help desk hours.
So, McAfee Full Disk Emcryption For PC 7.0 does not have anything that works like Network Location Awareness that exempts PBA as long as the desktop PC is on an approved network?
Is there any option to set PBA for cold boot only and not for a user initiated system restart?
The usage case for this feature does what you are looking for as long as the policy is set in ePO and the users are educated to wait slightly longer due to the need to contact ePO to unlock preboot.
Have a look at the documentation I quoted above, you may also want to have a look at the summary and video available at https://community.mcafee.com/community/business/data/epoenc/blog/2012/12/19/how- to-use-out-of-band-unlock-pba