Hi,
Thank you for posting your query in Symantec community.
1. For pre-boot authentication, can users use their AD accounts to authenticate or do users require to register a separate account?
--> He will have to use AD accounts only, no separate account is required not supported.
(Default) To let users authenticate at preboot and directly access the client computer without authenticating at the Windows logon screen, check Enable Single Sign-On.
To require users to authenticate at preboot as well as at the Windows logon screen, uncheck Enable Single Sign-On.
2. Where can I get more information about the pre-boot feature for SEE?
--> I couldn't find KB articles however here is the landing page to get more info about Symantec Encryption: https://support.symantec.com/en_US/endpoint-encryption.55414.html
In the SEE console, click on Help option to find more details.
3. What's the easiest / best way to add the pre-boot feature to the already deployed workstation clients? Will I need to generate a new install package, decrypt the hard drive and re-install with the new SEE install package?
--> You can push out the new package over the existing package but to confirm it kindly proivde version details first.