I'd be interesting to hear how you end up working this one out.
I'll be tackling the same problem in the next couple months...
I could not think of a good way to implement the EpeTemporaryAutoboot.exe as a "software update" without having it "fail" or not show up at all (as not applicable), so I decided to go a different route and I think it is going to work fairly well.
I've decided to create a scheduled task on each of the computers with encrypted disks. The trigger for the task is the "System Restore" event (EventID=8194) from the Application event log.
Once the task is triggered, it will run a script that I wrote that will:
- Query the event log (using the Win32_NTLogEvent WMI Class) for all System Resource events with a TimeWritten >= to today's date.
- Look for the words "Windows Update" in the Message of the event
- Look to see if SMSCliUI.exe is currently running
- If all the criteria is met, then I know that it is a software update that we are pushing via SCCM and it will run EpeTemporaryAutoboot.exe --number-of-reboots 1
I've created an SCCM Pkg/Prg/Adv to deploy the files and create the scheduled task for me. I've tested this on Win7 x64 - so far it's been working great.