Symantec Endpoint Protection: HOW-TO - Manually Move Client to a Different Group


Article ID: 156654


Updated On:


Endpoint Protection


How to manually move a Symantec Endpoint Protection (SEP) client to a different client group by performing steps on the client-side. 


These steps may prove particularly useful because they allow the client to move after it has already been registered to a SEPM.

The SylinkDrop utility that comes with SEP unfortunately does not move the client when it is already registered.
At that point that utility is only useful for re-establishing communication between the client and SEPM.

NOTE: Before implementing the steps, make sure a basic knowledge of the Windows operating system is required.


1.      Logon to the computer with an administrator privileged account.
2.      Click on Start then Run.
3.      Type smc -stop then press Enter.

  • Wait for the SEP tray icon to disappear before proceeding.

4.      Browse to C:\Program Files\Common Files\Symantec Shared\HWID on x86 computers or C:\Program Files (x86)\Common Files\Symantec Shared\HWID on x64 computers, and delete the sephwid.xml file.
5.      Click on Start then Run.
6.      Type regedit then press Enter.
7.      Browse to the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\SyLink
8.      Open the HardwareID value and delete the data. Click Ok.
9.      If the following additional values exist, delete the data and click Ok for each one:CurrentGroup, CurrentMode and GroupGUID.
10.    Open the PreferredGroup value and replace the data with the path to the new group. Click Ok.

  • Ex. My Company\Desktop\Default\Fri 2pm

11.    Click on Start then Run.
12.    Type smc -start then press Enter.
13.    Allow approximately 30-90 seconds for the client to update. Then check the SEP troubleshooting window under Help & Support to confirm the client is located in the intended group.

Applies To

Symantec Endpoint Protection 11.0.x

The information in this guide is based on version 11.0 RU6 of the product.


1.      The SEP client must be installed, managed and able to communicate with a Symantec Endpoint Protection Manager (SEPM).
2.      The SEP client must remain in the same SEP domain it is currently in.
3.      A local administrator privileged account must be used.
4.      The client group the SEP client is moving to must already exist.