User and group information is uploaded to the Symantec Cloud SWG Portal, but when you check the Auth Connector status under 'Identity / Auth Connector', it randomly switches from connected to disconnected.
The primary cause of this is when the Auth traffic is routed through the IPSec tunnel used to redirect user traffic to the cloud service.
The Auth Connector needs a direct connection to the WSS Portal and the traffic can not be inspected. Create a rule in your firewall that redirects the Auth Connector traffic outside of the IPsec tunnel. For the destination, use the IPs of auth.threatpulse.com, which you can find here.