As you've successfully decrypted the drive from the Management Server, this is clearly in a managed state. Just apply a policy to change the client admin creds.
The below article is an old one but shows how to change the client admin creds. NOTE, if amending via GPO just be aware the client administrators section is under Drive Encryption in SEE11 (there's no ambiguity in the Native Policies, as the client admins section is unavoidable and you'll eventually get to it):
http://www.symantec.com/docs/TECH161649