I'm currently working on our FDE policy for some the road warriors and pondering about the use of the PBA. Windows 7 Sp1 64bit/ZCM 11.2/Novell Client 2 Sp2 Ir1

PBA with SSO:
Pro: More Secure, users only have to login once
Con: When offsite SSO doesn't work as elegantly. We run eDir + Novell FS with the Novell Client, so users need to wait for it to time out, then click 'Novell Login' instead of their username and then select 'Computer Only'. Very unintuitive.

Pro: As secure as above
Con: Users need to login twice

Pro: Completely Seamless
Con: Potentionally less secure.

Is there anything I'm missing? At this stage using the PBA looks to be a bit of a showstopper. I wonder if there are any plans to make the 'Computer Only' part of the novell client a bit more seamless, it is really the only pain point here.