I'd be interested in seeing this too...I need to have SSO turned off (and as such windows password sync turned off) due to incompatibilities with Imprivata OneSign, so having a way to force EEPC/EPO password sync's would be great.
At the moment, if i change password at pre-boot, most of the time it will sync my password up to ePO, and when encrypting a new device it'll have my updated password...
On other encrypted devices that are connected to the network, it will also usually update my pre-boot password to match too... However this doesn't always happen & these devices will be stuck with my old password...
Not sure what option you are thinking of - can you share a screen shot? The functionality is the same between all the versions though.
Yes, you are right about the times eepc will sync the windows password into the preboot.
If you change the pwd in ad, it won't cause a change on the client until the user has to renter their creds after a failed sso - with cached creds this could be some time later. If you tag the user with a change password request, it will happen as soon as they change their password.
Eepc can only see events which happen on eepc protected endpoints.
Ah! All that's handled by the McAfee agent now for all products. Look up "collect and send props" in kc.mcafee.com - there are lots of articles.