bpduplicate does not have 'encrypt' option:
C:\> bpduplicate -help
bpduplicate: -npc <new primary copy> -backupid <backup id> [-local] [-client <name>]
bpduplicate: [-dstunit <destination storage unit label>[,<stunit-copy2>,...,<stunit-copyn>]]
[-p] [-pb] [-PM] [-PD] [-v] [-local] [-client <name>]
[-Bidfile <file_name>]
[-st <sched_type>] [-sl <sched_label>] [-L <output_file> [-en]]
[-dp <destination pool name>[,<poolname-copy2>,...,<poolname-copyn]]
[-owner <media_share_grp>[,<share_grp-copy2>,...,<share_grp-copyn]]
[-shost <source host>]
[-policy <name>] [-s mm/dd/yyyy HH:MM:SS] [-e mm/dd/yyyy HH:MM:SS]
[-pt <policy_type>] [-hoursago <hours>]
[[-cn <copy number>] | [-primary]]
[-M master_server] [-altreadhost <hostname>]
[-backupid <backup_id>] [-id <media_id>]
[-rl <retention_level>[,<rl-copy2>,...,<rl-copyn>]]
[-fail_on_error <0 | 1>[,...,<0 | 1>]] [-mtd <MByte threshold>]
[-mpx] [-priority <number>] [-number_copies <number>]
[-set_primary <copy_index>] [-bc_only] [-granular_proxy <hostname>]
[-dcn <destination copy number 1>[,<dcn-copy2>,...,<dcn-copyn>]]
Valid values for sched_type:
FULL, INCR, CINC, UBAK, UARC, NOT_ARCHIVE
Valid values for policy_type:
Standard, Proxy, Non-Standard, Apollo-wbak,
Oracle, Any, Informix-On-BAR, Sybase,
MS-SharePoint, MS-Windows-NT, NetWare,
DataTools-SQL-BackTrack, Auspex-FastBackup,
MS-Windows, OS/2, MS-SQL-Server, MS-Exchange-Server,
SAP, DB2, NDMP, FlashBackup, Split-Mirror,
AFS, DFS, DataStore, Lotus-Notes, Teradata,
OpenVMS, MPE/iX, FlashBackup-Windows,
BE-MS-SQL-Server, BE-MS-Exchange-Server,
Macintosh, Disk Staging, NBU-Catalog,
Generic, CMS-Database, PureDisk-Export,
Enterprise-Vault
Valid values for copy_index:
0 = do not change primary copy(default)
1 = 1st new copy will be primary
2 = 2nd new copy will be primary ...
n = nth new copy will be primary
