Dear Alex,
New users are presented with enrollment wizard.The users are added as authorized users in the server, their PGP folder in documents are created locally as normal, keys are assigned & users are able to encrypt files etc.
However the new users aren't added to WDE. If the machine is rebooted PGP bootguard will accept the PW of the user who is already part of WDE list.
The only user who is added to WDE is the one who was enrolled prior to WDE encryption.
The solution / workaround for this is to add the new user manually to the WDE users list. At this point the user who is already part of WDE list will be required to enter his/her PW.
So my questions still remain unanswered.