Sean,
Initially after cloning, Get-config responded with a single entry. My guess is this is the GUID from the system upon which the OS was originally built.
After issuing a UWFMGR Volume Protect C: on the clones drive attached to a different CPU/System, I then issue a Get-Config command that responds with 2 entries for C:, the original entry and a new entry with a different GUID.
I then Issue UWFMGR volume unprotect \?\Volume{e35258b2-fd1b-4293-8121-323d96c02042} and reboot. I issue another Get-Config command that responds with 2 entries for C:, the original entry now states "Unprotected" and a new entry states "Protected." The filter now works properly.
From previous research, now lost to me there were command line scripts to clear all this out and auto search and protect all volumes seen by the system. Did this about a year ago and it worked with the side affect of picking up 2 additional partitions that I do not want to protect.
So given that information, I need to know how to manually manipulate the partitions included such that partitions that are redundant or not desired to be on the list used by UWF can be removed. A full sysprep is not desired in our manufacturing scenario, but I can preload a script to be run and then deleted on one of the unprotected partitions.