Endpoint Encryption

I'm running Endpoint Encryption (v8.2) and forgot to enable Safe Mode Boot Option for registered users. I can create a new installation package for the remaining workstations I have but how to I modify the existing installations? I tried creating a new package and running it, thinking it would just update the existing one but when I ran it, it talked about uninstalling the current install. I exited because I didn't know if that meant it would decrypt the drive as well. What is least painful way to add the option I need?

If it tells you to remove first, I think you didn't add the reinstall="ALL" reinstallmode="vomus" options at the end of the command line.

To upgrade a client without reinstalling, you create a new GPO via the Symantec Management Console which will deploy changes in the same way group policy does.

I created a Native Policy but when I look at SEE Managed Computers the "SEE Unassigned" Group isn't populated with any workstations. I can't see a way to populate it. I created a new Group for managed computers and I can't see how to populate it either. Can you point me in the right direction? I have about 60 workstations encrypted and I can see them under "SEE Users & Computers - AD Directory Computers".

Thanks

Dennis
 

The "SEE unasigned" group will only be populated by PCs that are not on the domain.  Although we have PCs in there that are on the domain but for some reason are not identified as being on the domain, so its not perfect.

For instance, we have a domain that is not part of the same forest, these PCs are listed in there.

If your PCs are not listed in this section, then you cannot use Symantec Policies to change the configuration, you have to use Group Policy.  Likewise you cannot use Group Policy to affect PCs listed in this section.