When synchronizing an OU structure from Activity Directory, there are unwanted user objects imported along with computer objects. With larger environments this can cause a significant delay in processing the sync results into the Symantec Endpoint Protection Manager (SEPM) database.
SEPM AD sync imports both computer and user objects. In very large environments there will be additional processing time required to sync all of the objects with the database.
The latest versions of SEPM can be configured to import only computer objects. To do so, please use the following steps:
Upon the next AD sync, sync'd user objects will be removed from the database, and new user objects will be filtered out.