Cannot delete Active Directory clients in the Symantec Endpoint Protection Manager

Article Id: 178152

Status: Published

Updated On: 16-01-2009 03:24

Legacy Id: TECH98152

Products:

Endpoint Protection

Issue/Introduction:

How to delete clients from the Symantec Endpoint Protection Manager that are no longer in Active Directory

Cannot delete clients from the Symantec Endpoint Protection Manager

Cannot move clients in the Symantec Endpoint Protection Manager

Symptoms
The "Delete Clients" option is greyed out in the Symantec Endpoint Protection Manager

The "Move Clients" option is greyed out in the Symantec Endpoint Protection Manager

Cause:

This functionality is not available for clients synchronized with Active Directory as they are managed by Active Directory not the Symantec Endpoint Protection Manager. The changes must be made within Active Directory itself.

Resolution:

Delete, Move, or otherwise edit the clients in Active Directory, then re-sync the OU that the client(s) belong to in the Symantec Endpoint Protection Manager.

How to re-sync an OU in the Symantec Endpoint Protection Manager:

Log into the Symantec Endpoint Protection Manager
Click on the Clients tab
Right-click the desire OU
Click Sync Now

References
Managed Symantec Endpoint Protection (SEP) Client appears in Default Group instead of Active Directory Organizational Unit (OU) in the Symantec Endpoint Protection Manager (SEPM)

http://service1.symantec.com/support/ent-security.nsf/docid/2009090119133848